Mauserme,
I guess I was meant to take my wifes PC to the shop
Sorry to be so long responding. Like many others I was unable to log in. Avant (an IE shell), Opera, Firefox - nothing worked. I could see that DavidR and Tech were logged in but I couldn't . Maybe they will share their secrets with me.
Anyway, if you are able to boot the machine at all, we need to take a very deep look a things which we can do with a WinPfind log.
Download
WinPFind3u.exe to your Desktop and double-click on it to extract the files. It will create a folder named
WinPFind3u on your desktop.
- Close ALL OTHER PROGRAMS.
- Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
- Under Additional Scans click the checkboxes in front of the following items to select them:
Non-Microsoft Only
Reg - BotCheck
- Now click the Run Scan button on the toolbar.
- Let it run unhindered until it finishes.
- When the scan is complete Notepad will open with the report file loaded in it.
- Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the
Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not
< End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts.
I would also loke you to run SDFix:
Download
SDFIX and save it to your desktop.
Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
In Safe Mode, right click the SDFix.zip folder and choose "Extract All",
Open the extracted folder and double click "RunThis.bat" to start the script.
Type Y to begin the script.
It may remove Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files.
When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log.