|
| ||
| Re: help needed - %$thb$% drive c Hello, pg, yes, that is what i wanted. Please start hijackthis again, select Scan Only, place checkmarks against all the entries listed below that still exist, and then press Fix Checked. O4 - HKLM\..\Run: [bone thunk axis copy] C:\Documents and Settings\All Users\Application Data\pure coal bone thunk\Idol bore.exe O4 - HKLM\..\Run: [Comp about extra bin] C:\Documents and Settings\All Users\Application Data\Roam Program Comp About\Bend exit.exe O4 - HKCU\..\Run: [Sect Real] C:\DOCUME~1\PERFEC~1\APPLIC~1\IDLE01~1\Gplantitype.exe O4 - HKCU\..\Run: [swg] C:\WINDOWS\system32\regsvr32.exe Good, now find and delete these files: C:\Documents and Settings\All Users\Application Data\pure coal bone thunk\Idol bore.exe C:\Documents and Settings\All Users\Application Data\Roam Program Comp About\Bend exit.exe C:\Documents and Settings\PERFECT_GIRL\Application Data\IDLE01~1\Gplantitype.exe -IDLE01~1 is an abbreviation of some folder name, I do not know what, but it commences with IDLE01, and is the only one that starts like that. Please visit the Symantec website and download and run the appropriate removal tool for the version of their antivirus that you once used. Make and post a fresh hijackthis log, please. |
| ||
| Re: help needed - %$thb$% drive c C:\Documents and Settings\All Users\Application Data\pure coal bone thunk\Idol bore.exe C:\Documents and Settings\All Users\Application Data\Roam Program Comp About\Bend exit.exe C:\Documents and Settings\PERFECT_GIRL\Application Data\IDLE01~1\Gplantitype.exe ok I have been do what you want but about this files I told you before I just prees shift and delate and I didn't know how to re sift them I have arlady the mcafee do I need to doloand another one? |
| ||
| Re: help needed - %$thb$% drive c I was just making sure that those files are gone, pg. If you could not find them, that is fine. Some antivirus software, for example Symantec's [and McAfee's too] cannot be simply removed without special software. Your McAfee is fine, no need to touch it, but there are still parts of Symantec remaining on your machine. If you visit the Symantec website you will be able to find and download the correct removal tool which you then run. Would you do this for me please: ==Please copy the text in the box to a notepad [format/wordwrap unchecked] and save as showkey.bat to your desktop; dclick it to run, then post the file showkey.txt reg query "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce" /s >showkey.txtPost the notepad that pops onto your desktop, please. |
| ||
| Re: help needed - %$thb$% drive c ! REG.EXE VERSION 3.0 HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce <NO NAME> REG_SZ ! REG.EXE VERSION 3.0 HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce <NO NAME> REG_SZ ! REG.EXE VERSION 3.0 HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce <NO NAME> REG_SZ that is ok I will download it and I'll tell you what hapenced |
| ||
| Re: help needed - %$thb$% drive c Fine, pg. When you have used that Symantec removal tool could you post a final hijackthis log, please? |
| All times are GMT -4. The time now is 7:16 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC