Hello milkfolwers. I have reviewed your HijackThis log and have a suggested handling.
You will probably want to print out these instructions or copy them to Notepad as most of the handling will be done in Safe Mode and you will not have internet access from there.
First, open up ewido anti-malware and do the update function. Then close ewido.
Next, download CleanUp! from
here. Save it to your desktop. Don't run it yet.
Now, open up HijackThis again and click on "Do a system scan only".
When it finishes, put a check before the following lines:
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd7.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
Now, close ALL windows except HijackThis and hit the "Fix checked" button.
Now let's set Windows to show all files:
To enable the viewing of Hidden files follow these steps:
1. Close all programs so that you are at your desktop.
2. Double-click on the "My Computer" icon.
3. Select the "Tools" menu and click "Folder Options".
4. After the new window appears select the "View" tab.
5. Put a checkmark in the checkbox labeled "Display the contents of system folders".
6. Under the Hidden files and folders section select the radio button labeled "Show hidden files and folders".
7. Remove the checkmark from the checkbox labeled "Hide file extensions for known file types".
8. Remove the checkmark from the checkbox labeled "Hide protected operating system files".
9. Press the "Apply" button and then the "OK" button and shutdown My Computer.
10. Now your computer is configured to show all hidden files.
Because XP will not always show you hidden files and folders by default,
Go to Start > Search and under "More advanced search options".
Make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders"
Now reboot into Safe Mode. (If you're not sure how to do this, click this link):
http://www.bleepingcomputer.com/tutorials/tutorial61.htmlNext, using Window's explorer and/or search function, navigate to and delete the files listed in
bold below if they are found to exist. Delete ONLY the part in
bold.
C:\windows\
winsysupd7.exe
winlog.exeNow run ewido anti-malware:
Click on "Scanner"
Click on "Complete System Scan" and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
Select "none" as the action. Check "Perform action with all infections".
Once the scan has completed, there will be a button located on the bottom of the screen named Save report - click it.
Save the report.txt file to your desktop.
Now close ewido anti-malware.
Warning: While the scan is in progress, DO NOT open any folders or the Windows Control Panel !!
Now run the CleanUp! program that you downloaded:
Double-click on the icon.
Hit the "CleanUp!" button.
When the report window indicates that it has finished, hit the "Close" button. It's that simple.
Reboot into Normal Mode, run HijackThis again, and paste the new HijackThis log and the ewido log back to this thread. (You may have to split in into two or more posts if the log is real long.)
doc_esb