Jump to content

kahdah

Experts
  • Posts

    4,024
  • Joined

  • Last visited

Everything posted by kahdah

  1. Yes I would still re-image the machine as this is a data stealing infection.
  2. That will be fine we will continue then
  3. Hmm ok I see nothing that Combofix removed that would have caused this. See if you can download and run this program please may have to use the Ubuntu disk to save it to the computer since you have no internet. Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here. If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  4. Can you burn it to a cd and transfer it to another machine?
  5. Hello dan0673 Welcome to Malwarebytes. ===================== Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  6. Hello fastdougzrx Welcome to Malwarebytes. ===================== See if either of these will run safe mode preferably as it will lessen the resources on the system if a rootkit is active it will help with less processes running. Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. ==================== Download This file. Note its name and save it to your root folder, such as C:\. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security program drivers will not conflict with this file. Click on this link to see a list of programs that should be disabled. Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator") Allow the driver to load if asked. You may be prompted to scan immediately if it detects rootkit activity. If you are prompted to scan your system click "Yes" to begin the scan. If not prompted, click the "Rootkit/Malware" tab. On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked. Select all drives that are connected to your system to be scanned. Click the Scan button to begin. (Please be patient as it can take some time to complete) When the scan is finished, click Save to save the scan results to your Desktop. Save the file as Results.log and copy/paste the contents in your next reply. Exit the program and re-enable all active protection when done.
  7. Ok let's begin shall we Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  8. Hello blitzgeist Welcome to Malwarebytes. ===================== Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. ==================== Download This file. Note its name and save it to your root folder, such as C:\. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security program drivers will not conflict with this file. Click on this link to see a list of programs that should be disabled. Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator") Allow the driver to load if asked. You may be prompted to scan immediately if it detects rootkit activity. If you are prompted to scan your system click "Yes" to begin the scan. If not prompted, click the "Rootkit/Malware" tab. On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked. Select all drives that are connected to your system to be scanned. Click the Scan button to begin. (Please be patient as it can take some time to complete) When the scan is finished, click Save to save the scan results to your Desktop. Save the file as Results.log and copy/paste the contents in your next reply. Exit the program and re-enable all active protection when done.
  9. Hello mrn Welcome to Malwarebytes. ===================== One or more of the identified infections is a backdoor trojan or rootkit. This type of infection has the capabilities to allows hacker to remotely control your computer, steal critical system information and download and execute files. I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information: How Do I Handle Possible Identity Theft, Internet Fraud and CC Fraud? When Should I Format, How Should I Reinstall We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.
  10. It only disables drive emulators or virtual cd drives. If you do not have those then it didn't disable anything. But yes you can re-enable those if it disabled them through defogger.
  11. Great. Please download and install the latest version of Adobe reader from here > http://get.adobe.com/reader/ Don't forget to uncheck the optional toolbar download box it will say include in your download with a check mark in a box simply uncheck it as it is a toolbar. After doing the uninstall of Combofix below you can reinstall AVG. ========================================== Click START then RUN Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there. ======Next====== Double click on OTL to run it. Click on the Cleanup button at the top. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. This will remove itself and other tools we may have used. ===============Update Java=============== Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update: Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop. Scroll down to where it says "(JRE) then click on it Click the "Download" button to the right. Select your Platform: "Windows". Select your Language: "Multi-language". Read the License Agreement, and then check the box that says: "Accept License Agreement". Click Continue and the page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u24-windows-i586.exe to install the newest version. ============================================ Delete\uninstall anything else that we have used that is leftover. After that your all set. ===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance=== Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes. How did I get infected in the first place? Also this one by Tony Klein. If your computer is slow Things you can do if your computer is slow. PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security. File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc... ===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased=== Malwarebytes Antimalware superantispyware ===Free antivirus links=== This is antivirus and antispyware. Microsoft Security Essentials This is free antispyware protection and Antivirus protection. AVG free This is just antivirus protection. Antivir This is antivirus and antispyware protection. Avast
  12. Please save the attached file to your desktop. Right click on it and choose extract all then open the newly created folder. Double click on the file inside let it run then reboot. Let me know then if you cannot update. Fix Windows Updates.zip
  13. Hello JD_Hupp Welcome to Malwarebytes. ===================== Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - File not found O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-1606980848-1454471165-682003330-1003\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKU\S-1-5-21-1606980848-1454471165-682003330-1003\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - File not found O20 - Winlogon\Notify\itlntfy: DllName - itlnfw32.dll - File not found [2011/04/05 15:17:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Rick\Local Settings\Application Data\{85A5768E-D111-4DB3-B3C7-E2D6DCF684E6} [2011/04/05 15:15:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Rick\Application Data\Liobid [2011/04/05 15:15:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Rick\Application Data\Ekam [2011/04/11 20:23:55 | 000,000,310 | -HS- | M] () -- C:\WINDOWS\tasks\Cafczyevo.job [2011/04/11 06:49:18 | 000,000,112 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\kAp70y4.dat [2011/04/06 09:53:46 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Wlukakoyupune.dat [2011/04/06 09:30:32 | 000,014,630 | -HS- | M] () -- D:\Documents and Settings\Rick\Local Settings\Application Data\3s01332t76tp114a55yo [2011/04/06 09:30:32 | 000,014,630 | -HS- | M] () -- D:\Documents and Settings\All Users\Application Data\3s01332t76tp114a55yo [2011/04/05 15:18:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Lpavaci.bin :Files C:\WINDOWS\Tasks\At*.job :Commands [emptytemp] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done It will produce a log for you on reboot, please post that log in your next reply. ================================Malwarebytes' Anti-Malware================================= Please update\run Malwarebytes' Anti-Malware. Double Click the Malwarebytes Anti-Malware icon to run the application. Click on the update tab then click on Check for updates. If an update is found, it will download and install the latest version. Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley. ================================Online scan================================= * Go here to run an online scannner from ESET. Note: You will need to use Internet explorer for this scan Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the activex control to install Click Start Check next options: Remove found threats and Scan unwanted applications. Click Scan Wait for the scan to finish Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt Copy and paste that log as a reply to this topic
  14. Ok please do the following: Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here. If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  15. Yes Combofix will set Ie as the default browser but it can be changed back the first time you open either they will ask to be the default. Just click yes to when Firefox asks. Still getting redirected at this point? ESET OnlineScan Click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check and check Remove found threats Click Advanced settings and select the following:Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the button. [*]Push
  16. Download their removal tool from here: http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1184.exe Double click on it to run it then it will make the machine reboot or at least prompt you to do it on reboot. Once that is done please continue with Combofix.
  17. Ok all of your logs are clean but that only means that the infection is hidden so please do the following: Note you will have to uninstall AVG before running Combofix you can reinstall that after we are done. Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  18. Hello Canada13 Welcome to Malwarebytes. ===================== Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. ==================== Download This file. Note its name and save it to your root folder, such as C:\. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security program drivers will not conflict with this file. Click on this link to see a list of programs that should be disabled. Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator") Allow the driver to load if asked. You may be prompted to scan immediately if it detects rootkit activity. If you are prompted to scan your system click "Yes" to begin the scan. If not prompted, click the "Rootkit/Malware" tab. On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked. Select all drives that are connected to your system to be scanned. Click the Scan button to begin. (Please be patient as it can take some time to complete) When the scan is finished, click Save to save the scan results to your Desktop. Save the file as Results.log and copy/paste the contents in your next reply. Exit the program and re-enable all active protection when done.
  19. You are welcome and thanks for the donation Safe surfing.
  20. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL [2011/04/11 15:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\cPp31002oApBg31002 Then click the Run Fix button at the top Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log" then once it is opened please close the log. Click on the Cleanup button at the top. You will be asked to reboot the machine to finish the Cleanup process. Choose Yes. This will remove itself and other tools we may have used. ===============Update Java=============== Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:Download the latest version of Java SE Runtime Environment (JRE) and save it to your desktop. Scroll down to where it says "(JRE) then click on it Click the "Download" button to the right. Select your Platform: "Windows". Select your Language: "Multi-language". Read the License Agreement, and then check the box that says: "Accept License Agreement". Click Continue and the page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u24-windows-i586.exe to install the newest version. ======================Clear out infected System Restore points====================== Then we need to reset your System Restore points. The link below shows how to do this. How to Turn On and Turn Off System Restore in Windows XP http://support.microsoft.com/kb/310405/en-us If you are using Vista then see this link: http://www.bleepingcomputer.com/tutorials/...143.html#manual Delete\uninstall anything else that we have used that is leftover. After that your all set. ===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance=== Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes. How did I get infected in the first place? Also this one by Tony Klein. If your computer is slow Things you can do if your computer is slow. PC Safety and Security - What Do I Need? Security suggestions and general hints and tips for PC security. File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc... ===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased=== Malwarebytes Antimalware superantispyware ===Free antivirus links=== This is antivirus and antispyware. Microsoft Security Essentials This is free antispyware protection and Antivirus protection. AVG free This is just antivirus protection. Antivir This is antivirus and antispyware protection. Avast
  21. OK no need for the eset scan then sometimes it simply will not work. Open OTL once more and click on Run scan at the top. Post the new log that opens please and let me know of any remaining issues.
  22. Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL O4 - HKLM..\Run: [00EECA] File not found O4 - HKCU..\RunOnce: [cPp31002oApBg31002] C:\ProgramData\cPp31002oApBg31002\cPp31002oApBg31002.exe () O33 - MountPoints2\{46e5d155-b166-11de-832b-94337f04b858}\Shell\AutoRun\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe O33 - MountPoints2\{46e5d155-b166-11de-832b-94337f04b858}\Shell\open\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe O33 - MountPoints2\{5b0a6624-5990-11de-bdc3-002268e08d12}\Shell\1\Command - "" = G:\Recycle.exe O33 - MountPoints2\{5b0a6624-5990-11de-bdc3-002268e08d12}\Shell\2\Command - "" = G:\Recycle.exe O33 - MountPoints2\{5b0a6624-5990-11de-bdc3-002268e08d12}\Shell\AutoRun\command - "" = G:\Recycle.exe O33 - MountPoints2\{731c2b7f-6ae5-11df-b7b9-d389cdc3404b}\Shell\AutoRun\command - "" = J:\carpet\\shey.exe O33 - MountPoints2\{731c2b7f-6ae5-11df-b7b9-d389cdc3404b}\Shell\explore\command - "" = J:\carpet\\\shey.exe O33 - MountPoints2\{731c2b7f-6ae5-11df-b7b9-d389cdc3404b}\Shell\open\command - "" = J:\carpet\\\shey.exe [2011/04/11 15:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\cPp31002oApBg31002 :Commands [emptytemp] Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done It will produce a log for you on reboot, please post that log in your next reply. ================================Malwarebytes' Anti-Malware================================= Please update\run Malwarebytes' Anti-Malware. Double Click the Malwarebytes Anti-Malware icon to run the application. Click on the update tab then click on Check for updates. If an update is found, it will download and install the latest version. Once the update has loaded, go to the Scanner tab and select "Perform Full Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley. ================================Online scan================================= ESET OnlineScan Click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check and check Remove found threats Click Advanced settings and select the following:Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Push the button. [*]Push
  23. Hello jordan123 Welcome to Malwarebytes. ===================== Download OTL to your desktop. Double click on OTL to run it. When the window appears, underneath Output at the top change it to Minimal Output. Under the Standard Registry box change it to All. Check the boxes beside LOP Check and Purity Check. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. ==================== Download This file. Note its name and save it to your root folder, such as C:\. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security program drivers will not conflict with this file. Click on this link to see a list of programs that should be disabled. Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator") Allow the driver to load if asked. You may be prompted to scan immediately if it detects rootkit activity. If you are prompted to scan your system click "Yes" to begin the scan. If not prompted, click the "Rootkit/Malware" tab. On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked. Select all drives that are connected to your system to be scanned. Click the Scan button to begin. (Please be patient as it can take some time to complete) When the scan is finished, click Save to save the scan results to your Desktop. Save the file as Results.log and copy/paste the contents in your next reply. Exit the program and re-enable all active protection when done.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.