Hi , need some help if possible. Have run adaware , spybot and full Panda virus scan but still have a problem. Laptop runs very slow and hot, can't use the browser etc. Have reinstalled xp as a last resort.
There is a new and improved version of AdAware that you need to have installed on your computer. The new version is AdAware SE
If you have AdAware already installed on your system and it's NOT SE go to your Control Panel and click on Add/Remove Programs. Click on AdAware and then REMOVE and then just complete the removal process.
Once it's un-installed download the FREE version of AdAware SE. Once it's downloaded double click on the new file to start the install process.
Click Next>I accept>Next>Next> then be sure and put a dot in the bullet for Anyone Who uses this computer and then click Next>Next>
In the next dialog box remove the dot in the bullets "Start Scan" and also "Launch Help Files" and click Finish
Now if the program doesn't launch double click on the icon that should now be on your desktop to start AdAware SE
Now click on the button for Check for Updates
If updates are found click on the OK button and after it downloads to 100% click on the Finish button.
Click the Start Button
Click on the link for Customize
in the Main Window under Scan Settings
click on the red X in front of Scan within archives to change it to a green check
Then click on the button on the left labeled Advanced
click on the red X in front of Move deleted files to Recycle Bin to change it to a green check
click on the red X in front of Include Environment Information to change it to a green check
Then click on the button on the left labeled Defaults
click on the Read current settings from system
Then click on the button on the left labeled Tweak
Click on the (+) in front of Scanning Engine to expand the group
click on the red X in front of Obtain Command line of scanned processes to change it to a green check
click on the red X in front of Run scan as background process to change it to a green check
click on the red X in front of Use permanent archive caching to change it to a green check
Click on the (+) in front of Cleaning Engine to expand the group
click on the red X in front of Disable manual quarantine if auto-quarantine is selected to change it to a green check
Click on the (+) in front of Safety Settings to expand the group
click on the red X in front of Reanalyze results after scanning . . . to change it to a green check
click on the red X in front of Write protect system files after repair to change it to a green check
Click on the (+) in front of Log File to expand the group
click on the red X Create Log File for removal operations to change it to a green check
Click on the (+) in front of User Interface to expand the group
click on the red X Remember window positions to change it to a green check
click on the red X Snap windows to desktop borders to change it to a green check
click on the red X Use gridlines in results list to change it to a green check
Click on the (+) in front of Web Update Settings to expand the group
click on the red X Create and save WebUpdate log file to change it to a green check
Click on the (+) in front of Misc settings to expand the group
click on the red X Dump details about unhandled exceptions to disk to change it to a green check
Then click on the button at the bottom right labeled Proceed then click the Next button to start scanning.
Once the scan is complete you'll have a flashing Bug and a brief sound to indicate scanning is complete and Adware is found. Click on the Next and then click on each of the empty boxes to the left of the found items under SCAN SUMMARY. Then hit the Next button. Then OK. This should clean your system of all the found nasties. When it's complete simply close the program until your next scan session. Always ALWAYS check for updates before very scan.
# Reboot
# Post us a fresh HijackThis log afterwards
Run the scans rebooting between scans and after last scan and post a new Highjackthis log please. Info for Hijackthis at below link. Thanks.
Neal, many thanks. I already had AdawareSE installed - I have updated to the latest sig file and implemented all of teh options you suggest. have rerun hijack program and re-attached log (have to do ot this way as problem PC won't conect to teh Internet via a browser).
Problem PC is much better but iexplore wont connect to teh internet - always get "Page can't be displayed" - although I am able to ping the web sites and Panda etc can download files. Also, PC is still running very hot.
As far as the temperature that sounds like a fan/cooling problem which would require someone going inside your computer and replaceing it.
If you have to you can burn these fix programs to disk or floppy and bring them to your computer from an uninfected computer.
Make sure you can see hidden files.
In Windows XP
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK. After you're cleaned, please "rehide" them again.
Next,
Download the Intermute stand-alone version of CWShredder from here: cwshredder.net/bin/CWShredder.exe
Install it and check for updates then exit, we will use it later.
Unzip it to its own DESKTOP folder, right click open area on the desktop, click new, the new folder, name the folder Aboutbuster . It is VITAL that it be unzipped.
Please open/run the program and check for updates. After you update it exit.
Do not run the actual scan/fix until instructed below.
Disconnect from the internet, pull the wire unscrew the cable what ever you have to do to not have any physical connection to the computer
Scan with Hijackthis again and put a check next to these items and making sure all browser windows are closed before clicking fix.
O2 - BHO: Class - {137D9D58-DEAC-510D-3DD5-BE1236A710B2} - C:\WINDOWS\apigp.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
Again make sure all browser windows are closed and click FIX
Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Now, run About:Buster at least 3 or 4 times.
Next, run both CWShredder
-Click on the: ‘Fix’ Button on the first one and let it run, then click on fix for the second one and let it finish.
-Follow the prompts, and press OK
Now navigate to these file(s) thru WINDOWS EXPLORER and delete them please: If Found
C:\WINDOWS\system32\nbzbg.dll
It is recommended that you do a couple of things after a serious infection.
Just to be sure.
Go to Start > Run and type: CLEANMGR.EXE and hit enter.
When prompted select the C: drive and click ok.
Check the boxes for:
Temporary Internet Files
Downloaded Program Files
Recycle Bin
Temporary Files
Click OK or Enter
Make sure you are set to normal startup. Click Start -> Run -> Type Msconfig -> Press Enter -> make sure Startup is set to Normal Start
Post a new HJT log for further review
One other thing:
Why don't you download Firefox browser and use it thru this fix and maybe that will help. Burn it to disk if you have to.
Hi , thansk again for your help - we're emoving forward.
Iexplore now runs without the virus although now wont conect to the internet at all (although can ping web sites so I know that the connection and name translation ok) .
Am going to try and reinstal IE - any other ideas?
Newbie
