Please download Ewido-Free Download: ewido
Install and update it. Do not scan
Run Hijackthis and place a check beside each of the following. Once you have checked them, click fix checked.
O2 - BHO: System Process - {C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB} - C:\WINDOWS\system32\navshext1.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
Next, please reboot your computer in Safe Mode by doing the following:
Restart the computer.
As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears
Using the arrow keys on the keyboard, select Safe mode and then press Enter.
Delete the following files or folders (delete item in bold). Please do not be concerned if
any of the items are not found as they may have been automatically removed by actions I had
you take earlier in the cleaning process.
Open Folder Options in Controlpanel >view and check your settings:
Select
Show hidden files and folders
Display the contents of system folders
Uncheck: Hide protected operating system files
Delete:
Files:
C:\WINDOWS\system32\navshext1.dll
Doubleclick the "drweb-cureit.exe" and click "ok" in the prompt window that will open , asking "start the express scan now".
It will first make a quick scan of your system, let it clean what it find, and when it says "done" in the lower left corner click on the drive you want to scan . A red dot will mark the selected drive(s) . Then hit the green arrow in lower right corner
It will now scan your drive(s), say yes to all
Run full scan with Ewido
Click on scanner
Click on Complete System Scan and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop.
Now close ewido security suite.
Reboot to normal mode
Post new hijackthis log, and tell how things are running
Regards - Touch
|