Hi likaleica,
Remove Rapport
Rapport may interfere with some of the tools we use. Please uninstall it. You can re-install it later if you choose.
Click on Start...then... Click the Search...
Type: Posts; User: diver79; Keyword(s):
Hi likaleica,
Remove Rapport
Rapport may interfere with some of the tools we use. Please uninstall it. You can re-install it later if you choose.
Click on Start...then... Click the Search...
Hi and welcome to Safer-Networking.
My name is Diver79, and I will be helping you with your malware problems.
Before we start please note the following important guidelines.
The...
Hi rayben,
You can allow the FWUPDATE.exe prompt to continue. It is looking to check for updates for your cd-rom firmware.
let me know what browser you use so I can help you fix the download...
See instructions below for disabling the built in admin account.
Open the Start menu, and type lusrmgr.msc in the search line and press Enter.
Expand the Users folder in the left hand pane.
...
Hi rayben,
Run OTL Script
We need to run an OTL Fix
Right click OTL.exe and select Run as Administrator to start the program.
Copy and Paste the following code into the...
Hi rayben,
The junction log looks fine. The folder locations you mentioned are hidden protected operating system files. There is no need to try to access them at all. Some of these are known as...
Hi rayben,
Try splitting the log into two, or three posts like you previously did with the OTL logs.
diver
Hi rayben,
Lets try Junction again. This should list all of the files you do not have access to so we can fix them.
Please download Junction.zip and save it to your desktop.
Right click...
Excellent! Are you still getting access denied errors when accessing your files?
Hi Rayben,
No I haven't got the otl or the mbam scan report yet. The previous log looked like an mbam log but it wasn't the scan log.
Try running spybot as adminiatrator. Right click on the spybot icon and then select Run as Administrator. You should be able to disable teatimer now.
Hi rayben,
Looks like you have teatimer running, it may interfere with our fixes. Please disable it using the instructions in this post.
Create a System Restore Point
Right-click on the...
Hi rayben,
I cannot see any file attached. You can split it in two posts if you prefer.
thanks,
diver79.
Hi rayben,
The fix looks to have ran successfully. You still need to run the OTL scan though, see instructions below.
OTL Scan
Right click on OTL.exe and select Run as Administrator to run...
Hi rayben,
Looks like you do have Admin access!
No need to post future logs as attachments, just paste them straight into your reply.
A few more fixes needed, please see instructions below....
Good work, you have some malware that needs to be removed, we will remove this and then look at the permissions issue.
OTL - Custom Fix
Please right-click on the filename link below and select...
Hi rayben,
You should not need admin access to extract files, you will however need admin access for many of the tools we use to remove infections. Is there another user account on this computer...
Hi and welcome to Safer-Networking, sorry for any delay in answering your request for help, the forum is really busy.
My name is Diver79, and I will be helping you with your malware problems.
...
You're very welcome!
Safe surfin!
Congratulations your PC is now feee from infection :) Follow the below steps to remove infected restore points and tighten your systems security.
Clear infected Restore Points with OTL
We need...
Hi Olgita,
Looks much better. How is the PC running now? Any more redirects?
Hi Olgita,
Search Conduit showed up in the logs which could account for the redirects. We will remove it with a custom OTL fix
First, we need to remove some programs from the PC. You have two...
Hi Olgita,
Good work on getting the logs. I have no idea what caused the tools to not work. There is no infection showing in the logs.
Are you using the full zonealarm suite or just the...
Hi Olgita,
Lets try booting to safe mode and then running the tools.
Boot into Safe Mode
Reboot your computer in Safe Mode.
If the computer is running, shut down Windows, and then turn...
Hi Olgita,
I think one of your security programs may be preventing the programs from running. See instructions below to disable them and run the scans again.
Disable CA Pest Patrol Realtime...
Hi Olgita,
The infection may be preventing the tools from opening. We're going to try a different method to get them running. This requires that malwarebytes is installed, if you have uninstalled...
Thats quite alright Olgita,
Now lets get on with looking for the infection
TDSSKiller
Please download TDSSKiller.exe and save it to your Desktop.
Right click on TDSSKiller.exe and select...
Hi Olgita,
Thank you for the logs.
The reason I ask is that you have Microsoft Office Enterprise edition installed on this machine. This version of Office is only available to Business' through...
Hi Olgita,
Entries in the log lead me to believe this computer may connect to a business network. Please confirm whether or not this computer is a company-owned computer, a computer used for...
Hi and welcome to Safer-Networking, sorry for any delay in answering your request for help.
My name is Diver79, and I will be helping you with your malware problems.
Before we start please note...
Hi Canyoufixitdad,
Have you decided what you would like to do?
If you still require assistance I can keep this post open. Otherwise I will need to close the topic.
diver79.
Hi JamesDinArk,
I'm afraid I have some bad news...
Rootkit Warning
Your computer has a dangerous Rootkit infection. A rootkit is a set of software tools intended for concealing running...
Hi and welcome to Safer-Networking,
My name is Diver79, and I will be helping you with your malware problems.
Before we start please note the following important guidelines.
The...
Hi Canyoufixitdad,
I understand that you need all the time you have to be there for your family. I will try to accommodate you as best I can.
In order to re-install Windows on this machine you...
No problem, you can post your questions here. It is against forum policy to provide support via PM.
diver79.
Hi Canyoufixitdad,
No need to panic, the warnings I have given you are a precautionary measure. Having this infection means that it is possible for a remote user to ascertain sensitive information...
Hi Canyoufixitdad,
I'm afraid I have some bad news for you...
Rootkit
Your computer has a dangerous Rootkit infection. A rootkit is a set of software tools intended for concealing running...
Hi Canyoufixitdad
Remove P2P Programs
I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
Please read the File Sharing, otherwise known as...
Hi Canyoufixitdad,
Please run the scans below and get back to me with the logs.
Run CKScanner
Please download CKScanner from Here
Important: - Save it to your desktop.
Double-click...
Hi and welcome to Safer-Networking, sorry for any delay in answering your request for help.
My name is Diver79, and I will be helping you with your malware problems.
Before we start please note...
Excellent you should be all set now then. Just make sure you have updated Adobe Reader to the latest version.
Safe Surfin!
I think you may be right, just download Combofix to your desktop again and then run the uninstall command I posted earlier
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Combofix would not have added this back. I would recommend leaving it installed and updating it to the latest version.
Try just installing the latest version of Adobe Reader from here. Run the...
Hi rockmypunkk,
You can try removing Adobe Reader with Revo Uninstaller
Just install the Program and run it. Select the program you want to remove (Adobe) and select the Uninstallation mode you...
No problem, just continue with the rest of the instructions.
Hi rockmypunkk,
Good idea, stopzilla is not a prgram I would recommend. Lets remove it now along with some other out of date programs
Click on start
Then Run
In the open text entry box...
Minitoolbox shows no issues that would affect your wireless card. You appear to be connected to it now. Are you still having issues with it? If so, please describe.
Also let me know if there are...
Please run minitoolbox now.
MiniToolBox
Please download MiniToolBox© by farbar and save it to your desktop. Click here.
Double click on MiniToolBox.exe to run it.
Please check (tick) the...
OK, we know combofix is working so we will use that. See instructions below and then follow the MiniToolBox instructions in the earlier post.
ComboFix - CFScript
This script is for this user and...
Be sure to follow the above mbam instructions, then follow the below instructions and make sure to reboot the computer before attempting the OTL fix again.
Disable Stopzilla
Right-click the...