Jump to content

TheDarkKnight

Honorary Members
 View Profile  See their activity

  • Posts

    1,123

  • Joined

  • Last visited

 Content Type 

Everything posted by TheDarkKnight

  1. TheDarkKnight
    Hello migs102006, Microsoft is merging its Windows Messenger with Skype, so that is probably part of the reason. Please do the following to reset your router: Turn off your computer. Unplug or turn off your DSL/cable modem. Locate, on the back/front/side of your router, the small button that reads Reset. While pressing the Reset button, turn on/plug in the router. Hold for 30 seconds. Wait for your Power, WLAN and Internet lights to turn on. Plug in or turn on your modem (if it is separate from the router otherwise disregard this step). Open your web browser to see if you have an internet connection. If you still don't have an internet connection you may need to restart your computer.
  2. TheDarkKnight
    Hey fishtaco254, Please follow the instructions in my previous post.
  3. TheDarkKnight
    Good evening Kirbett, You should still update it, because having out-of-date software is a security risk. That's fine. MBAM in its free version is very effective; it only lacks the resident protection really. ==== Your version of Java is out of date. It's important to remove older versions of Java since it does not do so automatically and older versions can leave you vulnerable. Please follow the instructions below to update Java: Please go to the below link and download the latest Windows XP version: http://www.java.com/en/download/manual.jsp Save it to your Desktop. Please go to Start > Control Panel > Add Or Remove Programs. Navigate to any versions of Java (J2SE Runtime Environment) you have installed. They will have this icon next to them: Select Remove. Please double-click the installer and follow the prompts to install the latest version once all the previous versions have been successfully removed. And please update Mozilla Thunderbird. ===== Please let me know how the updates go.
  4. TheDarkKnight
    Hello migs102006, In a previous post I suggested uninstalling Skype. Did you ever do that? If so, did the probing stop?
  5. TheDarkKnight
    Hello Woe_is_Me_n_myPC, Let's look at the Windows Defender issue first. Please see this Microsoft topic: http://social.technet.microsoft.com/Forums/en-US/itprovistasecurity/thread/391470b9-a577-441e-96ad-12b40ab78c93/ Try the suggestions there and let me know how that goes.
  6. TheDarkKnight
    Hello Kirbett, Those issues aside for a moment, all seems well at the moment. Please download Security Check by screen317 from here or here. Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  7. TheDarkKnight
    Hey Jedarius, Please monitor your computer for the next 24 hours and let me know if it reappears.
  8. TheDarkKnight
    Hey fosternguyen, Please download this tool. Please download TFC to your Desktop. Open the file and close any other windows. It will close all programs itself when run; make sure to let it run uninterrupted. Click the Start button to begin the process. The program should not take long to finish its job. Once its finished it should reboot your machine; if not, do this yourself to ensure a complete clean. ===== Then, please download Security Check by screen317 from here or here. Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  9. TheDarkKnight
    Hey Mars25, There are signs of the Yahoo! Toolbar in your log. This toolbar comes bundled with other third party applications you may not want installed. Please see here for more information. I recommend you remove it. I also see the Freecorder 6 program installed. It too has been know to be suspicious (please see here for further information). I recommend removing it. Please go to Start>Control Panel>Programs and uninstall the following programs (if present): FreeCorder 6 Yahoo! Companion Yahoo! Toolbar Please restart your computer after these program removals. ===== Please try a new scan with MBAM and let me know what it finds.
  10. TheDarkKnight
    Good morning Jedarius, Run MBAM and fix anything it finds before proceeding. Then, please follow these instructions to remove the remaining malicious entries: Please close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Open Notepad and copy/paste the text in the quotebox below into it: Please Note: Do NOT use any other text editor than Notepad or the CFScript will fail. Save this as CFScript.txt, in the same location as ComboFix.exe. Referring to the picture above, drag CFScript into ComboFix.exe. When finished, it shall produce a log for you at C:\ComboFix.txt. Please post the ComboFix.txt in your next reply. Run MBAM again and let me know what it finds please.
  11. TheDarkKnight
    Hello aryama, There should also be a systemlog.txt from MBAR.
  12. TheDarkKnight
    Hey Woe_is_Me_n_myPC, Interesting question. I say this because your logs haven't actually shown any serious infections at all. It is possible MSE killed them all... Please download Windows Repair (all in one) from here. Install the program. Please proceed to run it. Go to Step 2 and allow it to run CheckDisk by clicking on the Do It button: Once that is done please go to Step 3 and allow it to run the System File Check by clicking on the Do It button: Go to Step 4 and under System Restore click on the Create button: Next, go to the Start Repairs tab and click the Start button. Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default): Click on the box next to the Restart System when Finished. Then click on Start. Is Windows Defender still not working?
  13. TheDarkKnight
    Hello Jedarius, To do this, please set Win7 to show hidden/system files and folders so that you can find them: Please click Start and open My Computer. On the Organize tab, click on Folder and search options. On the View tab, uncheck Hide file extensions for known file types. Also uncheck Hide protected operating system files (Recommended) and click Yes on the warning message. Under Hidden files and folders, check Show hidden files, folders, or drives. Click Apply. Click OK and close My Computer. I will give you instructions for hiding them again after it looks like your computer is clean. Then, please delete this file: C:\Users\Hai\AppData\Roaming\WinLive\WinLive.dll ===== Also, please download Security Check by screen317 from here or here. Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  14. TheDarkKnight
    Hey fosternguyen, Yes, please proceed.
  15. TheDarkKnight
    Hey migs102006, If you scroll down on that page, you will see a bunch of grey bars. One of them should say Service Ports. Please click this and let me know what it finds.
  16. TheDarkKnight
    Hello fosternguyen, Great to hear! Please run a free online scan with the ESET Online Scanner. Note: You can use Internet Explorer or Mozilla Firefox for this scan. Tick the box next to YES, I accept the Terms of Use. Click Start. When asked, allow the ActiveX control to install. Click Start. Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked. Click Scan. Wait for the scan to finish. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt. Copy and paste that log as a reply to this topic.
  17. TheDarkKnight
    Howdy Woe_is_Me_n_myPC, Your logs are coming back clean so please do this scan. Please download Farbar Service Scanner and run it on the computer with the issue. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.
  18. TheDarkKnight
    Howdy Jedarius, In the meantime please run this scan. Please run a free online scan with the ESET Online Scanner. Note: You can use Internet Explorer or Mozilla Firefox for this scan. Tick the box next to YES, I accept the Terms of Use. Click Start. When asked, allow the ActiveX control to install. Click Start. Make sure that the option Remove found threats is unchecked and the option Scan unwanted applications is checked. Click Scan. Wait for the scan to finish. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt. Copy and paste that log as a reply to this topic.
  19. TheDarkKnight
    Hey migs102006, Please visit the below site: https://www.grc.com/x/ne.dll?bh0bkyd2 Follow the instructions and let me know what it tells you please.
  20. TheDarkKnight
    Hello migs102006, OK. Please download GMER from one of the following locations and save it to your Desktop: Main Mirror This version will download a randomly named file (Recommended) Zipped Mirror This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your Desktop. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver. Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked. Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe. GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress). If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO. Now click the Scan button. If you see a rootkit warning window, click OK. When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log. Click the Copy button and paste the results into your next reply. Exit GMER and be sure to re-enable your anti-virus, firewall and any other security programs you had disabled.-- If you encounter any problems, try running GMER in Safe Mode. -- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning.
  21. TheDarkKnight
    Hello Jedarius, A new log from MBAM please.
  22. TheDarkKnight
    Hey Woe_is_Me_n_myPC, Yes, that is correct. Just the scan please.
  23. TheDarkKnight
    Howdy Mars25, Please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF). Please go here to see a list of programs that need to be disabled. **Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.** **Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.** Please include the C:\ComboFix.txt in your next reply for further review.
  24. TheDarkKnight
    Hello Woe_is_Me_n_myPC, OK all good. Please download aswMBR by gmer to your Desktop. Please visit this site for instructions on how to run the tool. Once familiar with this tool, double click aswMBR.exe to run it. Click the Scan button to start the scan. Once the scan has completed, please save the aswMBR.txt log to the Desktop and post it in your next reply. ===== Also, please download to your Desktop: TDSSKiller.zip from here and extract it (right click on it => "Extract here"). >>> TDSSKiller: Double-click on TDSSKiller.exe to run the application. Click Change parameters. Make sure you check the box Loaded modules. A window will popup and say Reboot is required. Please click Reboot now. Then click Change parameters again. Check the box Detect TDLFS file system. Click on the Start Scan button. If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. If you are asked to reboot the computer to complete the process, click on the Reboot Now button. Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply. Note: A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). ===== In your reply please provide the contents of both logs.
  25. TheDarkKnight
    Howdy fosternguyen, How do things seem on your computer at the moment?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.