Jump to content

malware removed but STILL infected with browser redirects


Recommended Posts

I've removed malware with MB but I'm still infected with browser redirecting. Everything I run says I'm clean, but it's not. Please help.

Link to post
Share on other sites

Ok screen317 here are the logs

Malwarebytes' Anti-Malware 1.42

Database version: 3436

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

12/26/2009 7:07:53 PM

mbam-log-2009-12-26 (19-07-53).txt

Scan type: Quick Scan

Objects scanned: 122821

Time elapsed: 4 minute(s), 42 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS.txt

Link to post
Share on other sites

Hi,

Just tried to download combofix, first time got a messasge stating it could not save to desktop, 2nd time got a page load error that said 1-check spelling and caps, 2-check if page was moved.

Link to post
Share on other sites

  • Staff

Hi,

Please go to VirusTotal, and upload the following file for analysis:

c:\windows\system32\mucltui.dll

c:\windows\system32\muweb.dll

Post the results in your reply.

Next, please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.

  • Click Start Scanning.
  • You should get a notification bar (on top) to install the ActiveX control.
  • Click on it and select to install the ActiveX.
  • Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  • In case you are having problems with installing the ActiveX/starting the scan, please read here.
  • Click the Full System Scan button.
  • It will start to download scanner components and databases. This can take a while.
  • The main scan will start.
  • Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  • It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  • The cleaning can take a while, so please be patient.
  • Then click the Show report button and Copy/Paste what is present under results in your next reply.

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

OK,

I've done the following and I wasn't able to reply to the post with the logs from FSecure through Internet Explorer, I keep on getting a page load error. So I'm trying to do so with firefox. FSecure found nothing and made no repairs. I have the other logs. The browser still hijacks, I did notice that this only occurs while using firefox and not with IE. Maybe this could be of some help. Couldn't post virus total results, tried to copy and paste when I tried I got this message on a white screen:

Method Not Implemented

POST to /forums/index.php not supported.

Results of screen317's Security Check version 0.99.1

Windows XP Service Pack 3

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

McAfee Uninstall Wizard

McAfee SecurityCenter

Antivirus up to date!

``````````````````````````````

Anti-malware/Other Utilities Check:

Spyware Doctor 6.0

HijackThis 2.0.2

CCleaner

Adobe Flash Player 10

Adobe Reader 9.1

``````````````````````````````

Process Check:

objlist.exe by Laurent

McAfee VIRUSS~1 mcshield.exe

McAfee VIRUSS~1 mcsysmon.exe

``````````````````````````````

DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

Link to post
Share on other sites

  • Staff

Copy the VirusTotal results to Notepad, then copy and paste the contents of the Notepad document into your post. See if you still get the error.

Next, please download GooredFix and save it to your Desktop. Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt). Note: Do not run Option #2 yet.

-screen317

Link to post
Share on other sites

OK, Here are the virus total results and when I ran gooredfix a bubble popped up that said gooredfix will scan for and remove infections. Click yes to continue or no to cancel, I didn't get to select 1 and press enter. Here are the results attached, I couldn't copy and paste

GooredFix.txt

virustotal.txt

Link to post
Share on other sites

AWESOME JOB screen317!!!! No more redirects, I tried several random searches and didn't have any redirects; and after I restarted, my entire machine ran quicker than it has in a long time. I can't thank you enough!! :D What would you recommend doing as far as my security goes? Should I get rid of anything I have and get something new for protection? Thank you so much!! Here is the log

ComboFix 10-01-04.01 - Owner 01/04/2010 22:19:36.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1430 [GMT -5:00]

Running from: c:\documents and settings\Owner.ZEUS\Desktop\ComboFix.exe

AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

.

((((((((((((((((((((((((( Files Created from 2009-12-05 to 2010-01-05 )))))))))))))))))))))))))))))))

.

2009-12-30 03:33 . 2009-12-30 03:33 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure

2009-12-27 21:29 . 2009-12-27 21:29 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom

2009-12-27 21:29 . 2009-12-27 21:29 -------- d-----w- c:\documents and settings\Owner.ZEUS\Local Settings\Application Data\TomTom

2009-12-27 21:29 . 2009-12-27 21:29 -------- d-----w- c:\documents and settings\Owner.ZEUS\Application Data\TomTom

2009-12-27 21:29 . 2009-12-27 21:29 -------- d-----w- c:\program files\TomTom International B.V

2009-12-27 21:28 . 2009-12-27 21:29 -------- d-----w- c:\program files\TomTom HOME 2

2009-12-24 08:59 . 2009-12-24 08:59 -------- d-----w- c:\documents and settings\Owner.ZEUS\Application Data\McAfee

2009-12-24 06:31 . 2009-12-03 21:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-24 06:31 . 2009-12-24 06:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-24 06:31 . 2009-12-03 21:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-24 04:02 . 2009-12-24 05:17 15 ----a-w- c:\documents and settings\Owner.ZEUS\settings.dat

2009-12-19 14:34 . 2009-12-19 02:05 293376 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\yahoo!\Mail\attach\n8mgkzf2.exe

2009-12-12 11:36 . 2009-12-12 11:36 306984 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT

2009-12-08 13:16 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2009-12-08 13:16 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll

2009-12-08 04:47 . 2009-12-08 04:47 -------- d-----w- c:\program files\Microsoft Silverlight

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-05 03:02 . 2009-03-18 01:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-01-04 21:00 . 2009-03-18 01:41 -------- d-----w- c:\program files\Spyware Doctor

2010-01-02 15:23 . 2007-06-19 02:51 2228 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\wklnhst.dat

2009-12-26 17:57 . 2009-03-18 01:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2009-12-19 14:34 . 2007-06-19 01:23 -------- d--h--r- c:\documents and settings\Owner.ZEUS\Application Data\yahoo!

2009-12-18 20:01 . 2009-03-18 01:41 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-12-12 11:36 . 2006-12-26 20:45 8224 ----a-w- c:\documents and settings\Owner.ZEUS\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-12-09 15:45 . 2006-10-06 04:39 -------- d-----w- c:\program files\Microsoft Works

2009-12-06 00:33 . 2009-12-06 00:33 33558 ----a-w- c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe

2009-12-02 13:10 . 2009-12-02 13:10 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee

2009-12-02 02:52 . 2006-10-06 04:47 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2009-11-28 19:15 . 2009-11-28 19:15 -------- d-----w- c:\program files\USB Media

2009-11-26 07:24 . 2006-10-06 04:38 -------- d-----w- c:\program files\Common Files\Real

2009-11-26 07:24 . 2009-11-26 07:24 -------- d-----w- c:\program files\Common Files\xing shared

2009-11-26 07:23 . 2009-11-26 07:23 -------- d-----w- c:\program files\Real

2009-11-25 11:55 . 2009-11-24 22:44 -------- d-----w- c:\documents and settings\Owner.ZEUS\Application Data\Move Networks

2009-11-24 22:44 . 2009-11-24 22:44 127325 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Move Networks\uninstall.exe

2009-11-24 22:44 . 2009-08-13 19:21 4187512 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Move Networks\plugins\npqmp071505000011.dll

2009-11-21 02:07 . 2009-11-21 02:06 -------- d-----w- c:\program files\Common Files\Adobe

2009-11-19 16:48 . 2009-11-27 13:36 872960 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2009-11-19 16:48 . 2009-11-27 13:36 43008 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2009-11-19 16:48 . 2009-11-27 13:36 340480 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2009-11-19 16:48 . 2009-11-27 13:36 346624 ----a-w- c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2009-11-19 10:56 . 2008-09-20 18:24 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore

2009-10-29 05:38 . 2006-06-17 09:23 667136 ------w- c:\windows\system32\wininet.dll

2009-10-21 05:38 . 2006-06-17 09:23 75776 ----a-w- c:\windows\system32\strmfilt.dll

2009-10-21 05:38 . 2006-06-17 09:23 25088 ----a-w- c:\windows\system32\httpapi.dll

2009-10-20 16:20 . 2004-08-04 06:00 265728 ----a-w- c:\windows\system32\drivers\http.sys

2009-10-13 10:30 . 2006-06-17 09:23 270336 ----a-w- c:\windows\system32\oakley.dll

2009-10-12 13:38 . 2006-06-17 09:23 149504 ----a-w- c:\windows\system32\rastls.dll

2009-10-12 13:38 . 2006-06-17 09:23 79872 ----a-w- c:\windows\system32\raschap.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-12-27_04.35.10 )))))))))))))))))))))))))))))))))))))))))

.

+ 2006-06-17 09:44 . 2010-01-05 00:02 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2006-06-17 09:44 . 2009-12-27 04:20 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2006-06-17 09:44 . 2010-01-05 00:02 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

- 2006-06-17 09:44 . 2009-12-27 04:20 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2009-12-27 08:59 . 2010-01-05 00:02 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2006-06-17 09:44 . 2009-12-27 04:20 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2009-12-27 21:29 . 2009-12-27 21:29 146944 c:\windows\Installer\383397.msi

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Power2GoExpress"="NA" [X]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-18 39408]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-05 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-05 688218]

"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]

"SigmatelSysTrayApp"="stsystra.exe" [2005-12-27 413696]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-06 98304]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]

"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-26 198160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

BigFix.lnk - c:\program files\BigFix\bigfix.exe [2006-10-5 2168360]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

2006-05-24 02:22 573440 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\java.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/14/2009 5:29 PM 130936]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [9/20/2008 10:14 AM 93320]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [3/17/2009 8:41 PM 348752]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

.

Contents of the 'Scheduled Tasks' folder

2006-12-26 c:\windows\Tasks\ISP signup reminder 1.job

- c:\windows\system32\OOBE\oobebaln.exe [2006-06-17 00:12]

2009-08-15 c:\windows\Tasks\McDefragTask.job

- c:\program files\mcafee\mqc\QcConsol.exe [2007-06-19 16:22]

2010-01-03 c:\windows\Tasks\McQcTask.job

- c:\program files\mcafee\mqc\QcConsol.exe [2007-06-19 16:22]

2009-12-18 c:\windows\Tasks\Norton Security Scan for Owner.job

- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-07-24 20:45]

.

.

------- Supplementary Scan -------

.

uStart Page = www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MP8708

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mStart Page = hxxp://www.yahoo.com/

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Search - ?p=ZUfox000

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

FF - ProfilePath - c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MP8708

FF - component: c:\documents and settings\Owner.ZEUS\Application Data\Mozilla\Firefox\Profiles\ypqe5xxp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll

FF - plugin: c:\documents and settings\Owner.ZEUS\Application Data\Move Networks\plugins\npqmp071505000011.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll

FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service

FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-01-04 22:24

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1280)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2010-01-04 22:27:03

ComboFix-quarantined-files.txt 2010-01-05 03:26

ComboFix2.txt 2009-12-27 04:37

Pre-Run: 82,071,547,904 bytes free

Post-Run: 82,045,165,568 bytes free

- - End Of File - - A0BA99095D9F02CEE15783FF7DC05B64

Link to post
Share on other sites

I just noticed a diferent problem, everytime IE is launched two windows open. When I go to close IE it always freezes and also if I try to change any settings for IE it will freeze/lock up. Could this be something left behind?

Link to post
Share on other sites

  • Staff

Hi,

My apologies for the delay.

Please update MBAM, run a Quick Scan, and post its log.

Next, please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.

  • Click Start Scanning.
  • You should get a notification bar (on top) to install the ActiveX control.
  • Click on it and select to install the ActiveX.
  • Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  • In case you are having problems with installing the ActiveX/starting the scan, please read here.
  • Click the Full System Scan button.
  • It will start to download scanner components and databases. This can take a while.
  • The main scan will start.
  • Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  • It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  • The cleaning can take a while, so please be patient.
  • Then click the Show report button and Copy/Paste what is present under results in your next reply.

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.