Search:

.hello
i would like to please ask for help with my daughters laptop
the problem is that every time she types in the adress bar it rederects her to a gray pop up window that says...

I would like to thank Ken for all his time and wisdom:D::rockon:

ok,good. thanks so much again for all your hard work, everything is running great! :thanks:

Thanks Ken for the AV info, I might invest in something better, Rogers comes with my internet service...
I changed the DNs to automatic, so just leave it like that forever?
Is my Teatimer ready to...

I found it it was an old version so I updated it. Also did the clean up.
Ken, do you think Rogers AV is sufficient, or should i get a different one?

Ken,
I don't see java there at all?

hello
Ken everything seems back to normal, if not better. :)thank you so much for your patience. Would you sugest i keep those scans we downloaded for regular use?

Good morning.
it's gone I tried several times and it's no longer there.:D How were the scans?

..and the next one

All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES...

Hi Ken,
Here is the log

All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES...

Hello again..
Good news...I went to the banking website and the pop up is GONE:thanks:
Something must have worked even though it gave me the error msgs!

Hello,
Ken I followed your instruction and I'm getting an error saying unable to query host name.

...yes :( it's only on that one page.

so I did it and before it even finished (i think) it said something about connection and (judging by the screaming coming from my sons room he lost his connection)and it rebooted.

ok, did it, do I run the script now? should I restart first?

I did that, however when right click on DNS client the option to stop is not highlighted, it says it is disabled.

Hey, me again..so I figured out how to run it so please ignore my previous post.
It said the same message, it was not able to remove it.
I am hooked up to the router again, would that make a...

Hello Ken.
I don't see Rogers Protection under startup- it is under services, is that the one I'm turning off? also should I turn off tea timer, I noticed it was there in the start up menu....

Hey Ken:
Looks like it's gone! :)
What could that pop up be?
Here are the results:

MeMedia.AdVantage: [SBI $C67BB47E] Autorun settings (AdVantage) (Registry value, nothing done)
...

I was but I disconnected it when you asked.

..noo...:confused: the pop up is there...should I run a spybot scan?

All processes killed
========== PROCESSES ==========
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value...

Just went to the banking website, and the pop up is still there:sad:
So I ran Spybot and click.gitfload showed up again..:here is the report :


MeMedia.AdVantage: [SBI $C67BB47E] Autorun...

new OTL log.
Hi Ken,
Everything seems ok.

All processes killed
========== PROCESSES ==========
========== OTL ==========
Service TrackMSN stopped successfully!
Service TrackMSN deleted...

All processes killed
========== PROCESSES ==========
========== OTL ==========
Service TrackMSN stopped successfully!
Service TrackMSN deleted successfully!
File File not found not found....

...sorry Ken, just as an FYI I tried my online banking and that flippin' popup is still showing up..(asking for my SIn and telephone banking password)
that is the only thing, no other re-directs are...

Please ignore my previous post, i figured out the removal part.
Here is the new log:

OTL logfile created on: 4/21/2011 7:13:30 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder =...

Ken...
Those 2 sharing programs were installed by my son...I thought that I uninstalled them long ago, so why do they still show up on the logs??
Same with the Ask toolbar I can not find it in the...

OTL logfile created on: 4/21/2011 4:32:24 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\isabella\My Documents\Downloads
Windows XP Home Edition Service Pack 3...

Ken,
Eset came back with no threats found..? so no log was produced.
I will run it again just in case I messed up.
I looked for the Ask toolbar to try to remove it, and could not find it..? ...

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper...

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper...

OTL Extras logfile created on: 4/20/2011 7:24:28 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\isabella\My Documents\Downloads
Windows XP Home Edition Service...

...sorry for the delay Ken...here we go:OTL.TXT


OTL logfile created on: 4/20/2011 7:24:28 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\isabella\My...

HI Ken,
this is the malware scan...

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6408

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

Good morning!
I will run the required scans right after work....just a question though...after removing the rootkit, I tried to go to my online banking page and I got a fraudulent page asking for my...

hello there,
thank you so much for your assistance:)
Here is the log you requested:





2011/04/19 20:37:02.0671 1864 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/19...

hello there,
I seem to have an issue with click load that sd spybot removes each time I run it, however it always comes back.
Any help would be greatly appreciated...:(
My DDS
.
DDS...