It is possibly in the system restore folder. More info is required. Operating System etc.
Try these tools too: Download & instal Adaware from here
& update it B4 scanning.
In settings under 'scanning,' have it set to
'scan within archives,'
'scan active processes,'
'scan registry,'
'deepscan registry'
'scan my IE Favourites for banned URL's,'
'scan my host's file.'
In 'tweaks' under 'scanning engine' set it to 'unload recognised processes during scanning.'
Also in 'tweaks' under 'cleaning engine' set it to 'Automatically try to unregister objects prior to deletion' & 'let Windows remove files in use at next reboot.'
Select 'activate in-depth scan' before starting scan.
When the scan is finished select 'next.'
Remove what it finds by placing a check in the box to the left of the object. Reboot
Download & instal Spybot S&D from here Update it B4 scanning. Go into settings & have it check for Beta releases also & download if available.
After the scan is complete, have spybot fix everything marked RED.
On the page that first opens when you start Spybot there is an option to immunise, you should do this. In the immunise section there is also a link to download Spywareblaster. This program will prevent the install of bad activex controls that it has knowledge of. Download that & you can keep it updated by selecting the same link that you use to download it. Reboot
Go here for an on-line scan & set it to autoclean for you.
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Download HijackThis from here & unzip it into it's own, permanent folder, (Not a temporary folder or the desktop & not directly on your hard drive).
If you have anything disabled in MsConfig, please re-enable it/them.
Start HJT & with all browser windows closed, press the scan button. When the scan is finished the scan button will change to save. Save the log to a text file, copy the entire contents of the text file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
As long as hijackthis.exe is in it's own, permanent folder, that's fine. If it's in a temp folder it is unable to create backups, or they can be lost. If on the desktop, it will be littered with backups. If directly on the hard drive, ie; C:\hijackthis.exe the same applies with having backups spread all over the show.
Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' :
Cannot get any data on this one, so if you do not recognise it, go ahead & fix it.
O4 - HKCU\..\Run: [getuname] C:\WINDOWS\System32\getuname.exe
Reboot into safe mode following the instructions here & navigate to & delete the following if found:
C:\WINDOWS\System32\getuname.exe< file
Reboot normally after doing the above then post a fresh log plz.
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Very possible that it was using your bandwidth up. Log looks ok now.
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
![http://webpages.charter.net/versatilcreations/images/06_18_04.jpg[/IMG]](http://webpages.charter.net/versatilcreations/images/06_18_04.jpg%5B/IMG%5D){kind=link}
![http://webpages.charter.net/versatilcreations/images/caution06_19_04.jpg[/IMG]](http://webpages.charter.net/versatilcreations/images/caution06_19_04.jpg%5B/IMG%5D){kind=link}