You can turn Teatimer back on now if you wish :)
You can delete RSIT and HJT now as they will probably be updated before you need them again.
Type: Posts; User: katana; Keyword(s):
You can turn Teatimer back on now if you wish :)
You can delete RSIT and HJT now as they will probably be updated before you need them again.
There is no infection that would be causing the problem now, the only thing I can suggest is that you start a new thread in the software room ( where your previous thread was moved to ).
It sounds...
Congratulations your logs look clean :)
Let's see if I can help you keep it that way
First lets tidy up
Uninstall Combofix
This will clear your System Volume Information restore points...
It could well be related to AOL, there are few things harder to get rid of than AOL ;)
It could also be a faulty hard drive, or a corrrupted boot sector.
If reinstalling AOL doesn't help, I would...
Not a problem, let's do it now :)
Custom CFScript
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box...
Step 1
Custom CFScript
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
DDS::
uInternet...
Let's try a different scanner
ROOTKIT REVEALER
Please download Rootkit Revealer
http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx
Scoll down to the bottom of the...
That looks fine, just a few cookies and a false positive.
How is Spybot running now ?
There are still a few leftover items showing in your logs.
----------------------------------------------------------------------------------------
Step 1
Disable Teatimer
We need to disable...
Please try this scan instead
Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- Vista users should start IE by Start(Vista Orb) >>...
OK, thanks for letting me know.
The following is some info to help you stay safe and clean.
You may already have some of the following programs, but I include the full list for the benefit of...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Hello and welcome to the forums
My name is Katana and I will be helping you to remove any infection(s) that you may have.
Please observe these rules while we work:
Please Read All...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
Due to inactivity, this thread will now be closed.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
No problem, let me know if you have any more trouble with Kaspersky.
Yes, run Defogger then run GMER and once we have the GMER log use Defogger to re-enable.
When did it say this ?
----------------------------------------------------------------------------------------
Step 1
Please download DeFogger to your desktop. Double click DeFogger to run...
The bittorrent entries are probably just leftovers in the firewall list. I'll remove them during the clean.
Please try running this program and then run GMER again.
Please download DeFogger to...
I do apologise for the delay I wasn't notified of your reply, and as you noticed the forum software said I was the last poster so I didn't check the thread.
If I don't reply within 24 hours,...
Clear Java Cache
Click Start > Control Panel.
Double-click the Java icon in the control panel. (looks like a coffee cup)
On the General Tab Click Settings (under Temporary Internet Files.)...
It depends what you mean by "trying to hide"
Winpatrol doesn't detect rootkits, but it will notify you of changes to certain areas of the registry.
To disable a program from startup with...
How are things running now ?
Step 1
Restart your computer
As soon as the machine starts to reboot, press the Up or Down arrow keys
Before Windows loads, you will be prompted to choose...
Please move MBR.exe directly on to your C:\ drive then do the following
click Start > Run
Type in mbr.exe -f
(Note the space between mbr.exe and -f)
Then click OK.
When you have...
REMOVE P2P PROGRAMS
IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
BitTorrent_DNA
BitTorrent
Please read the Guidelines for...
Download GMER's MBR.exe to your desktop.
Double click on the MBR.exe file to run it. A log will be produced, MBR.log.
Please open this log in Notepad and post its contents in your next reply.
Not yet, we will run that again later.
There is no sign of any infection there ?
Let's have a last couple of scans to make sure.
----------------------------------------------------------------------------------------
Step 1
...
Congratulations your logs look clean :)
Let's see if I can help you keep it that way
First lets tidy up
Uninstall Combofix
This will clear your System Volume Information restore...
OTMoveIt
Please download OTM by OldTimer and save it to your desktop
Double-click OTM.exe to run it.
Copy the lines in the codebox below. ( Make sure you include :Processes )
:Processes...
GMER can be temperamental, so I wouldn't worry about that too much.
Generally, if you do a fix and the problem keeps coming back you should get a check up by us :)
Did you figure out how to use...
Please download DeFogger to your desktop. Double click DeFogger to run the tool.
The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes...
There is no obvious sign of any problems in your log, but we will look a bit deeper.
One thing to note, I see you have WinPatrol and TeaTimer running. You only need one of those active as they...
----------------------------------------------------------------------------------------
Step 1
Custom CFScript
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK)...
Do you have the GMER Log ?
----------------------------------------------------------------------------------------
Step 1
Malwarebytes' Anti-Malware
I notice that you have MBAM installed, please do the following
...
Just disable you antivirus using the instructions in the link I posted, and then double click Combofix.exe and follow the on screen prompts.
It's dead easy :)
I see that you used Combofix, if you still have the log please post it.
If not, please do the following .....
Download and Run ComboFix
Please delete the copy of ComboFix that you have and...
Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:
Bleeping Computer ComboFix Tutorial
You must download it to and run it...
These programs don't install.
Just delete the .exe file for each program.
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...
Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar...