Well, I thought I'd catch you before you went offline...no worries. Please perform this fix, and include in your next reply the Uninstall list I asked for in my previous post. Get the Uninstall list after you perform this fix, please.
Before begining the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
---------------------------------------------------------------------------------------------
I have attached a file to this post -
kill.zip Download this file to your desktop. Double click on the zip folder, then double click on the reg file within. Click yes to allow it to merge into your registry.
---------------------------------------------------------------------------------------------
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.
---------------------------------------------------------------------------------------------
Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:
Cowabanga by OIN
Winantivirus2006
Java 2 Runtime Environment, SE 1.4.2_03
Java 2 Runtime Environment, SE 1.4.2_06
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
---------------------------------------------------------------------------------------------
Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist
(make sure you do not miss any) and click
Fix Checked
O2 - BHO: (no name) - {268EA422-6D1A-4617-B96D-2E9A9AB20DC7} - C:\WINDOWS\system32\pmnnl.dll (file missing)
---------------------------------------------------------------------------------------------
Go to Start>Run then copy and paste, or type the following, then press Enter:
regsvr32 /u occache.dll
Delete these if present:
c:\windows\downloaded program files\gdnUS2339.exe
C:\Documents and Settings\Andy\Local Settings\Application Data\2f672dd5.exe
C:\Program Files\Cowabanga
C:\WINDOWS\system32\stera.exe
Go to Start>Run then copy and paste, or type the following, then press Enter:
regsvr32 occache.dll
---------------------------------------------------------------------------------------------
Restart in normal mode.
---------------------------------------------------------------------------------------------
Establish an internet connection & perform an online scan with Internet Explorer at
Kaspersky Online Scanner
Answer Yes, when prompted to install an ActiveX component.
- The program will then begin downloading the latest definition files.
- Once the files have been downloaded click on NEXT
- Locate the Scan Settings button & configure to:
- Scan using the following Anti-Virus database:
- Scan Options:
- Scan Archives
- Scan Mail Bases
- Click OK & have it scan My Computer
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
* Turn off the real time scanner of any existing antivirus program while performing the online scan
---------------------------------------------------------------------------------------------
Open Hijack This and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
---------------------------------------------------------------------------------------------
Please return with results from:
Kaspersky
HJT
Uninstall list
How is your system behaving now, please?