Sdktf - program performed illegal operation

Unknown

I am not sure what this is...it continually comes up in double. I cannot get into a certain program. I ran an antivirus program which found a few virus's but did not fix this problem. Any help would be greatly appreciated. Thank you

Details>>SDKPU caused an invalid page fault in
module KERNEL32.DLL at 015f:bff7b997.
Registers:
EAX=00000000 CS=015f EIP=bff7b997 EFLGS=00000246
EBX=10042708 SS=0167 ESP=0064e84c EBP=0064e888
ECX=10084750 DS=0167 ESI=10042708 FS=3997
EDX=bffc9490 ES=0167 EDI=00000000 GS=0000
Bytes at CS:EIP:
ff 76 04 e8 26 89 ff ff 5e c2 04 00 56 8b 74 24
Stack dump:
10084750 1001c255 10042708 00000000 00774168 10000000 1001cb23 00000000 1001cbb8 10000000 00000000 00000000 00000000 10000000 81955874 0064ea50

zero-counter

KERNEL32.DLL at 015f:bff7b997 is a "behavior by design" error. The problem is the software which is being pointed out. Check for any updates/new releases of the software in question.

BlackHawk

From the search results I've seen on Google, it looks malicious (spyware, virus or trojan) so I'm gonna move this to SVT forum.

http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=Sdktf
http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=SDKPU

Trogan

Create a new folder in your C: and name it HJT

Download a program called HijackThis (HJT) from HERE

Save and unzip HJT to your new folder

Open HJT and click the Do a system scan and save a logfile button

Post the entire contents from Notepad here

zero-counter

Black Hawk wrote:

From the search results I've seen on Google, it looks malicious (spyware, virus or trojan) so I'm gonna move this to SVT forum.

http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=Sdktf
http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=SDKPU

The only thing I see wrong with that, is that I did the same search and read almost everyone on of those links on the first page. None of the issues revolved around the SDKPU entry, although it was listed by the HJT log. Thread started, please tell us what this program is that you are trying to run. Thanks!

BlackHawk

zero.counter wrote:

The only thing I see wrong with that, is that I did the same search and read almost everyone on of those links on the first page. None of the issues revolved around the SDKPU entry, although it was listed by the HJT log. Thread started, please tell us what this program is that you are trying to run. Thanks!

I think that if it were an actual program, there would be atleast one result out of all of those that explains what the program/file is. I see none.

zero-counter

Black Hawk wrote:

I think that if it were an actual program, there would be atleast one result out of all of those that explains what the program/file is. I see none.

sharpshot wrote:

I am not sure what this is...it continually comes up in double. I cannot get into a certain program.

...possibly a software development kit process???

sharphot

---- the entire contents from Notepad ----

Logfile of HijackThis v1.99.1
Scan saved at 11:49:26 PM, on 1/16/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTSMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SDKTF.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SDKPU.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLTRAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MSN GAMING ZONE\ZONE.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTPSPD.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\UNZIPPED\HIJACKTHIS_199\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fastsearcher.cc/sh.php?qq=aol&pin=37049&v0=52
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Class - {935DEE51-F0FB-AF23-521F-2560A5DECF49} - C:\WINDOWS\NTAH.DLL
O2 - BHO: Class - {13AF610F-11F9-1AF3-779B-C19B937033C0} - C:\WINDOWS\APPDG.DLL
O2 - BHO: Class - {5EB74E03-7600-3EA3-21DB-872A5DFC7FF8} - C:\WINDOWS\SYSTEM\IEKX.DLL
O2 - BHO: (no name) - {0E6473FB-D9B4-19A9-D4CE-4D7DC99ED735} - (no file)
O2 - BHO: (no name) - {31504A42-7F23-2B60-97E8-0A7435E36855} - (no file)
O2 - BHO: (no name) - {95C6CC09-197A-2E0B-08A2-31A543B88320} - (no file)
O2 - BHO: (no name) - {B37338CB-DC89-F6A6-BA8B-AEF4D740566E} - (no file)
O2 - BHO: (no name) - {DB06787B-2045-D916-3202-65FD324FC7C1} - (no file)
O2 - BHO: (no name) - {21E850CF-5A09-0AF5-66B1-F1F5DB1DC8BB} - (no file)
O2 - BHO: Class - {2A430ACA-ED6A-208B-0435-15092905F511} - C:\WINDOWS\SYSTEM\CRXJ.DLL
O2 - BHO: (no name) - {D568DDED-7500-602D-6BF9-043432F9AA26} - (no file)
O2 - BHO: (no name) - {661A0FC8-69C3-8038-391D-4ECDFC6481A7} - (no file)
O2 - BHO: (no name) - {8BD0FF9B-9B7E-0F04-16C4-8198CD27EA1A} - (no file)
O2 - BHO: (no name) - {A71541C9-7D45-2FBA-207E-491FF47AB062} - (no file)
O2 - BHO: (no name) - {2F6A395E-4263-AF79-3434-4B1090AC8C51} - (no file)
O2 - BHO: Class - {6A5175A3-61E8-04E2-F0D7-734877AC5D1E} - C:\WINDOWS\D3WE.DLL
O2 - BHO: (no name) - {6FB03079-36B5-765F-685F-8E0CC22ABC7E} - (no file)
O2 - BHO: (no name) - {FC35EBB2-2368-89D6-D32C-AA6D6D7E7E4F} - (no file)
O2 - BHO: Class - {3C71515D-BD4E-2600-3366-5E88EB58BB2D} - C:\WINDOWS\APIWH32.DLL
O2 - BHO: (no name) - {9FB0381D-D25C-F484-99A9-8C6573A394E2} - (no file)
O2 - BHO: Class - {181A1CC9-E0A9-1743-63C4-EA94D6A6CDFB} - C:\WINDOWS\IEOG.DLL
O2 - BHO: (no name) - {57E092D9-D78D-97B1-8BE6-594F8C707DE0} - (no file)
O2 - BHO: (no name) - {F8EDE460-57DB-9DCC-3D26-CB63116BF8B9} - (no file)
O2 - BHO: (no name) - {39C153BE-6DEE-827D-1729-1E8A455ADFCB} - (no file)
O2 - BHO: Class - {DEB1926F-4037-16A7-F96D-6A4F3957A8D1} - C:\WINDOWS\SYSTEM\WINFV.DLL
O2 - BHO: Class - {1302E13C-B2E6-4C8C-5FF5-4CF6F791F3F3} - C:\WINDOWS\ATLNM.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SDKPU.EXE] C:\WINDOWS\SDKPU.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\RunServices: [AOL TopSpeedMonitor] C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SDKTF.EXE] C:\WINDOWS\SYSTEM\SDKTF.EXE /s
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\PROGRAM FILES\AMERICA ONLINE 9.0B\AOL.EXE" -b
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinner.com/games/v46/wof/wof.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinner.com/games/v40/freecell/freecell.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

sharphot

The message comes up when I start my computer. It now continually appears every few minutes.

zero-counter

sharphot wrote:

The message comes up when I start my computer. It now continually appears every few minutes.

Does this error appear when you are in the safemode? If not, then try disabling everything using the msconfig utility. The, one-by-one re-enable every startup task. Since the SDKPU.exe is referenced, try disabling that first and see what happens.

If the problem is corrected, then you would need to delete the startup entry from registry. Run regedit then go to...HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg and delete the SDKPU.exe entry.

Reboot the system normally and lets hear what happens. Run the EWIDO and it might find this...Trojan.Agent.bi. This was a result from another forum

There are some spyware suggestions as to what should be done first...but here I go...
Download Ewido Security Suite

* Install Ewido Security Suite
* When installing, under "Additional Options" uncheck..
o Install background guard
o Install scan via context menu
* Double-click the icon on Desktop to launch Ewido

You will need to update Ewido to the latest definition files.

* On the left hand side of the main screen click update.
* Then click on Start Update.

The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

WOW, no windows updates...anti-spyware/virus software?? AOL is also kicking your arse..

sharphot

This site is awesome. Thank you all for your replies.
I will do more work on my problem tonight.
As soon as this is corrected I am switching to Comcast. Aol is hard to leave considering years worth of "favorites" and "filing cabinet" entries.
I have alot to learn about computers. Thanks again for the help.

sharphot

Ewido Security Suite needs Windows 2000 and above to be installed.
Yes...I have Windows 98. Wow we never had a computer problem
(with the exception of AOL) until a Compaq help desk personal advised us to remove Norton Anti-virus stating "it takes over your computer". Maybe we will just reformat the C drive; reinstall everything using Compac instead of Aol.

Trogan

Hi,

Sorry for the delay.

Can you do the following:


1)
Download CCleaner and install it. EXIT for now


2)
Please download Ad-Aware SE and install it.

If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.

- Run Ad-Aware, and click Check for updates now.

- Select Configurations (click the Gear wheel at the top) as follows:

• General Button > Safety & Settings: Check (Green) all three.
• Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Click Proceed.

- EXIT for now


3)
Download CWShredder from here. Save it to a convenient location. Do NOT run a scan yet


4)
You may want to print these instructions or save them as you'll have no internet connection once in Safe Mode

Go into Safe Mode - explained here

ONCE IN SAFE MODE

5)
View Hidden Files and Folders

• Open My Computer.
• Select the View menu and click Options
• Select the View Tab.
• Select the Show all files Radio Button.
• Click OK.

6)
Open CWShredder and click the FIX button. Close ALL browsers first. Run the scan twice


7)
Run HiJackThis then:

1. Click "Open the Misc Tools Section"
2. Click "Open Process manager"

-

Next, while holding down the CTRL key, locate (if present) and click on (highlight) each of the following:

C:\WINDOWS\SYSTEM\SDKTF.EXE
C:\WINDOWS\SDKPU.EXE

Now double-check and make sure that only those item(s) above are highlighted, then click "Kill process". Now, click "Refresh", check again, and repeat this step if any remain


8)
- Open HijackThis
- Click the Do a system scan only button
- Check the following entries (below)
- Close ALL open windows
- Click Fix Checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\octzg.dll/sp.html#55135%
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\octzg.dll/sp.html#55135%

R3 - Default URLSearchHook is missing

O2 - BHO: Class - {935DEE51-F0FB-AF23-521F-2560A5DECF49} - C:\WINDOWS\NTAH.DLL
O2 - BHO: Class - {13AF610F-11F9-1AF3-779B-C19B937033C0} - C:\WINDOWS\APPDG.DLL
O2 - BHO: Class - {5EB74E03-7600-3EA3-21DB-872A5DFC7FF8} - C:\WINDOWS\SYSTEM\IEKX.DLL
O2 - BHO: (no name) - {0E6473FB-D9B4-19A9-D4CE-4D7DC99ED735} - (no file)
O2 - BHO: (no name) - {31504A42-7F23-2B60-97E8-0A7435E36855} - (no file)
O2 - BHO: (no name) - {95C6CC09-197A-2E0B-08A2-31A543B88320} - (no file)
O2 - BHO: (no name) - {B37338CB-DC89-F6A6-BA8B-AEF4D740566E} - (no file)
O2 - BHO: (no name) - {DB06787B-2045-D916-3202-65FD324FC7C1} - (no file)
O2 - BHO: (no name) - {21E850CF-5A09-0AF5-66B1-F1F5DB1DC8BB} - (no file)
O2 - BHO: Class - {2A430ACA-ED6A-208B-0435-15092905F511} - C:\WINDOWS\SYSTEM\CRXJ.DLL
O2 - BHO: (no name) - {D568DDED-7500-602D-6BF9-043432F9AA26} - (no file)
O2 - BHO: (no name) - {661A0FC8-69C3-8038-391D-4ECDFC6481A7} - (no file)
O2 - BHO: (no name) - {8BD0FF9B-9B7E-0F04-16C4-8198CD27EA1A} - (no file)
O2 - BHO: (no name) - {A71541C9-7D45-2FBA-207E-491FF47AB062} - (no file)
O2 - BHO: (no name) - {2F6A395E-4263-AF79-3434-4B1090AC8C51} - (no file)
O2 - BHO: Class - {6A5175A3-61E8-04E2-F0D7-734877AC5D1E} - C:\WINDOWS\D3WE.DLL
O2 - BHO: (no name) - {6FB03079-36B5-765F-685F-8E0CC22ABC7E} - (no file)
O2 - BHO: (no name) - {FC35EBB2-2368-89D6-D32C-AA6D6D7E7E4F} - (no file)
O2 - BHO: Class - {3C71515D-BD4E-2600-3366-5E88EB58BB2D} - C:\WINDOWS\APIWH32.DLL
O2 - BHO: (no name) - {9FB0381D-D25C-F484-99A9-8C6573A394E2} - (no file)
O2 - BHO: Class - {181A1CC9-E0A9-1743-63C4-EA94D6A6CDFB} - C:\WINDOWS\IEOG.DLL
O2 - BHO: (no name) - {57E092D9-D78D-97B1-8BE6-594F8C707DE0} - (no file)
O2 - BHO: (no name) - {F8EDE460-57DB-9DCC-3D26-CB63116BF8B9} - (no file)
O2 - BHO: (no name) - {39C153BE-6DEE-827D-1729-1E8A455ADFCB} - (no file)
O2 - BHO: Class - {DEB1926F-4037-16A7-F96D-6A4F3957A8D1} - C:\WINDOWS\SYSTEM\WINFV.DLL
O2 - BHO: Class - {1302E13C-B2E6-4C8C-5FF5-4CF6F791F3F3} - C:\WINDOWS\ATLNM.DLL

O4 - HKLM\..\Run: [SDKPU.EXE] C:\WINDOWS\SDKPU.EXE
O4 - HKLM\..\RunServices: [SDKTF.EXE] C:\WINDOWS\SYSTEM\SDKTF.EXE /s

O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/instal...sinstaller.cab


9)
Find and Delete following, if found

C:\WINDOWS\octzg.dll << this file
C:\WINDOWS\NTAH.DLL << this file
C:\WINDOWS\APPDG.DLL << this file
C:\WINDOWS\D3WE.DLL << this file
C:\WINDOWS\APIWH32.DLL << this file
C:\WINDOWS\IEOG.DLL << this file
C:\WINDOWS\ATLNM.DLL << this file

C:\WINDOWS\SDKPU.EXE << this file
C:\WINDOWS\SYSTEM\SDKTF.EXE << this file

C:\WINDOWS\SYSTEM\WINFV.DLL << this file
C:\WINDOWS\SYSTEM\CRXJ.DLL << this file
C:\WINDOWS\SYSTEM\IEKX.DLL << this file


10)
Run CWShredder one more time to make sure nothing got left behind


11)
Open Ad-Aware SE

To start the scan, Click > "Scan Now" at left

• Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
• Select "Search for low-risk threats"
• Select "Perform full system scan"
• Click Next

4) When the scan has completed, select Next.

• In the Scanning Results window, select the "Critical Objects" tab.
• Right-click on the screen and choose "Select all objects"
• Click Next to remove the infections found, and click OK to the prompt.
• Close Ad-Aware

12)
The following step is important as you may have several malware files in your temp directories.

Browse to the C:\documents and settings\Your User Name (repeat for all other user names in documents and settings)\local settings\temp folder and delete all files and folders in it.

Then browse to the C:\Window\Temp folder and delete all files and folders in it.

Then in internet explore click tools>internet Options>General. Click on Delete Files make sure you get all offline content as well.


13)
Open CleanUp!

1. Uncheck "Cookies" under "Internet Explorer".
2. Click on Run Cleaner in the lower right-hand corner. This can take quite a while to run.
3. Close when finished.

14)
Reboot into Normal Mode and post a new HJT log

sharphot

Which Ad-Aware SE product should I download? Thank you

Ad-Aware SE Professional
Puts you in complete control and offers the extra flexibility that the IT professional may need.
$39.95
Ad-Aware SE Plus
Powerful expandability, customization and real-time monitoring and blocking to your system or network.
$26.95
Ad-Aware SE Plus Edition Product Box
Powerful expandability, customization and real-time monitoring and blocking to your system or network.
$31.95

Trogan

The Free Version

http://short-media.com/download.php?dc=69&p=2

sharphot

Hello I have gotten down to # per your instructions. I am not sure where or how to do the following: "Browse to the C:\documents and settings\Your User Name (repeat for all other user names in documents and settings)\local settings\temp folder and delete all files and folders in it." Thank again

sharphot

oops sorry that was # 12 per you instructions thank you

Trogan

First: browse to the C:\documents and settings

Second: Select a user

Third: After selecting a user, you should see local settings\temp folder. At this point, delete all files and folders inside the temp folder.

Do the same if there are multiple accounts on the computer.

If you are still unsure, then skip step 12 and go to step 13