*Configure your machine to view hidden files:
- Click Start.
- Open My Computer..
- Select the Tools menu and click Folder Options.
- Select the View Tab.
- Under the "Hidden files and folders" heading select Show hidden files and folders.
- Uncheck the Hide Protected Operating System Files Option.
- Click Yes to confirm.
- Click OK.
*I see you have P2P
software ( BitTorrent, DNA (installed with bittorrent)
) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page
will give you further information.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
References for the risk of these programs are here
, and here
I would strongly recommend that you uninstall it, however that choice is up to you. If you choose to remove this program, you can do so via Control Panel >> add/remove programs
If you decide to uninstall the p2p applications, also delete these Folders
if they still exist:
c:\documents and settings\Administrator\Application Data\BitTorrent
c:\documents and settings\Administrator\Application Data\DNA
c:\documents and settings\Administrator\Application Data\BitTorrent DNA
*delete this leftover folder:
c:\documents and settings\Administrator\Application Data\Kazaa Lite
*While both Tea timer and SpyBot are closed
Right click here
and click save link as
Save it as resetteatimer.bat
to your desktop
- Run Spybot-S&D
- Go to the Mode menu, and make sure "Advanced Mode" is selected
- On the left hand side, choose Tools -> Resident
- Uncheck "Resident TeaTimer" and OK any prompts
- Restart your computer.
Double click on resetteatimer.bat
and wait for it to finish
Since it will not be needed again delete ResetTeaTimer.bat.
You may turn the Tea timer back on via SpyBots' tools> resident page when your computer is clean.
Note: If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
*Open notepad and copy and paste next present in the quotebox below in it:
(don't forget to copy and paste REGEDIT4)
Save this as fix.reg
Choose to save as *all files and place it on your desktop.
It should look like this:
Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.
*Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
- Download the latest version of Java Runtime Environment (JRE) 6 Update 11.
- Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 11".
- Click the "Download" button to the right.
- For Platform, select "Windows"
- For language, select your language
- Read the License agreement and then Check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement".
- Click Continue
- Click on the link to download Windows Offline Installation and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Examples of older versions in Add or Remove Programs:
- J2SE Runtime Environment 5.0 Update 6
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u11-windows-i586-p.exe to install the newest version.
- After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
- On the General tab, under Temporary Internet Files, click the Settings button.
- Next, click on the Delete Files button
- There are two options in the window to clear the cache - Leave BOTH Checked
- Applications and Applets
Trace and Log Files
- Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
- Click OK to leave the Temporary Files Window
- Click OK to leave the Java Control Panel.
Next, it's important to run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:
Using Internet Explorer or Firefox, visit https://www.kaspersky.com/kos/eng/par...avwebscan.html
, when prompted to download and install the program files and database of malware definitions.
To optimize scanning time and produce a more sensible report for review:
- Close any open programs
- Turn off the real time scanner of any existing antivirus program while performing the online scan
at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes.
- Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
- Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
- Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
- Click View scan report at the bottom.
- Click the Save as Text button to save the file to your desktop so that you may post it in your next reply
On your next reply, please include a
- Fresh DDS log (do not run the optional scan)
- kaspersky scan log