OK, found another one.
First uninstall Spysweeper, we don't need it and it may try to block any fixes we do.
Remember to turn off Zone Alarm before running The Avenger.
Now download
The Avenger By Swandog46, and save it to your Desktop.
* Extract avenger.exe from the Zip file and save it to your desktop
* Run avenger.exe by double-clicking on it.
* Check the
Input script manually box.
* Click on the Magnifying Glass Icon which will open a new window titled
View/edit script
* Copy everything in the Quote box below, and paste it in the box that opens:
Registry keys to delete:
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1B202102-FE38-11cf-64CD-21FF5FE1CF20}
Files to delete:
C:\WINDOWS\system32\ztinetzt.exe
Note: the above quote was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system
* Now click the '
Done' button.
* Click on the
Green Light and
OK the prompt.
* You will be prompted to restart, click
OK at the prompt and your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at
C:\avenger.txt
The Avenger will automatically do the following:
* It will
Restart your computer. (In cases where the code to execute contains
"Drivers to Unload", The Avenger will actually restart your system twice.)
* On reboot, it will briefly
open a black command window on your desktop, this is normal.
* After the restart, it
creates a log file that should open with the results of Avenger's actions. This log file will be located at
C:\avenger.txt
* The Avenger will also have
backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
Please
attach the
C:\avenger.txt in your next post.
----------
Create a Startup List
1. Open HijackThis and select
Open the Misc Tools section
2. Click on the button which says
Generate StartupList log
3. Click
Yes when prompted and a notepad document will open.
4. Save the log to the desktop and attach it in the next post.
----------
Create An Uninstall List
1. Start
HijackThis
2. Click on the
Open the Misc Tools section
3. Click on the
Open Uninstall Manager button.
4. Click on the
Save list button and specify where you would like to save this file. When you press
Save button a notepad will open with the contents of that file.
5. Save it to your
desktop
6. Add the
uninstall_list.txt as an
attachment in the next post.
----------
Next post please attach
avenger.txt
Startup list
Uninstall list
----------
After those are attached.
This one will not produce a log, but you can let me know what was found. (if anything)
Download CounterSpy V2 CounterSpy is a 15 day full featured evaluation.
1. Double click the installer on the desktop
2. After Counterspy is installed and you have restarted your computer (if prompted), double-click the icon on
your desktop to begin the install.
3. The Getting Started setup wizard opens. The wizard will guide you through the initial steps needed to configure CounterSpy.
**
When the Activate Now prompt appears just click Next
To scan you computer
1. Click
System Scan on the main page. The
System Scan page opens.
2. Set the scan options on the left side of the page. We recommend selecting
Full System scan.
3. Click
Scan Now. CounterSpy starts scanning your computer. After the scan is complete, the
CounterSpy System Scan Results summary window opens.
4. Review the summarized information, then click
View Results. You return to the System Scan
results page.
To take action against a security risk
1. Select a security risk.
2. Make a selection from the
Recommended Action drop down menu next to it and select
Remove
**
Select Remove in all menus
3. Check the
Create restore point option. This will create the Windows backup (useful in case something goes wrong). Then press
Take Action
4. Now CounterSpy will ask you to confirm your actions. Press
Yes within the window that appeares. This will start the removal process.
5. The program may need to reboot your computer.
Clicking Yes if prompted is highly recommended.