I have a downloader virus as found by Norton. It's file name is igfien.dll though I know the name probably doesn't matter. Norton won't quarantine it, nor will it delete it. I also followed the instructions to delete it by disabling system restore, and restarting in safe mode. Once in safe mode, it still wouldn't delete and said it was being used by something and to close what it was being used by and try deleting again. Does that mean I should disable stuff on startup and then try to delete it ? I recently made a profile on myspace and since I have been visiting there I started getting pop ups from things called winpro2006, partypoker, and things like that. I feel this downloader is causing these pop ups though I'm probably wrong. I have Spybot Search and Destroy and Adaware- and run them weekly, Zone Alarm, and a constantly updated Norton virus program. I also downloaded and ran Spy Sweeper within the last week. Any help would be appreciated. Thanks.

You will need to close/quit all web browser programs and disconnect from the Internet for much of the following, so you should print out these instructions or save them into a text file with Notepad.

1. Download the (free) HijackThis utility. Once downloaded, create a folder for HJT outside of any Temp/Temporary folders and move the HijackThis.exe file to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.
Do not run the program yet.


2. Download ewido Anti-spyware (30-day trial version) - http://www.ewido.net/en/download/


To Install and Configure ewido:

• Close all other Applications and then run the ewido installer
• Select language click Ok
• Click I Agree
• Click next
• Click Install
• Click Finish
• Wait Ewido will open main screen automatically.
• Wait again a few minutes and Ewido Should Auto update itself. If it doesn't click update at top of screen.
• It is very important to get the updates
• When updating has finished, close Ewido.

* Reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, a menu with options should appear;
• Select the first option, to run Windows in Safe Mode, then press "Enter".
• Log in to the Administrator account.

* Open Ewido

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.
• Close Ewido.

* Reboot normally.

* Run HijackThis, but do not have HJT fix anything yet; only have it scan your system! Once the scan is complete, the "Scan" button will turn into an option to "Save log...".
Save the log in the folder you created for HijackThis; the saved file will be named "hijackthis.log".

* Open the HijackThis log file with Windows Notepad, and cut-n-paste the entire contents of the Notepad file here. Also post the contents of the ewido report file.


-