Adware.Agent.NFX

I'm going to post two sets of instructions below. Each will be enclosed in separate Quote boxes. Make sure to complete the first one 100% before moving on to the second one.

IMPORTANT: Do NOT run any other options until you are asked to do so!
ATTACH THE FIRST LOG NOW BEFORE CONTINUING OR YOU WILL OVERWRITE IT!!!! And then immediately continue on to the below steps.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. BUT Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed.

Now reboot into normal mode and attach this new rapport.txt log here.
Now attach new logs from:

* GetRunKey
* ShowNew
* HJT

How are things working now?

 

Please attach the logs..

 

They are from the Read and Run First sticky ...which should have been followed from the beginning ...though I wanted you to get somewhat clean initially ...so now follow that thread and you will see how to run and attach those logs.

 

That's what we're here for ....attach the logs when you are finished so we can make sure there are no leftover remnants of malware.

 

You downloaded and installed HJT in the exact place we tell you not to do:
C:\Documents and Settings\admin\Desktop\Virus-killer\HijackThis.exe

It should be:
C:\Program Files\HijackThis\analyse.exe ---> note that it must be renamed!

Use add/remove programs to uninstall:
J2SE Runtime Environment 5.0 Update 10"
J2SE Runtime Environment 5.0 Update 11"
J2SE Runtime Environment 5.0 Update 6"
J2SE Runtime Environment 5.0 Update 9
Viewpoint Media Player

You have Counterspy installed ...did you run it and did you have it fix all that it found? I'd like to see the log from that also.

What do you mean by:

What exactly happened?

At the moment I am not seeing much in the way of malware that we haven't already addressed....tell me what is happening.

Please attach a new log for HJT after you re-install and re-name it. And the Counterspy log, also.

 

Not a problem ....you are looking pretty good...so I just want to see the HJT log when you can get to it.

Glad to hear most things are cleared up!

 

Old Java versions make your system vunerable to attacks ....

 

Your logs look clean. You may uninstall any programs we had you download (including CounterSpy, etc).

You may wish to install a startup manager ....

If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
* Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
7. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
8. If you are running Windows XP or Windows ME, do the below:
* go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
* Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
* How to Protect yourself from malware!

 

You're welcome.....as to your brother ..the more the merrier!!