Hello, Paul14.
Open up the ewido program again.
- The program will prompt you to update, click the "OK" button
- The program will now go to the main screen
You will need to update ewido to the latest definition files.
- On the left hand side of the main screen click update
- Click on Start
The update will start and a progress bar will show the updates being installed. After the updates are installed, exit ewido.
Now, open up HijackThis again, Do a system scan only, and when it finishes, place a check before the following lines if present:
O4 - Global Startup: MSCOMM32.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
Then make sure ALL windows are closed except HijackThis and hit the "Fix checked" button.
You may want to print out the following instructions as you will not have internet access from Safe Mode:
Now, boot the computer into Safe Mode.
Click here for instructions on how to boot into Safe Mode.
In Safe Mode, navigate to C:\WINDOWS\System32 and delete the file named
sistray.exe if present.
Now, click "Start", then click on "Search", then click "All files and folders". Then click "More advanced options". Place a check in the boxes by "Search system folders", "Search hidden files and folders", and by "Search subfolders". Now, in the top box, type in
MSCOMM32.EXE and hit the "Search" button. Let it search the system and when it finds the file, right-click on that file only and then click "Delete". Then click "Yes" to confirm the file deletion.
Still in Safe Mode, open ewido again.
Note: Do not open any other windows or programs while Ewido is scanning as it may interfere with the scanning process.
- Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
- Ewido will now begin the scanning process. Be patient this may take a little time.
Once the scan is complete do the following:- If you have any infections you will prompted, chose to have ewido fix them, then select "Apply to all actions"
- Next select the "Reports" icon at the top.
- Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your desktop.
- Close Ewido and reboot your system back into Normal Mode.
Run HijackThis again from Normal Mode now, and this time save a logfile and post it back here along with the ewido report that you saved. I need to see the entire ewido report.