Hi usa_akagi,
Welcome to Safer Networking. :)
Sorry for the delay, we are swamped with logs.
With reference to Safer Networking's P2P Programs policy, please uninstall the following P2P...
Type: Posts; User: ndmmxiaomayi; Keyword(s):
Hi usa_akagi,
Welcome to Safer Networking. :)
Sorry for the delay, we are swamped with logs.
With reference to Safer Networking's P2P Programs policy, please uninstall the following P2P...
Hi GKMCGURL,
Welcome to Safer Networking. :)
Sorry for the delay, we are swamped with logs.
If you still need help, please post a new HijackThis log.
In addition, please post the...
Hello,
Is everything fine so far?
Glad to hear that. :)
Now that your computer is clean, please remove Combofix.
Remove Combofix
Click on Start > Run. Copy and paste in ComboFix /u and click OK. An image is below for...
Hello,
If you have no other issues, you can assume that. :)
System Restore points are expected to be infected, but not to worry about them. They are harmless, until you do a system restore.
Hello,
Update Adobe Reader
Please uninstall Adobe Reader 7.1.0 before installing the latest version by going to Start > Control Panel and double clicking on Add/Remove Programs. Locate Adobe...
Hello,
Please do not remove anything from System Volume Information. It's Windows System Restore folder.
That will break System Restore. :sad:
Other than than infected files in System Volume...
Hello again.
If you have any USB drives, please do the following:
Open My Computer.
Go to Tools > Folder Options.
Select the View tab.
Scroll down to Hidden files and folders.
Select...
Hello,
Please download Malwarebytes' Anti-Malware and save it to a convenient location.
Double click on mbam-setup.exe to install it.
Before clicking the Finish button, make sure that these 2...
Okie. If you're still experiencing problems, you can try these sites for help. ;)
Tech Support Forum
What the Tech Forums
I will leave this open for a few more days.
No worries about the extra log. :)
It's helpful to us. You've done everything correctly as well. ;)
The logs look good.
Any issues?
They aren't active in Safe Mode. ;)
Can you try it in Safe Mode?
There's a lot of changes that needs to be made, and Teatimer will interfere. Hopefully, Safe Mode won't.
Hello,
You can ignore the first 2 steps for disabling Spybot Teatimer.
Hello,
Step 1
Disable avast! Antivirus temporarily
Please disable avast! Antivirus as it may interfere with the fixes. Remember to re-enable it back before posting the logs.
Right click...
Hello,
Please download Malwarebytes' Anti-Malware and save it to a convenient location.
Double click on mbam-setup.exe to install it.
Before clicking the Finish button, make sure that these 2...
Hello,
Do you own any NEC products?
Sorry, I had given the wrong link. :red:
Please use this link - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html
Hello,
Please visit this website - http://www.bleepingcomputer.com/submit-malware.php?channel=1
In the Link to topic where this file was requested field, copy and paste in...
Hello,
Step 1
Please go to Virus Total or Jotti and upload C:\Drivers\SECEDIT.EXE for scanning.
For Virus Total
Please copy and paste C:\Drivers\SECEDIT.EXE in the text box next to the...
Hello,
What do you mean by explorer.exe is slow?
Does your desktop takes a long time to show?
Or do you mean when you double click on Computer, it takes some time to open?
Hello,
Please download Deckard's System Scanner from Tech Support Forum and save it to your desktop. Note: You must be logged onto an account with administrator privileges.
Save all your work...
Hello,
Update Adobe Reader
Please uninstall Adobe Reader 8.1.2 before installing the latest version by going to Start > Control Panel and double clicking on Add/Remove Programs. Locate Adobe...
Thank you very much. :)
I shall see you when you're back.
You can fix the download issues by saving it to your desktop or your documents folder.
It's caused by Windows UAC. Vista users practically have no privileges to save files anywhere they like...
Sorry, I've got the wrong file.
It should be named something like [4]-Submit_date@time.zip, where date and time are numbers.
Are you also running any programs when running the Kaspersky scan? A...
Hello,
Can you find this file on your desktop - date@time.zip ? Date and time are numbers.
If so, please upload it to here - http://www.bleepingcomputer.com/submit-malware.php?channel=4
...
Hello,
Please follow the instructions in my previous post to disable avast! Antivirus temporarily.
Open Notepad and copy and paste the following in the Code box into Notepad:
...
Hello,
Welcome to Safer Networking. :)
In future, please do not do this. Each and everyone's computer is different, and so are their infections. Running the different tools hinder our...
Hello,
Welcome to Safer Networking.
It has been over a week since your log was posted.
If you still need help, please post a new HijackThis log.
In addition, please post an Uninstall list:
Thank you.
I will get the developer to look at it and hopefully he has an answer soon.
Hi,
If you don't mind, we need one log to find out what's causing the false positive.
Please follow this post and post back the Malwarebytes' Anti-Malware log -...
Welcome to SN. :police:
That's good to hear. :)
As the issue is resolved... this topic is now closed. Please contact a member of the moderating team if you need it re-opened. This applies to the original topic starter....
C:\cmdcons folder - This folder will be created when you install Recovery Console. I had you do this when you ran Combofix.
C:\Combofix - Probably Combofix has some trouble removing itself. You...
Yup, it's safe to post logs directly from that computer from now on, although it's no longer required now. Your computer is clean as far as I can see. :)
Unless there are more issues, you needn't...
Hi,
You're right that some of your System Restore points are infected. System Restore doesn't help in removing infections. It gives a false impression that the infection is not present when in...
Hi,
Your logs look good. :)
Please go to Kaspersky website to perform an online scan. [color=red]Please use Internet Explorer as it uses ActiveX.
Click on [b]Accept.
It will prompt you to...
Hi,
Glad that everything went smoothly. :)
Just some leftovers to clean up.
BitComet is installed on your computer. While BitComet is a clean P2P program, there's no guarantee that the files...
Hi,
Disable Spybot Teatimer temporarily
Please disable Spybot Teatimer temporarily as it may interfere with the fixes.
Right click the Spybot Icon in the system tray near the clock (looks...
Let's see if you are really good to go. :)
Please download Deckard's System Scanner from Tech Support Forum and save it to your desktop. Note: You must be logged onto an account with...
Yes, you should NOD32 as your antivirus. It's a good one. :)
Now that you are clean, we will need to remove the tools we use.
Remove Combofix
Click on Start > Run. Copy and paste in ComboFix...
Log looks good. :) Any other issues?
Yup, it looks good. :)
Please follow these steps to remove older version Java components and update.
Download the latest version of Java Runtime Environment (JRE) 6.0.
Scroll down to where...
If the infected mails are quarantined, it's OK.
Doesn't look very informative. :sad:
I see that you have NOD32 Antivirus. Does it has an email scanner? Please try scanning your whole system with NOD32 Antivirus.
The new Kaspersky scan doesn't look very informative. It showed that there are infected mails in your mail box, but it doesn't tell us what mails are infected. We aren't going to delete the whole...
I will pass your message along to the developer.
In the meanwhile, please do the following:
Please go to Kaspersky website and perform an online antivirus scan. Please use Internet Explorer as...
Great! :)
Delete tools used
Since we are done with the cleaning up, the tools are no longer. Please remove them.
Please delete these files and folder.
C:\Users\Little Haze...
There's no need to re-do.
Run ATF Cleaner
Download ATF Cleaner and save it to your desktop.
Double click on ATF-Cleaner.exe to run it.
Click on Main at the top.
Tick all the boxes...