HJT Check please - Computer Support Forums

jakethepeg · 01-08-2008, 11:28 PM

Logfile of HijackThis v1.99.1
Scan saved at 23:15:31, on 01/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL | HP
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search - Web Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search - Web Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search - Web Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Yahoo! Search - Web Search
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebRe...F783AA&LF=blue
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

**maynardvdm** · 01-08-2008, 11:47 PM

Hi

Welcome to Free PC Help.

We dont offer support on HijackThis logs at the moment but you can do these steps:

Your computer could be infected with Malware.

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.
It is a combination of the words malicious and software.
The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Required Cleanup Steps
1. Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled
2. Run a Temporary file and cache cleaner (ATF)
3. Run 2 Anti-Malware scanners (Listed Below)
4. Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below)
5. Clear out old System Restore points
6. If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested.

The reason to run multiple scanners is to ensure that no single scanner is missing something.
The time it takes will vary depending on your system and your internet connection speed.
Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes.
The ESET online scan should take between 1 to 3 hours.
In most cases, these scans will suffice to clean and disinfect your computer.
Heavily infected systems or slower PCs can take much longer to scan and clean.

For best results print the following instructions and bookmark this Web page
To keep this guide printer-friendly, use your cursor to highlight the contents below.
From your browser select File - Print and in the printer dialog box under "Print range"
click the Selection choice to print out these instructions for removal of malware.

__________________________________________________

STEP 1
Disable Spybot Search & Destroys' TEA TIMER: (if installed)
Run Spybot-S&D in Advanced Mode.

If it is not already set to do this Go to the Mode menu select "Advanced Mode"

On the left hand side, Click on Tools

Then click on the Resident Icon in the List

Uncheck "Resident TeaTimer" and OK any prompts.

Restart your computer.

__________________________________________________

STEP 2
Follow these instructions carefully.

Download ATF-Cleaner from Snapfiles.com to remove un-needed temporary files from your computer that may contain malware.

You can also download it from Majorgeeks.com

When you run ATF-Cleaner, check the items as shown below for Main.

For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox

NOTE: If you don't have FireFox or Opera installed then they will be grayed out and can be ignored

Then click on "Empty Selected".

.

__________________________________________________

STEP 3
Install and run the free version (not the Professional version) of SUPERAntiSpyware from SUPERAntiSpyware.com
Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files.

You do not have to send them your e-mail address, just click next.

You can leave the automated check for updates on.

You can uncheck "Send a diagnostic report to research center" if you don't want to send the information.

DO NOT allow SUPERAntiSpyware to protect your Home Page settings.

On the Top Left select the Scan your computer button.

Make sure there is a CHECK MARK on all Fixed Drives.

Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so.

__________________________________________________

STEP 4
Install and run Malwarebytes' Anti-Malware from Malwarebytes - (direct download)
Accept all defaults for the installer

Allow the program to update the definitions

Click on the Quick Scan and click Next.

If any items are found allow it to clean them and then Reboot your computer.

__________________________________________________

STEP 5
Run an online scan with ESET from Free Virus Scan: Use ESET's Online Antivirus Scanner
You must use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan.

If your computer is running Window's Vista, then you must first start Internet Explorer as an Administrator. To do so, right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator" from the popup context menu.

Accept the terms and click "Start".

Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications".

Click "Start" to begin the scan.

When completed restart your computer

__________________________________________________

Make sure your internet firewall security is enabled, and then please return to Free PC Help and tell us how the computer seems to be operating.
At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted.

01-08-2008, 11:28 PM	#1 (permalink)
jakethepeg Status: Free PC Help New Member Join Date: Aug 2008 Posts: 6 Operating System: Windows XP - Home Edition PC Experience: PC Illiterate	HJT Check please Logfile of HijackThis v1.99.1 Scan saved at 23:15:31, on 01/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\arservice.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL \| HP R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search - Web Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search - Web Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search - Web Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Search - Web Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Yahoo! Search - Web Search R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebRe...F783AA&LF=blue R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = .local O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

01-08-2008, 11:47 PM	#2 (permalink)
maynardvdm Status: Administrator Join Date: Feb 2007 Location: South Africa Posts: 3,016 Operating System: Windows XP and Windows 7 PC Experience: Always learning	Hi Welcome to Free PC Help. We dont offer support on HijackThis logs at the moment but you can do these steps: Your computer could be infected with Malware. Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Required Cleanup Steps Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled Run a Temporary file and cache cleaner (ATF) Run 2 Anti-Malware scanners (Listed Below) Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below) Clear out old System Restore points If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested. The reason to run multiple scanners is to ensure that no single scanner is missing something. The time it takes will vary depending on your system and your internet connection speed. Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes. The ESET online scan should take between 1 to 3 hours. In most cases, these scans will suffice to clean and disinfect your computer. Heavily infected systems or slower PCs can take much longer to scan and clean. For best results print the following instructions and bookmark this Web page To keep this guide printer-friendly, use your cursor to highlight the contents below. From your browser select File - Print and in the printer dialog box under "Print range" click the Selection choice to print out these instructions for removal of malware. __________________________________________________ STEP 1 Disable Spybot Search & Destroys' TEA TIMER: (if installed) Run Spybot-S&D in Advanced Mode. If it is not already set to do this Go to the Mode menu select "Advanced Mode" On the left hand side, Click on Tools Then click on the Resident Icon in the List Uncheck "Resident TeaTimer" and OK any prompts. Restart your computer. __________________________________________________ STEP 2 Follow these instructions carefully. Download ATF-Cleaner from Snapfiles.com to remove un-needed temporary files from your computer that may contain malware. You can also download it from Majorgeeks.com When you run ATF-Cleaner, check the items as shown below for Main. For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox NOTE: If you don't have FireFox or Opera installed then they will be grayed out and can be ignored Then click on "Empty Selected". . __________________________________________________ STEP 3 Install and run the free version (not the Professional version) of SUPERAntiSpyware from SUPERAntiSpyware.com Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files. You do not have to send them your e-mail address, just click next. You can leave the automated check for updates on. You can uncheck "Send a diagnostic report to research center" if you don't want to send the information. DO NOT allow SUPERAntiSpyware to protect your Home Page settings. On the Top Left select the Scan your computer button. Make sure there is a CHECK MARK on all Fixed Drives. Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so. __________________________________________________ STEP 4 Install and run Malwarebytes' Anti-Malware from Malwarebytes - (direct download) Accept all defaults for the installer Allow the program to update the definitions Click on the Quick Scan and click Next. If any items are found allow it to clean them and then Reboot your computer. __________________________________________________ STEP 5 Run an online scan with ESET from Free Virus Scan: Use ESET's Online Antivirus Scanner You must use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan. If your computer is running Window's Vista, then you must first start Internet Explorer as an Administrator. To do so, right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator" from the popup context menu. Accept the terms and click "Start". Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications". Click "Start" to begin the scan. When completed restart your computer __________________________________________________ Make sure your internet firewall security is enabled, and then please return to Free PC Help and tell us how the computer seems to be operating. At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted. __________________ We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. RaidMax Smilodon Gaming Case \| Intel E7200 Core 2 Duo @ 3.0GHz with ASUS Arctic Square Cooler \| 2GB RAM \| 9800GT 512MB GDDR3 Register for FREE >>here<< \| If we have helped you, please consider a donation >>here<< SAS \| MBAM \| WinPatrol \| Avira \| ERUNT \| Nvidia Drivers

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

LinkBacks (?) LinkBack to this Thread: http://www.freepchelp.co.uk/forum/security-questions-av-firewalls-etc/3313-hjt-check-please.html
Posted By	For	Type	Date
Dimsntfy (dimsntfy.dll) Process Information	This thread	Refback	05-08-2008 03:42 AM
Late breaking news at Computer Repair Toronto -	This thread	Pingback	02-08-2008 02:29 AM