Home Search Assistant/Windows ME

Yes! I have worked a few people thru it. But it is not going to be easy. The first suggestion though would be to see if you can go back to a System Restore point pre-dating where the infection occurred. If you have already disabled system restore, the look process is the only option other than re-installing you WinME system.

Please see the guidelines and things to do first here. And then post (as a text attachment) your HijackThis log.

*****IMPORTANT*****: Do not try to fix anything after posting and do not reboot your PC or shutdown. Otherwise what is in your log will not be useful to me because it will mutate upon reboot. You can disconnect from the internet but do not reboot. That way your HijackThis log will still be the same as what I will be referring to.

 

Hi,
Once you view the log file, you can choose file, save as. Save it somewhere you can easily find, like on your desktop. In a new post, look below the typing area for a button that says "manage attachments". You can use that to browse to where you saved it, then click upload

 

HijackThis defaults to saving the file with a .LOG extension. All you have to do is use Windows Explore and find the file you saved and right click on it. Then choose rename and change the extension from .LOG to .TXT

So for example, if you have hijackthis.log, rename it to hijackthis.txt.

You could have done that right in HijackThis when you first saved your log.
All you have to do is change it to All File Types and then change the file name to hijackthis.txt and save it.

You cannot upload .log files here.

 

About:Buster just updated minutes ago, author tells me it works in ME

http://www.majorgeeks.com/download4289.html

 

That's good new Major!

srl, give about:buster a run. See the instructions on the above link. While it is geared towards about:blank problems, it is also useful for HSA problems. If you still have problems after that. Then post the HJT log I asked for.

 

You are still infected with HSA. Even though the R0 & R1 lines do not show in your log right now. They will come back. You still have some executables related to it running. And there is another bad DLL (msopt.dll - a different issue but it appears on a lot of PC infected with HSA).

If you can kill these two processes first:
C:\WINDOWS\SDKFO32.EXE
C:\WINDOWS\WINPK32.EXE

you may be able to get rid of this problem. I doubt Task Manager will kill them. Get Process Explorer here and use it two kill those to processes and then do the below.

Try booting to safe mode and running about:Buster at least two more times and then reboot to normal mode and send another HJT log attachment.