Run
Cleanup! using the following configuration:
1. Click Options...
2. Set the slider to
Standard CleanUp!
3.
Uncheck the following:
- Delete Newsgroup cache
- Delete Newsgroup Subscriptions
- Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Do
NOT reboot/logoff when prompted.
Launch
KillBox.exe & select the following
options:
Select all the filenames listed below & then right-click & select Copy
- C:\WINDOWS\system32\msaconfig.exe
C:\found.000\dir0116.chk\0289073D
C:\found.000\dir0116.chk\04D70BCE
C:\found.000\dir0116.chk\0FB1677D.mpg
C:\found.000\dir0116.chk\2AA92B84
C:\found.000\dir0116.chk\3B6C4AEF.htm
C:\found.000\dir0116.chk\41131D60.tmp
C:\found.000\dir0116.chk\44D133DF.exe
C:\found.000\dir0116.chk\4ABF0537
C:\found.000\dir0116.chk\6C9313BB
C:\mmxeyn007.exe
C:\System Volume Information\
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\J419G6MI\defrag[1].exe
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\J419G6MI\mmxeyn007[1].exe
C:\WINDOWS\system32\i
* Go to the File menu, and choose
Paste from Clipboard
* Click the
RED X button.
* Click Yes at the Delete on Reboot prompt.
* Click Yes at the 'Pending Operations prompt'.
After you have rebooted, fix these with HijackThis:
O4 - HKLM\..\Run: [Microsft Configure 32] msaconfig.exe
O4 - HKLM\..\RunServices: [Microsft Configure 32] msaconfig.exe
O4 - HKCU\..\Run: [Microsft Configure 32] msaconfig.exe
Do another Kaspersky scan & post the resultant report with a new HJT log
__________________
Question - what have you done for the community today?