Hijacked Please Help
- Thread starter marygg
- Start date
- Status
evilfantasy
Posts: 425 +0
Open HijackThis and select Do a system scan only then place a check mark next to:
O2 - BHO: (no name) - 8@Ï - (no file)
O2 - BHO: BDEX System - {202EBB90-ABD4-46CC-BB5A-4F0ECC67B331} - C:\WINDOWS\ttvbonvgl.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - ¸?Ï - (no file)
O2 - BHO: (no name) - è?Ï - (no file)
O3 - Toolbar: The leosrv - {257F0149-3042-4F1E-97A1-7602460E97EE} - C:\WINDOWS\leosrv.dll (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Close all windows except for HijackThis and click Fix checked
----------
Delete these files/folders, as follows:
* Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):
* Save this as CFScript on the desktop.
* Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
* ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang
----------
Run a new HijackThis scan and post the log please.
Next post
combofix log
New HijackThis log
O2 - BHO: (no name) - 8@Ï - (no file)
O2 - BHO: BDEX System - {202EBB90-ABD4-46CC-BB5A-4F0ECC67B331} - C:\WINDOWS\ttvbonvgl.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - ¸?Ï - (no file)
O2 - BHO: (no name) - è?Ï - (no file)
O3 - Toolbar: The leosrv - {257F0149-3042-4F1E-97A1-7602460E97EE} - C:\WINDOWS\leosrv.dll (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Close all windows except for HijackThis and click Fix checked
----------
Delete these files/folders, as follows:
* Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):
* Save this as CFScript on the desktop.
* Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
* ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang
----------
Run a new HijackThis scan and post the log please.
Next post
combofix log
New HijackThis log
evilfantasy
Posts: 425 +0
Download Superantispyware (SAS) SUPERAntispyware Free Edition
Install it and double-click the icon on your desktop to run it.
* It will ask if you want to Update the program definitions, click Yes.
* Under Configuration and Preferences, click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked:
* On the left check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK.
* Make sure everything in the white box has a check next to it, then click Next.
* It will quarantine what it found and if it asks if you want to reboot, click Yes.
* To retrieve the removal information please do the following:
* Click close and close again to exit the program.
* Please add the log as an attachment along with a new HijackThis log in the next post.
Install it and double-click the icon on your desktop to run it.
* It will ask if you want to Update the program definitions, click Yes.
* Under Configuration and Preferences, click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked:
- Close browsers before scanning
- Scan for tracking cookies
- Terminate memory threats before quarantining.
- Please leave the others unchecked.
- Click the Close button to leave the control center screen.
* On the left check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK.
* Make sure everything in the white box has a check next to it, then click Next.
* It will quarantine what it found and if it asks if you want to reboot, click Yes.
* To retrieve the removal information please do the following:
- After reboot, double-click the SUPERAntiSpyware icon on your desktop.
- Click Preferences. Click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- It will open in your default text editor (such as Notepad/Wordpad).
- Save the notepad file to your desktop by clicking (in notepad) "File" "Save As"
* Click close and close again to exit the program.
* Please add the log as an attachment along with a new HijackThis log in the next post.
- Status
Similar threads
