Virus/Spyware problems.

Status
Not open for further replies.
log

Howard, will do, thanks for changing title. Almost didn't find it when logging on.

New log attached from Normal mode. Babs1
 
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Viewpoint
Viewpoint Toolbar V35

Close control panel.

Run HJT with no other programmes open(except notepad). Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sparkpeople.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavili on&pf=laptop

R3 - URLSearchHook: (no name) - {CF490793-3A68-4931-9C10-A29A856D36F3} - (no file)

O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Viewpoint

Reboot into normal mode and turn system restore back on.

Post a fresh HJT log.


Regards Howard :)
 
Viewpoint

Howard,
I did log and the items that you listed where not on there. I do remember seeing R3 and 08 in the Normal mode. Also, you said Take out Viewpoint. Well that is listed under C:/Programs and it is a folder and when I click on it , it has Viewpoint Media Player and all the files under it. Will that take out my Media Player as that file is also on my Desktop computer (which I am writing on now). Before I give you log I am still in safe mode on my laptop. Babs1
 
The Viewpoint programme is nasty and should be deleted.

Delete the entire Viewpoint folder. This has nothing to do with Windows media player.

Regards Howard :)
 
log

Howard , here is the log. Also this is on the Desktop, in fact quite a few of the Viewpoint is on there. Do I just go to ADD/Remove Program and delete (my desktop right now has no problems) all the Viewpoints , and also on the C:/Program. I had no idea that was a nasty. There are kids on both computers downloading music and web sites so I probably have alot on both of nasties. Thanks, Babs1
 
Well done. your HJT log is now clean.

As I stated earlier, go to add remove programmes in your control panel and uninstall anything to do with Viewpoint.

Delete anything on your desktop to do with Viewpoint. These are more than likely just shortcuts anyway.

As far as I`m concerned, your system is now clean.

Regards Howard :)
 
log

Thanks Howard,
I went to Desktop and took out Viewpoint in Add and Remove but when I went to C:/Program and saw the Viewpoint and tried to delete it , it came back with: Cannot delete; AXMETASTREAM.dll, Access is denied. Make sure disk is not full or writer protected and file is not currently in use.

If there is a solution to that let me know. I am going to get some zz's but will check back in a few hours. Thanks for all the help for the laptop. Babs1
 
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.


Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Click start/run and type regsvr32 /u AXMETASTREAM.dll into the run box and press the enter key. Note the space between the 2 and the forward slash and again between the u and AXMETASTREAM.dll.

Run HJT and click on the config button, then the misc tools button. Click on the delete file on reboot button and browse to the AXMETASTREAM.dll file. Click on the file and click open. You will be prompted to reboot your system, click yes.

Once your system has rebooted, the AXMETASTREAM.dll file should have been deleted.

Regards Howard :)
 
error log

Howard,
Thanks for the help on the Desktop. Will try it and see what happens later today.
Before I left my Laptop and after you looked at last log, I went to IE to click on Web Site just to see what would happen (remember I did install FireFox to use) and the IE ERROR box opened. So I clicked off "Don't Send" and opened another Web Site and it happened again. I quess having a clean log still doesn't get rid of THIS particular error box. Do you think that my laptop will have to have everything taken off and than reinstall Windows XP? What does System Restore do? I sure don't want to put everything on CD and than reinstall. I know I am suppose to backup my files in case of crash but I have no idea how to do that and my Laptop has alot on it.
Thanks, Babs1
 
Once you`ve deleted the AXMETASTREAM.dll file see how it goes. If you still have problems with IE, you might want to try doing a windows repair as per this thread HERE.

Maybe that will sort out your IE problem.

Regards Howard :)
 
think your best bet is to just do a full reinstall of windows and re-format the HD, then first thing, get on the internet with IE and go to download.com or someother download site and get the latest version of FireFox
 
Ie

Thanks guys. Will probably have to do re-install. And I did get latest version of FireFox. I am also going to install it on desktop computer. Thanks again. Babs1
 
Status
Not open for further replies.
Back