Kenny94

Hi, Let's run combofix and I want to see something that deals with your ports. Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Hi, Yes this is normal. Is your PC still having this problem? If this is still the case. Please following the instructions below. By the way, For the next several months, I'm spending very little time on my PC and there will be delays between my requests. Please read carefully and let me know if you have any questions. Create a batch file: Note: You will need to save any work before double clicking the fix.bat file because it will automatically restart your computer Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor): @echo off ipconfig /release ipconfig /renew ipconfig /flushdns netsh winsock reset all netsh int ip reset all shutdown -r -t 10 del /f /q %0 Once you've done that click on File and select Save As... In the Save dialogue box click on the drop down menu next to Save as type and select All Files Name the file fix.bat (the .bat extension is very important) Save the file to your desktop and double click it to run it. Once it runs it will automatically restart your computer Once your computer boots again, check to see if your internet performance has improved Please let me know how it went and a update on how your PC is doing.

Hi blumi, your router seems to be infected as well. Router reset, you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into the small hole labeled Reset located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 30 seconds). Next Flush the DNS cache: Click the Start logo in the bottom left corner of the screen Click on Run In the command window copy/paste the following: ipconfig /flushdns Then hit enter. Exit the command window. Please let me know how things are running now and if you encountered any problems while you were following the instructions I posted.

You're welcome! To re-enable your Emulation drivers, double click DeFogger to run the tool. The application window will appear Click the Re-enable button to re-enable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OK. If not, reboot your computer Your Emulation drivers are now re-enabled. You can remove DeFogger off your desktop.

I recommend to update Internet Explorer: http://windows.microsoft.com/en-US/internet-explorer/products/ie/home Other than this all looks great blumi! Purge old temporary files. Now that we are done.... Please download TFC by OldTimer to your desktop Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). It will close all programs when run, so make sure you have saved all your work before you begin. Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion. Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean. You should keep TFC and run it once a week. Your Computer is Clean Some final items: Follow these steps to uninstall Combofix and tools used in the removal of malware To remove all of the tools we used and the files and folders they created, please do the following: Please download OTC.exe by OldTimer: Save it to your Desktop. Double click OTC.exe. Click the CleanUp! button. If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes. Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually. It's a good idea to Flush your System Restore after removing malware and create a new restore point. To SET A NEW RESTORE POINT: 1. Go to Start > Programs > Accessories > System Tools and click "System Restore". 2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore. 3. Then go to Start > Run and type: Cleanmgr 4. Click "OK". 5. Click the "More Options" Tab. 6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one. Graphics for doing this are in the following links if you need them. How to Create a Restore Point. How to use Cleanmgr. Here are some additional links for you to check out to help you with your computer security. Browsers Just because your computer came loaded with Internet Explorer doesn't mean that you have to use it, there are other free alternatives, FIREFOX and OPERA, both are free to use and are more secure than IE. If you are using firefox you can stay more secure by adding NoScript and WOT (Web Of Trust) NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT (Web Of Trust) has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website. Make your Internet Explorer more secure - This can be done by following these simple instructions: From within Internet Explorer click on the Tools menu and then click on Options. Click once on the Security tab Click once on the Internet icon so it becomes highlighted. Click once on the Custom Level button. Change the Download signed ActiveX controls to Prompt Change the Download unsigned ActiveX controls to Disable Change the Initialize and script ActiveX controls not marked as safe to Disable Change the Installation of desktop items to Prompt Change the Launching programs and files in an IFRAME to Prompt Change the Navigate sub-frames across different domains to Prompt When all these settings have been made, click on the OK button If it prompts you as to whether or not you want to save the settings, press the Yes button. Next press the Apply button and then the OK to exit the Internet Properties page. Additional Security Measures Scan your system for outdated versions of commonly used software applications that may also cause your PC be vulnerable, using the Secunia Online Software Inspector (OSI). This is very important because recent statistics confirm that an overwhelming majority of infections are aquired through application not Operating System flaws. Commonly used programs like Quicktime, Java, and Adobe Acrobat Reader, itunes, and many others are commonly targeted today. You can make your computer much more secure if you update to the most current versions of these programs and any others that Secunia alerts you to. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates. Cookienator- Scans your PC for tracking cookies in multiple browsers as well as in Adobe Flash. Tips for Speeding Up Your PC Visit My Blog for Malware and Spyware Tips

Let's check your security so, this will not happen again. Download Security Check from here or here. Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.

The search redirections should have stopped now. Please run this online scan to help look for remnants. ESET Online Scanner Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here. Please go here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Now click on: [*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. [*]When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: [*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. [*]Copy and paste that log as a reply to this topic. Note: Do not forget to re-enable your Anti-Virus application after running the above scan! Also, please let me know how things are running now and if you encountered any problems while you were following the instructions I posted.

Yes, this is what I was looking for...... Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Hi, Appears the TDSSKiller was cut off at the bottom. Please copy and paste all of the TDSSKiller report. TDSSKiller log resides in your C: Drive.

Hi blumi and Welcome to Malwarebytes! I see you have Avira and AVG 2011 Anti-Virus in your computer. Two Anti-Virus Programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them. Also, please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. Vista/Windows 7 users right-click and select Run As Administrator. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. Click the Report button and copy/paste the contents of it into your next replyNote:It will also create a log in the C:\ directory.

Hi shikascoot and Welcome to Malwarebytes! We need to look at some information about what is going on in your computer: Please perform the following scan: Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pif [*]Double click on the DDS icon, allow it to run. [*]A small box will open, with an explanation about the tool. [*]When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt [*] Save both reports to your desktop. [*] The instructions here ask you to attach the Attach.txt. [*]Instead of attaching, please copy/past both logs into your Thread [*]Close the program window, and delete the program from your desktop. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Amy Winehouse, dead at 27 Jimmy Hendrix, dead at 27 Janis Joplin, dead at 27 Jim Morrison, dead at 27

To be honest Megan, if this was my PC, I would reformat and reinstall..... Reformat and Reinstall as outlined HERE If you have any questions let me know.

Hi CTHowes and Welcome to Malwarebytes! Let's try to work in normal mode... Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com) There are two different versions. If one of them won't run then download and try to run the other one. Vista and Windows 7 users need to right-click and choose Run as Administrator You only need to get one of them to run, not both of them. Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com) There are two different versions. If one of them won't run then download and try to run the other one. Vista and Windows 7 users need to right-click and choose Run as Administrator You only need to get one of them to run, not both of them. eXplorer.exe - WiNlOgOn.exe Please post the log in your next reply. (To see what was terminate). Note: If your security software warns about Rkill, please ignore and allow the download to continue. Once you've gotten one of them to run then try to immediately run the following: Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Hi zozojade I would like you to generate a "Add/Remove Software list" log using the HijackThis application. Here is how you can do this: To get an Uninstall List from HijackThis: Open HijackThis, click Config, click Misc Tools Click "Open Uninstall Manager" Click "Save List" (generates uninstall_list.txt) Click Save, copy and paste the results in your next post.

No problem and you're welcome. Good luck.

Those two files are harmless. ESET Online Scanner Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here. Please go here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Now click on: [*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. [*]When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: [*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. [*]Copy and paste that log as a reply to this topic. Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (Example: puppy.com). If you do not see the file extension, please refer to: How to change the file extension.

Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. Click the Report button and copy/paste the contents of it into your next replyNote:It will also create a log in the C:\ directory.

I've notice some new malware in your ComboFix log. Is anyone else using your PC? Please click here to download Kaspersky Virus Removal Tool. Double click on the file you just downloaded and let it install. It will install to your desktop. After that leave what is selected and put a check next to My Computer. Click on the option that says Threat Detection and change it to Disinfect,delete if disinfection fails. Then click on Start Scan. Before it is done it may prompt for action regardless of the setting so choose delete if prompted. When the scan is done no log will be produced. Click on the bottom where it says Report to open the report. Then highlight of of the items found by using ctrl + a on your keyboard to select all or use your mouse to select all then right click and choose copy. This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad. You can save this on the desktop. Post the contents of the document in your next reply. Note: This tool will self uninstall when you close it so please save the log before closing it.

Hi chilepepper and Welcome to Malwarebytes! Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. --------------------------------------------------------------------------------------------- Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Run CFScript Close any open browsers. Open Notepad by click start Click Run Type notepad into the box and click enter Notepad will open Copy and Paste everything from the Code box into Notepad: KILLALL:: Collect:: c:\windows\system32\asusrx20.dll c:\windows\system32\cdscsix3.dll c:\windows\system32\logon16x.dll c:\windows\system32\se500mdm.dll c:\windows\system32\ramvxt.sys c:\windows\system32\se500mdm.dll Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1033:TCP"=- "5000:UDP"=- Save the file to your desktop and name it CFScript.txt Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below. This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Hi Justine We need to look at some information about what is going on in your computer: Please perform the following scan: Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pif [*]Double click on the DDS icon, allow it to run. [*]A small box will open, with an explanation about the tool. [*]When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt [*] Save both reports to your desktop. [*] The instructions here ask you to attach the Attach.txt. [*]Instead of attaching, please copy/past both logs into your Thread [*]Close the program window, and delete the program from your desktop. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

I did some research on PRO/100 VE and were fine on that end. I want you to run ComboFix again, but we need to remove it first. Follow these steps to uninstall Combofix and all of its files and components. Go to Start ---> Run ---> Type ComboFix /uninstall and press Enter. Make sure there's a space between Combofix and / Then hit enter. Next Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

This would be the best thing to do at this point SarahP. Let me know?