Tech Support Forum - View Single Post

**Glaswegian** · 12-09-2006, 10:43 AM

Hi Cathy

Click on the zip file attached to this post to open and extract the file cathy.reg to your desktop. Do not run it yet.

Reboot
Reboot your system in Safe Mode.

Restart the computer. The computer begins processing a set of instructions known as BIOS.
After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key)
Instead of Windows loading as normal, a menu should appear
Use the arrow key to highlight Safe Mode and press Enter.

Registry Fix
Double click on the file cathy.reg to run it. Answer yes to any prompts and allow it to merge into the Registry.

File Deletions
Delete the following Files indicated in RED if they still exist.

C:\WINDOWS\system32\mi2.exe
C:\WINDOWS\system32\mi1.exe
C:\WINDOWS\system32\80020AEA00.sys
c:\windows\\system32\_mzu_stonedrv8.exe

Reboot
Reboot your system in Normal Mode.

Please run combofix again, just as you did the last time.

Online Scan
Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky WebScanner

Next Click on Kaspersky Online Scanner

A Welcome screen will appear - click 'Accept' at the bottom. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:

Scan using the following Anti-Virus database:

Extended

Scan Options:

Scan Archives
Scan Mail Bases

Click OK

Now under select a target to scan: Select My Computer

This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.

Now click on the Save as Text button:

Save the file to your desktop.
Copy and paste that information in your next post.

Take note of the name(s) and location(s) of any file(s) it detects but fails to clean.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

Please post back with the Kaspersky Log and a fresh HijackThis Log. Please also let me know how your system is performing now and if you have any specific problems. In order to provide you with the best possible help, please ensure that HijackThis logs are produced only while in Normal Mode.

12-09-2006, 10:43 AM	#22 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,566 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Hi Cathy Click on the zip file attached to this post to open and extract the file cathy.reg to your desktop. Do not run it yet. Reboot Reboot your system in Safe Mode. Restart the computer. The computer begins processing a set of instructions known as BIOS. After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key) Instead of Windows loading as normal, a menu should appear Use the arrow key to highlight Safe Mode and press Enter. Registry Fix Double click on the file cathy.reg to run it. Answer yes to any prompts and allow it to merge into the Registry. File Deletions Delete the following Files indicated in RED if they still exist. C:\WINDOWS\system32\mi2.exe C:\WINDOWS\system32\mi1.exe C:\WINDOWS\system32\80020AEA00.sys c:\windows\\system32\_mzu_stonedrv8.exe Reboot Reboot your system in Normal Mode. Please run combofix again, just as you did the last time. Online Scan Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky WebScanner Next Click on Kaspersky Online Scanner A Welcome screen will appear - click 'Accept' at the bottom. You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Extended Scan Options: Scan Archives Scan Mail Bases Click OK Now under select a target to scan: Select My Computer This will program will start and scan your system. The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button: Save the file to your desktop. Copy and paste that information in your next post. Take note of the name(s) and location(s) of any file(s) it detects but fails to clean. * Turn off the real time scanner of any existing antivirus program while performing the online scan Please post back with the Kaspersky Log and a fresh HijackThis Log. Please also let me know how your system is performing now and if you have any specific problems. In order to provide you with the best possible help, please ensure that HijackThis logs are produced only while in Normal Mode. __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner Last edited by Glaswegian; 03-27-2008 at 04:12 PM.