5
Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
---------------------------------------------------------------------------------------------
Download AVG Anti Spyware
Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"
![]()
When you have finished updating, EXIT AVG Anti Spyware. Do Not run a scan just yet, we will shortly.
---------------------------------------------------------------------------------------------
Download and install CleanUp!
NOTE: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!. Do NOT run this program if you have XP Professional 64 bit edition. If you're unsure please do not run it! If you don't already know, you're probably not using XP64, but you can download & run this tool to find out for sure.....http://www.kellys-korner-xp.com/regs_edits/xp_whichcpu.exe
---------------------------------------------------------------------------------------------
Please Download NoLop to your desktop from one of the links below...
Link 1
Link 2
Link 3 We'll use this shortly.
---------------------------------------------------------------------------------------------
This next bit is Optional, but recommended....as are all the instructions in purple pertaining to Boonty Games. See this link for explanation
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad. Save it as "All Files" and name it FixServices.bat. Please save it on your desktop.
---------------------------------------------------------------------------------------------
This next bit is to attack the source of your popups, and is not optional.
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.
---------------------------------------------------------------------------------------------
Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:
Boonty Games
See this link for explanation
---------------------------------------------------------------------------------------------
Run a scan in HijackThis. Check each of the following and hit 'Fix checked' if they still exist (make sure not to miss any):
O4 - HKLM\..\Run: [Soft close five junk] C:\Documents and Settings\All Users\Application Data\idle drv soft close\SectHeck.exe
O4 - HKCU\..\Run: [DefaultProc] C:\DOCUME~1\Jamie\APPLIC~1\SIZEBA~1\2flawwait.exe
Close HijackThis now.
---------------------------------------------------------------------------------------------
Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Also make sure there is no checkmark beside Hide file extensions for known file types
* Click Yes to confirm and then click OK.
---------------------------------------------------------------------------------------------
Delete the following if they exist:
C:\Documents and Settings\All Users\Application Data\idle drv soft close
C:\Documents and Settings\Jamie\Application Data\SIZEBA~1<<<this will be a folder which begins with SIZEBA
C:\Program Files\Common Files\BOONTY Shared (If you chose to perform the optional fix)
---------------------------------------------------------------------------------------------
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):
Press the CleanUp! button to start the program. Do NOT Reboot/logoff when prompted.
* CleanUp! will not create any backups!!
---------------------------------------------------------------------------------------------
Run AVG Anti-Spyware with it's updated definitions
...it's important that all windows must be closed)
Restart in normal mode.
---------------------------------------------------------------------------------------------
Download fl.zip
Extract the contents to a new folder on your Desktop.
Within the folder, locate & double-click fl.bat.
It should produce a report at c:\findlop.txt. Post the contents of the report in your next reply
Perform an online scan with Internet Explorer with Panda ActiveScan
![]()
* Turn off the real time scanner of any existing antivirus program while performing the online scan
---------------------------------------------------------------------------------------------
Run a new HijackThis scan. Save the log file and post it here.
---------------------------------------------------------------------------------------------
Please return with logs from:
NoLOP
AVG Anti-Spyware
findlop.txt
Panda
HJT
Have you run a recent full system scan with your ActiveVirusShield, with updated definitions?
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
---------------------------------------------------------------------------------------------
Download AVG Anti Spyware
Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"
- Install AVG Anti Spyware
- Double-click the icon on Desktop to launch AVG
- On the top of the main screen click Shield
- Click the word active to change it to inactive
- On the top of the main screen click Update.
- Then click on Start Update. The update will start and a progress bar will show the updates being installed.
- Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
- Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
- Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"
When you have finished updating, EXIT AVG Anti Spyware. Do Not run a scan just yet, we will shortly.
---------------------------------------------------------------------------------------------
Download and install CleanUp!
NOTE: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!. Do NOT run this program if you have XP Professional 64 bit edition. If you're unsure please do not run it! If you don't already know, you're probably not using XP64, but you can download & run this tool to find out for sure.....http://www.kellys-korner-xp.com/regs_edits/xp_whichcpu.exe
---------------------------------------------------------------------------------------------
Please Download NoLop to your desktop from one of the links below...
Link 1
Link 2
Link 3 We'll use this shortly.
---------------------------------------------------------------------------------------------
This next bit is Optional, but recommended....as are all the instructions in purple pertaining to Boonty Games. See this link for explanation
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad. Save it as "All Files" and name it FixServices.bat. Please save it on your desktop.
Double click FixServices.bat. A window will open and close. This is normal.
---------------------------------------------------------------------------------------------
This next bit is to attack the source of your popups, and is not optional.
- First close any other programs you have running as this will require a reboot
- Double click NoLop.exe to run it
- Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>> - When scanning is finished you will be prompted to reboot only if infected, Click OK
- Now click the "REBOOT" Button.
- A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.
---------------------------------------------------------------------------------------------
Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:
Boonty Games
See this link for explanation
---------------------------------------------------------------------------------------------
Run a scan in HijackThis. Check each of the following and hit 'Fix checked' if they still exist (make sure not to miss any):
O4 - HKLM\..\Run: [Soft close five junk] C:\Documents and Settings\All Users\Application Data\idle drv soft close\SectHeck.exe
O4 - HKCU\..\Run: [DefaultProc] C:\DOCUME~1\Jamie\APPLIC~1\SIZEBA~1\2flawwait.exe
Close HijackThis now.
---------------------------------------------------------------------------------------------
Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Also make sure there is no checkmark beside Hide file extensions for known file types
* Click Yes to confirm and then click OK.
---------------------------------------------------------------------------------------------
Delete the following if they exist:
C:\Documents and Settings\All Users\Application Data\idle drv soft close
C:\Documents and Settings\Jamie\Application Data\SIZEBA~1<<<this will be a folder which begins with SIZEBA
C:\Program Files\Common Files\BOONTY Shared (If you chose to perform the optional fix)
---------------------------------------------------------------------------------------------
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):
- Empty Recycle Bins
- Delete Cookies
- Delete Prefetch files (if present)
- Cleanup! All Users
- Click on the Temporary Files tab and uncheck the box for Scan drives for files matching if it’s checked.
Press the CleanUp! button to start the program. Do NOT Reboot/logoff when prompted.
* CleanUp! will not create any backups!!
---------------------------------------------------------------------------------------------
Run AVG Anti-Spyware with it's updated definitions
...it's important that all windows must be closed)- Click Scanner
- Click on the Scan tab
- Click Complete System Scan to begin scanning.
Once the scan is complete do the following: - If you have any infections you will prompted, then select "Apply all actions"
- Once finished, click the Save report button, then click Save Report As and save it to your desktop. (make sure to remember where you saved that file, this is important).
Restart in normal mode.
---------------------------------------------------------------------------------------------
Download fl.zip
Extract the contents to a new folder on your Desktop.
Within the folder, locate & double-click fl.bat.
It should produce a report at c:\findlop.txt. Post the contents of the report in your next reply
Perform an online scan with Internet Explorer with Panda ActiveScan
- Click on
located at the bottom of the page.
![]()
- A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
- Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on
then click
![]()
![]()
* Turn off the real time scanner of any existing antivirus program while performing the online scan
---------------------------------------------------------------------------------------------
Run a new HijackThis scan. Save the log file and post it here.
---------------------------------------------------------------------------------------------
Please return with logs from:
NoLOP
AVG Anti-Spyware
findlop.txt
Panda
HJT
Have you run a recent full system scan with your ActiveVirusShield, with updated definitions?
