Jump to content

PC Hijacked - Malwarebytes wont run


Recommended Posts

Hi

Any help will be appreciated

Most programs seem to run apart from Antivirus and Antimalware. I have tried Malwarebytes and it runs for a few seconds then exits. Avast wont start. Super Anti SPyware does the same as does Hijack This. I have followed the suggestions on this forum and here are the results:

DDS Log:

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18

Run by User at 19:42:31 on 2011-07-30

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3317.2704 [GMT 2:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Gaming Mouse\Gaming 3.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.za/

uSearch Page =

uSearch Bar =

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant =

BHO: AutorunsDisabled - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: PDFCreator Toolbar Helper: {c451c08a-ec37-45df-aaad-18b51ab5e837} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: PDFCreator Toolbar: {31cf9ebe-5755-4a1d-ac25-2834d952d9b4} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

uRun: [<NO NAME>]

uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033

mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

mRun: [Gaming 3] "c:\gaming mouse\Gaming 3.exe" /hide

mRun: [WTClient] WTClient.exe

mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\user\startm~1\programs\startup\nikonm~1.lnk - c:\program files\common files\nikon\monitor\NkMonitor.exe

mPolicies-system: LogonType = 1 (0x1)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download All by ASUS Download - c:\program files\asus\wl-500w wireless router utilities\ASDownloadAll.htm

IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm

IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm

IE: Download using ASUS Download - c:\program files\asus\wl-500w wireless router utilities\ASDownload.htm

IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm

IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

LSP: mswsock.dll

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272796044937

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E9A5DC30-89DD-4222-8D7B-DF774082AB8E} - hxxp://www.dvr-cctv.net/eng/GVR520/activex/WebVxPlayer.ocx

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{FFA5506F-FD3F-4E08-8053-1B84626A0E48} : DhcpNameServer = 192.168.0.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\mh2u027e.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.za/

FF - prefs.js: keyword.URL - hxxp://www.smartwebsearch.net/index.php?form=5&q=

FF - plugin: c:\documents and settings\user\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\mh2u027e.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll

FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\mh2u027e.default\extensions\maps@ovi.com\plugins\npNMapNPRresources.dll

FF - plugin: c:\program files\gamespy\comrade\npcomrade.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

.

============= SERVICES / DRIVERS ===============

.

R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2008-6-4 156800]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-30 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-5-25 309848]

R1 crportio;crportio;c:\program files\scanseer\i386\crportio.sys [2008-7-10 11056]

R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2008-5-27 3026]

R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [2010-6-11 51072]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-12 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-5-25 19544]

R2 IOPort;IOPort;c:\windows\system32\drivers\IOPORT.SYS [2001-3-1 6144]

R3 k57w2k;Broadcom NetLink Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [2011-5-15 214568]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 19720]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-12-28 14856]

R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\PTSimBus.sys [2009-6-22 23208]

R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\drivers\vodafone_K3805-z_dc_enum.sys [2010-9-1 80000]

S1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [2010-6-11 362240]

S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-7-30 42184]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\GoogleUpdate.exe [?]

S2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [2010-5-15 45440]

S2 SqueezeMySQL;SqueezeMySQL;c:\progra~1\squeez~1\server\bin\mswin3~1\mysqld.exe --defaults-file=c:\docume~1\alluse~1\applic~1\squeez~1\cache\my.cnf squeezemysql --> c:\progra~1\squeez~1\server\bin\mswin3~1\mysqld.exe --defaults-file=c:\docume~1\alluse~1\applic~1\squeez~1\cache\my.cnf SqueezeMySQL [?]

S2 VmbService;Vodafone Mobile Broadband Service;"c:\program files\vodafone\vodafone mobile broadband\bin\vmbservice.exe" --> c:\program files\vodafone\vodafone mobile broadband\bin\VmbService.exe [?]

S3 AF9035BDA;AF9035 BDA Devices;c:\windows\system32\drivers\AF9035BDA.sys [2009-9-11 241792]

S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\usbblstr.sys [2008-12-26 57536]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-5-15 1684736]

S3 cyg_bus;Cygnal USB Composite Device driver (WDM);c:\windows\system32\drivers\cyg_bus.sys [2011-7-12 51040]

S3 cyg_ser;CP2101 USB to UART Bridge Controller Drivers;c:\windows\system32\drivers\cyg_ser.sys [2011-7-12 82704]

S3 CyUSB;CyUSB;c:\windows\system32\drivers\CyUSB.sys [2008-5-13 31872]

S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [2008-9-27 34639]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\googleupdate.exe /medsvc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2008-9-30 28672]

S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-6-11 9216]

S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\5.tmp --> c:\windows\system32\5.tmp [?]

S3 NDMSHLP;Device Monitor Helper Driver;c:\program files\common files\hhd software\device monitor\NDMSHLP.sys [2005-5-24 7632]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]

S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [2010-5-15 56960]

S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\PTSimHid.sys [2009-6-22 14504]

S3 Rigolusb;Rigol usbtmc;c:\windows\system32\drivers\Rigolusb.sys [2006-9-1 36090]

S3 SerMon;Serial Monitor Filter Driver;c:\program files\hhd software\free serial port monitor\sermon.sys [2005-5-24 18432]

S3 slicedisk.sys;slicedisk.sys;c:\windows\system32\slicedisk.sys [2008-6-21 8832]

S3 WlanUIG;EDUP 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [2010-4-18 376224]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2011-3-13 114688]

S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [2011-3-13 105856]

S4 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2007-4-10 13696]

S4 BS_Flash;BS_Flash;\??\c:\program files\bios\bios flash\bs_flash.sys --> c:\program files\bios\bios flash\BS_Flash.sys [?]

S4 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [2007-4-10 8192]

S4 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2008-6-4 5248]

S4 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\elbyvcd.sys --> c:\windows\system32\drivers\ElbyVCD.sys [?]

S4 EyelineService;Eyeline Service;c:\program files\nch software\eyeline\eyeline.exe [2009-6-14 425988]

S4 T3Srv;FLIR Systems Camera Monitor;c:\program files\flir systems\flir device drivers\flir t3srv\sysx86\T3Srv.exe [2009-6-16 456632]

.

=============== File Associations ===============

.

.txt=TXT_File

.

=============== Created Last 30 ================

.

2011-07-30 16:28:47 -------- d-----w- c:\documents and settings\user\application data\SUPERAntiSpyware.com

2011-07-30 16:28:47 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-07-30 16:28:38 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-07-30 16:20:35 388096 ----a-r- c:\documents and settings\user\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-07-30 15:30:56 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-30 09:21:33 44560 --sha-w- c:\windows\system32\c_52790.nl_

2011-07-30 09:18:02 -------- d-----w- c:\program files\Trend Micro

2011-07-17 13:27:05 -------- d-----w- c:\program files\gerbv-2.5.0

2011-07-16 17:24:32 -------- d-----w- c:\documents and settings\user\local settings\application data\CutePDF Writer

2011-07-12 16:02:27 82704 ----a-w- c:\windows\system32\drivers\cyg_ser.sys

2011-07-12 16:02:27 6112 ----a-w- c:\windows\system32\drivers\cyg_cmnt.sys

2011-07-12 16:02:27 6112 ----a-w- c:\windows\system32\drivers\cyg_cm.sys

2011-07-12 16:02:27 5776 ----a-w- c:\windows\system32\drivers\cyg_whnt.sys

2011-07-12 16:02:27 5776 ----a-w- c:\windows\system32\drivers\cyg_wh.sys

2011-07-12 16:02:27 51040 ----a-w- c:\windows\system32\drivers\cyg_bus.sys

2011-07-12 16:02:26 -------- d-----w- c:\program files\Cygnal

2011-07-12 15:56:46 -------- d-----w- C:\Cygnal

2011-07-09 15:49:23 -------- d-----w- c:\documents and settings\user\application data\Synapse

2011-07-09 15:48:49 -------- d-----w- c:\program files\Portal

2011-07-07 19:43:39 -------- d-----w- c:\program files\CEL

2011-07-03 21:28:26 -------- d-----w- c:\program files\GPLGS

2011-07-03 21:27:14 87552 ----a-w- c:\windows\system32\cpwmon2k.dll

2011-07-03 21:27:06 -------- d-----w- c:\program files\Acro Software

.

==================== Find3M ====================

.

2011-07-30 09:22:16 115200 ----a-w- c:\windows\system32\drivers\redbook.sys

2011-07-30 09:21:36 362240 ----a-w- c:\windows\system32\drivers\ext2fs.sys

2011-07-27 21:38:39 138832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-07-27 21:38:30 202024 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-07-18 10:43:51 900 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys

2011-07-06 17:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-06 17:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr

2011-05-25 04:21:44 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys

2011-05-25 04:15:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll

2011-05-25 03:53:14 57344 ----a-w- c:\windows\system32\aticalrt.dll

2011-05-25 03:53:06 53248 ----a-w- c:\windows\system32\aticalcl.dll

2011-05-25 03:47:42 17989632 ----a-w- c:\windows\system32\atioglxx.dll

2011-05-25 03:42:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll

2011-05-25 03:14:06 4059328 ----a-w- c:\windows\system32\ati3duag.dll

2011-05-25 03:07:40 956160 ----a-w- c:\windows\system32\ativvamv.dll

2011-05-25 03:05:18 503808 ----a-w- c:\windows\system32\atiok3x2.dll

2011-05-25 02:58:28 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2011-05-25 02:56:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll

2011-05-25 02:55:58 302592 ----a-w- c:\windows\system32\ati2dvag.dll

2011-05-25 02:54:56 3152384 ----a-w- c:\windows\system32\ativvaxx.dll

2011-05-25 02:39:28 212992 ----a-w- c:\windows\system32\atipdlxx.dll

2011-05-25 02:39:16 155648 ----a-w- c:\windows\system32\Oemdspif.dll

2011-05-25 02:39:08 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe

2011-05-25 02:39:00 43520 ----a-w- c:\windows\system32\ati2edxx.dll

2011-05-25 02:38:52 64512 ----a-w- c:\windows\system32\atimpc32.dll

2011-05-25 02:38:52 64512 ----a-w- c:\windows\system32\amdpcom32.dll

2011-05-25 02:38:50 188416 ----a-w- c:\windows\system32\ati2evxx.dll

2011-05-25 02:37:34 647168 ----a-w- c:\windows\system32\ati2evxx_exe_1312045610.arl

2011-05-25 02:36:10 53248 ----a-w- c:\windows\system32\ATIDDC.DLL

2011-05-25 02:34:52 151552 ----a-w- c:\windows\system32\atiapfxx.exe

2011-05-25 02:31:28 651264 ----a-w- c:\windows\system32\atikvmag.dll

2011-05-25 02:27:52 200704 ----a-w- c:\windows\system32\atiadlxx.dll

2011-05-25 02:27:36 17408 ----a-w- c:\windows\system32\atitvo32.dll

2011-05-25 02:22:34 856064 ----a-w- c:\windows\system32\ati2cqag.dll

2011-05-24 21:44:26 59904 ----a-w- c:\windows\system32\OVDecode.dll

2011-05-24 21:43:50 12798976 ----a-w- c:\windows\system32\amdocl.dll

2011-05-07 17:10:56 14336 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys

.

============= FINISH: 19:43:38.37 ===============

GMER Logs attached

ark.txt

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

  • If you use Firefox browser
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.