Rorschach112

Managers
  • Content Count

    425
  • Joined

  • Last visited

Everything posted by Rorschach112

  1. hi Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL IE - URLSearchHook: 03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found IE - URLSearchHook: 930f1200-f5f1-4870-bac6-e233ec8e7023} - Reg Error: Key error. File not found IE - URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.tsoxprid: "ZKfox002RWUS" FF - prefs.js..keyword.URL: "http://search.mywebsearch.c
  2. can you post the logs, not attach them. Don't make a topic for each one either
  3. hi Download OTL to your desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. Under Custom Scan paste this in netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %systemroot%\System32\antiwpa.dll %systemroot%\SYSTEM32\wpa.dll %systemroot%\setup\scripts\biestart.exe %systemroot%\system32\drivers\royal.sys %systemroot%\system32\oobe\AntiWPA_Crypt.dll %TEMP%\antiwpa_crypt.dll %TEMP%\ant
  4. You were told to validate your Windows before getting help. You said you did that but the subsequent WGA Test showed that it wasn't validated.
  5. You still haven't validated your Windows, and you have lied to me about doing it Since this is a very clear sign of a pirated Windows, which we do not help fix, I am going to close this. Microsoft has a program for people who unknowingly receive counterfeit software:
  6. hi Please run the MGA Diagnostic Tool and post back the report it shall produce: Download MGADiag to your desktop. Double-click on MGADiag.exe to launch the program Click "Continue" Ensure that the "Windows" tab is selected (it should be by default). Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard. Paste the MGA Diagnostic Report back here in your next reply.
  7. You need to validate windows before we can help
  8. hi Download Rooter.exe to your desktop Then doubleclick it to start the tool A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
  9. hi Download Rooter.exe to your desktop Then doubleclick it to start the tool A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
  10. hi Please run the MGA Diagnostic Tool and post back the report it shall produce: Download MGADiag to your desktop. Double-click on MGADiag.exe to launch the program Click "Continue" Ensure that the "Windows" tab is selected (it should be by default). Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard. Paste the MGA Diagnostic Report back here in your next reply.
  11. hi Download OTL to your desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. Under Custom Scan paste this in netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %systemroot%\System32\antiwpa.dll %systemroot%\SYSTEM32\wpa.dll %systemroot%\setup\scripts\biestart.exe %systemroot%\system32\drivers\royal.sys %systemroot%\system32\oobe\AntiWPA_Crypt.dll %TEMP%\antiwpa_crypt.dll %TEMP%\ant
  12. Yoog Search and its variations is a FireFox hijacker whose goal is to re-direct your searches and force you to use their search engine ( Yoog Search ). It also installs a Yoog Search Bar in Mozilla Firefox, which you can see below in the screenshots You will get popups from Contextual ads by Blueskyadagency, Addestination and Snappyads as well. Symptoms : Although its easy to tell whether you have this infection just from using your browser, here are some other symptoms. It drops the following files ( among others ) onto your PC C:\Program Files\Mozilla Firefox\searchplugins\Yoog.xml C:\Pro
  13. OTL allows us to scan for a lot more areas and do pretty much whatever we want to look for malware. It offers huge versatility, great power, and ease of use. More and more forums are turning to OTL now, I'd expect for it to keep increasing myself.
  14. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  15. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  16. hi Download Rooter.exe to your desktop Then doubleclick it to start the tool A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
  17. hi Download Rooter.exe to your desktop Then doubleclick it to start the tool A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
  18. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  19. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.
  20. your logs are clean Now we need to create a new System Restore point. Click Start Menu > Run > type (or copy and paste) %SystemRoot%\System32\restore\rstrui.exe Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close. Next goto Start Menu > Run > type cleanmgr Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the syst
  21. hello Please download ATF Cleaner by Atribune. Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. Please d
  22. hello Run OTList2.exe Under the Custom Scans/Fixes box at the bottom, paste in the following :OTLI PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) SRV - (ccEvtMgr [On_Demand | Stopped]) -- File not found SRV - (ccISPwdSvc [On_Demand | Stopped]) -- File not found SRV - (ccProxy [Auto | Stopped]) -- File not found SRV - (ccSetMgr [Auto | Stopped]) -- File not found SRV - (navapsvc [Auto | Stopped]) -- File not found SRV - (NSCService [Auto | Stopped]) -- File not found SRV - (SAVScan [On_Demand | Stopped]) -- File not found SRV - (SNDSrvc [On_Demand | Stopped]) -- File not found SRV - (SP
  23. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  24. don't edit the Rooter log, post it all
  25. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on. Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your