Hi ya ejr5033
No worries that has happened to me before as well
We are nearly there just a couple of things to do
Upload this file
C:\WINDOWS\system32\re324224.exe
to
http://virusscan.jotti.org and report back what it found.
At the top of the window you should see "File to Upload & scan" and a blank box. Copy and paste the red text from above into the box. Then click "submit".
When it is finished, please copy and paste the information listed under "Service" and "Scanner Results" here.
**If the site is too busy, upload it to
http://www.virustotal.com/en/indexf.html
=================
Run a scan with HiJackThis & select/tick the following & click "Fix checked" :
O2 - BHO: (no name) - {D785E699-0B52-41EB-954C-0C5AE809A6B8} - (no file)
O2 - BHO: (no name) - {FFF29BE4-24AC-4E31-B99B-45238B764111} - (no file)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) -
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) -
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O20 - Winlogon Notify: opnnkih - C:\WINDOWS\
Please remember to close all other windows, including browsers then click Fix checked. If you have any problems boot into safe mode and run HJT from there
Then run a scan with
HiJackThis (in NORMAL mode) and
post the log in your next reply
===============================================