Hi scalelar,
Thank you.
We're almost through here. Another nasty has now shown it's face--let's see if it will go quietly.
Please copy this page to
Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out these instructions.
********************************************
Reboot into Safe Mode.
-----------------------------------
Open HijackThis>Config>Misc Tools
- Select 'Delete A File on Reboot...'
- Copy/paste the following into the 'file name' field:
C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
Do not reboot yet!
-----------------------------------
Run a scan with HijackThis. Check the following entry:
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
Click
'Fix Checked' and close HijackThis.
-----------------------------------
Delete the following
Folder
C:\Documents and Settings\LWS\My Documents\??sks\??sks\!update-4175.0000 <--
The ?? can be any character. Make sure you're in the location as listed above and if you're not sure you have the correct folder, go ahead and open the folder--it will contain another folder within it ( ??asks ) and the file !!update-4175.0000
-----------------------------------
Reboot into Normal Mode.
-----------------------------------
Run another scan with HijackThis and post the log here.
How is your system behaving now?
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."