Blind Dragon
Posts: 3,774 +4
Ok,
First go to Start -> run -> type cmd -> press enter
At the prompt -> type ipconfig /all -> click the icon at the top left -> edit -> select all
Click the icon again -> edit -> copy
paste the log here
=======================================
Remove bad HijackThis entries
=================================================
Go to start -> control panel -> add/remove programs -> uninstall:
Hijackthis
=================================================
Please download the OTMoveIt3 by OldTimer.
Paste the log from ipconfig and attach here the OTMoveit log
Then I want you to redownload a fresh copy of hijackthis now that we deleted the backups and run a fresh scan - attach this new log here as well
First go to Start -> run -> type cmd -> press enter
At the prompt -> type ipconfig /all -> click the icon at the top left -> edit -> select all
Click the icon again -> edit -> copy
paste the log here
=======================================
Remove bad HijackThis entries
- Run HijackThis
- Click on the System Scan Only button
- Put a check beside all of the items listed below (if present):
O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O20 - Winlogon Notify: fin42u - C:\WINDOWS\
O20 - Winlogon Notify: tuvVPfeE - C:\WINDOWS\
- Close all open windows and browsers/email, etc...
- Click on the "Fix Checked" button
- When completed, close the application.
=================================================
Go to start -> control panel -> add/remove programs -> uninstall:
Hijackthis
=================================================
Please download the OTMoveIt3 by OldTimer.
- Save it to your desktop.
- Please double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
- Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code::Processes explorer.exe :Reg [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fin42u] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvVPfeE] :Files C:\Program Files\Trend Micro :Commands [purity] [emptytemp] [start explorer] [Reboot]
- Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt3
Paste the log from ipconfig and attach here the OTMoveit log
Then I want you to redownload a fresh copy of hijackthis now that we deleted the backups and run a fresh scan - attach this new log here as well