Jump to content

Random sites open in MS Internet Explorer

abn

By abn
in Resolved Malware Removal Logs

 Share

Recommended Posts

abn

abn

Posted
Posted

Hi

My problem - I've been infected with some kind of URL-hook og proxy-malware. I've scanned my computer with nearly everything - without luck.

Random sites open at random times in MS Internet Explorer - and sometimes links at google.com are misleaded.

Here's my DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by 30120 at 21:03:53 on 2012-01-17

Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.2006.1284 [GMT 1:00]

.

AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nslsvice.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Programmer\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Programmer\Symantec AntiVirus\Smc.exe

C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe

svchost.exe

svchost.exe

C:\Programmer\Fælles filer\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Programmer\SUPERAntiSpyware\SASCORE.EXE

C:\Programmer\Bonjour\mDNSResponder.exe

C:\Programmer\Cisco Systems\VPN Client\cvpnd.exe

C:\Programmer\Juniper Networks\Common Files\dsNcService.exe

C:\Programmer\Intel\Wireless\Bin\EvtEng.exe

C:\Programmer\Fælles filer\InterVideo\RegMgr\iviRegMgr.exe

C:\Programmer\Java\jre6\bin\jqs.exe

C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Programmer\lotus\notes\ntmulti.exe

C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Programmer\Symantec AntiVirus\Rtvscan.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\WINDOWS\Explorer.EXE

C:\Programmer\Symantec AntiVirus\SmcGui.exe

C:\Programmer\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\rundll32.exe

C:\Programmer\Lenovo\NPDIRECT\TPFNF7SP.exe

C:\Programmer\Lenovo\HOTKEY\TPOSDSVC.exe

C:\Programmer\Synaptics\SynTP\SynTPLpr.exe

C:\Programmer\Lenovo\HOTKEY\TPONSCR.exe

C:\Programmer\Lenovo\Zoom\TpScrex.exe

C:\Programmer\Synaptics\SynTP\SynTPEnh.exe

C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe

C:\Programmer\Google\Gmail Notifier\gnotify.exe

C:\Programmer\Fælles filer\Java\Java Update\jusched.exe

C:\Documents and Settings\30120\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe

C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Programmer\Cisco Systems\VPN Client\vpngui.exe

C:\Programmer\Cisco Systems\VPN Client\ipseclog.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://a.alex.dk/

uInternet Connection Wizard,ShellNext = hxxp://192.1.1.50/intranote

uInternet Settings,ProxyServer = 192.1.1.10:3128

uInternet Settings,ProxyOverride = 147.29.11.10;192.1.1.50;192.1.1.49;tinglysning.domstol.dk;192.1.1.43:8530;abon.greens.dk

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programmer\fælles filer\adobe\acrobat\activex\AcroIEHelper.dll

BHO: HistoryTriggerBHO Class: {21a88cb9-84d2-4020-a2d1-b25a21034884} - c:\programmer\lg electronics\lg pc suite iv\linkair\LinkAirBrowserHelper.dll

BHO: HP Exstream Live: {77d7c722-06a7-4876-82f7-09fe69ab0a33} - c:\programmer\hewlett-packard\hp exstream\liveeditor 3.0.101\LiveIEPlugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programmer\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programmer\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\30120\lokale indstillinger\application data\google\update\GoogleUpdate.exe" /c

uRun: [LG LinkAir]

uRun: [sUPERAntiSpyware] c:\programmer\superantispyware\SUPERAntiSpyware.exe

mRun: [soundMAXPnP] c:\programmer\analog devices\core\smax4pnp.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog

mRun: [TPFNF7] c:\programmer\lenovo\npdirect\TPFNF7SP.exe /r

mRun: [TPKMAPHELPER] c:\programmer\thinkpad\utilities\TpKmapAp.exe -helper

mRun: [TPHOTKEY] c:\programmer\lenovo\hotkey\TPOSDSVC.exe

mRun: [PSQLLauncher] "c:\programmer\thinkvantage fingerprint software\launcher.exe" /startup

mRun: [synTPLpr] c:\programmer\synaptics\syntp\SynTPLpr.exe

mRun: [synTPEnh] c:\programmer\synaptics\syntp\SynTPEnh.exe

mRun: [Adobe Reader Speed Launcher] "c:\programmer\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [ccApp] "c:\programmer\fælles filer\symantec shared\ccApp.exe"

mRun: [brStsWnd] c:\programmer\brownie\BrstsWnd.exe Autorun

mRun: [QuickTime Task] "c:\programmer\quicktime\qttask.exe" -atboottime

mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\programmer\google\gmail notifier\gnotify.exe

mRun: [sunJavaUpdateSched] "c:\programmer\fælles filer\java\java update\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\30120\menuen~1\progra~1\start\screen~1.lnk - c:\programmer\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\documents and settings\30120\menuen start\programmer\start\slet skrivebordsgenveje.bat

uPolicies-explorer: NoNetworkConnections = 1 (0x1)

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

uPolicies-system: Wallpaper = c:\nc_standard\n-c3.png

uPolicies-system: WallpaperStyle = 0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Send til &Bluetooth-enhed... - c:\programmer\thinkpad\bluetooth software\btsendto_ie_ctx.htm

IE: Send til Bluetooth - c:\programmer\thinkpad\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\programmer\thinkpad\bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

Trusted Zone: danid.dk

Trusted Zone: n-c.dk\www

Trusted Zone: nrsbank.dk

Trusted Zone: danid.dk

DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.himmerland.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab

DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100909133807

DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://192.1.1.50/intranote/AddOns/Agenda/Class/ScriptX.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxp://www-307.ibm.com/pc/support/acpir.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.dk/s/v/43.10/uploader2.cab

DPF: {4F2A3649-7A9F-4950-9C31-409FAC6FC7C8} - hxxps://danid.dk/csp/authenticode/csp.exe

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203420414031

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203420403578

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {9DF01F00-08E7-4DBE-9070-94841463B3FE} - hxxps://danid.dk/csp/authenticode/csp.exe

DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab

DPF: {C07E5288-22FB-11D7-962E-0004AC77C761} - hxxps://activex.dataloen.dk/controls/dataloen3348.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab

DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

TCP: Interfaces\{9ED52411-ED6C-4D17-A777-E27BEE0CB301} : DhcpNameServer = 192.1.1.2

Handler: cw - {774E529C-2458-48A2-8F57-3ED3105D8612} - c:\programmer\caseware\cwproto.dll

Handler: cwt - {774E529C-2458-48A2-8F57-3ED3105D8612} - c:\programmer\caseware\cwproto.dll

Notify: !SASWinLogon - c:\programmer\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

Notify: psfus - c:\windows\system32\psqlpwd.dll

Notify: tpfnf2 - c:\programmer\lenovo\hotkey\notifyf2.dll

Notify: tphotkey - c:\programmer\lenovo\hotkey\tphklock.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\programmer\superantispyware\SASSEH.DLL

LSA: Notification Packages = scecli psqlpwd

mASetup: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - c:\programmer\pixiepack codec pack\InstallerHelper.exe

.

============= SERVICES / DRIVERS ===============

.

R1 SASDIFSV;SASDIFSV;c:\programmer\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\programmer\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\programmer\superantispyware\SASCore.exe [2011-8-12 116608]

R2 ccEvtMgr;Symantec Event Manager;c:\programmer\fælles filer\symantec shared\ccSvcHst.exe [2008-12-14 108392]

R2 ccSetMgr;Symantec Settings Manager;c:\programmer\fælles filer\symantec shared\ccSvcHst.exe [2008-12-14 108392]

R2 smihlp;SMI Helper Driver (smihlp);c:\programmer\fælles filer\thinkvantage fingerprint software\drivers\smihlp.sys [2007-8-14 10896]

R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\programmer\symantec antivirus\Rtvscan.exe [2008-12-14 2436536]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programmer\fælles filer\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-5 106104]

R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]

R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]

R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]

R3 NAVENG;NAVENG;c:\progra~1\fllesf~1\symant~1\virusd~1\20120117.003\NAVENG.SYS [2012-1-17 86136]

R3 NAVEX15;NAVEX15;c:\progra~1\fllesf~1\symant~1\virusd~1\20120117.003\NAVEX15.SYS [2012-1-17 1576312]

R3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2003-8-28 189792]

S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2010-12-7 14336]

S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2010-12-7 20736]

S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2010-12-7 20096]

S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2010-12-7 25088]

S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [2010-8-2 25728]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-12-14 23888]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\androidusb.sys --> c:\windows\system32\drivers\ANDROIDUSB.sys [?]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-1-5 100480]

S3 NETwLx32; Intel® Wireless WiFi Link 5000-serien adapter driver til Windows XP 32 Bit ;c:\windows\system32\drivers\NETwLx32.sys [2011-4-24 6609920]

S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2010-1-23 23096]

S3 STSService;STSService;"c:\programmer\soundtaxi media suite\stsservice.exe" --> c:\programmer\soundtaxi media suite\STSService.exe [?]

S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys --> c:\windows\system32\drivers\usbaapl.sys [?]

.

=============== Created Last 30 ================

.

2012-01-10 17:57:19 -------- d-----w- C:\TDSSKiller_Quarantine

2011-12-27 12:08:51 -------- d-----w- C:\spwin

2011-12-20 14:30:32 -------- d-----w- c:\documents and settings\30120\lokale indstillinger\application data\Downloaded Installations

2011-12-20 14:28:20 -------- d-----w- c:\documents and settings\30120\application data\Juniper Networks

2011-12-20 14:27:52 345384 ----a-w- c:\windows\system32\dsNcCredProv.dll

2011-12-20 14:27:43 -------- d-----w- c:\programmer\Juniper Networks

2011-12-20 14:27:43 -------- d-----w- c:\documents and settings\all users\application data\Juniper Networks

2011-12-20 14:26:48 -------- d-----w- c:\programmer\O90

.

==================== Find3M ====================

.

2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-25 21:57:23 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 14:40:40 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-22 07:05:20 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-20 06:12:40 60928 ----a-w- c:\windows\system32\packager.exe

2011-11-16 14:21:45 354816 ----a-w- c:\windows\system32\winhttp.dll

2011-11-16 14:21:45 152064 ----a-w- c:\windows\system32\schannel.dll

2011-11-04 19:13:21 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13:20 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-04 19:13:20 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec

2011-11-03 15:29:12 386560 ----a-w- c:\windows\system32\qdvd.dll

2011-11-03 15:29:12 1296384 ----a-w- c:\windows\system32\quartz.dll

2011-11-01 16:07:04 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:31:57 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:49:50 2151424 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:49:49 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe

.

============= FINISH: 21:09:44,32 ===============

attach.txt

dds.txt

Link to post
Share on other sites
  • 1 month later...
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello,

Please advise if you have resolved your issues.

If not and you need guided help, please do the following.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.