-
Content Count
262 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by jwbirdsong
-
-
s it time to return this darn Dell and yell at the kids to stop downloading crap?
Yes it is....to both.
I tried to post yesterday and had some major issues, sorry for the delay.
Time for some housekeeping
- Click START then RUN
- Now type Combofix /u in the runbox and click OK
The above procedure will:
- Delete the following:
- ComboFix and its associated files and folders.
- VundoFix backups, if present
- The C:\Deckard folder, if present
- The C:_OtMoveIt folder, if present
[*] Reset the clock settings.
[*] Hide file extensions, if required.
[*] Hide System/Hidden files, if required.
[*] Reset System Restore.
- ComboFix and its associated files and folders.
I'm going to forgot the USUAL closing speech for you for couple of reasons. You've got most tools already. You've read enough of then here over last few year you know as well I do.
You also know you own mind and know what your system (read kid) needs on it.
One thing I did say in the post that never made it on yesterday is the following.
Result: 0 malware foundIn the many months I've been using this scanner this is a 1st for me.
LOTS of times I'll get a result of 1 found (cookies) but never a zero...even on my own boxes.
Good job
Glad I was able to help you a bit..if you need any other help/question let me know.
- Click START then RUN
-
Looks pretty good...couple of questionable file... the following should take care of them.
Download and scan with SUPERAntiSpyware Free for Home Users
- Double-click SUPERAntiSpyware.exe and use the default settings for installation.
- An icon will be created on your desktop. Double-click that icon to launch the program.
- If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
- Under "Configuration and Preferences", click the Preferences button.
- Click the Scanning Control tab.
- Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
[*] Click the "Close" button to leave the control center screen.
[*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
[*] On the left, make sure you check C:\Fixed Drive.
[*] On the right, under "Complete Scan", choose Perform Complete Scan.
[*] Click "Next" to start the scan. Please be patient while it scans your computer.
[*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
[*] Make sure everything has a checkmark next to it and click "Next".
[*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
[*] If asked if you want to reboot, click "Yes".
[*] To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
[*] Click Close to exit the program.
- Close browsers before scanning.
Please run the F-Secure Online Scanner
Note: This Scanner is for Internet Explorer Only!
- Click on the Start Scanning button at bottom of page.
- Accept the License Agreement and the ActiveX install.
- Once the ActiveX installs,Click Full System Scan
- Once the download completes,the scan will begin automatically.
- The scan will take some time to finish,so please be patient.
- When the scan completes, click the Automatic cleaning (recommended) button.
- Click the Show Report button and Copy&Paste the entire report to your Desktop for later posting.
Post
- SAS log
- F-Secure log
- Freh HijackThis log
in your next reply.
- Double-click SUPERAntiSpyware.exe and use the default settings for installation.
-
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
- Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
- Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
- Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
- Close ALL OTHER PROGRAMS.
- Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
- In the Drivers section click on Non-Microsoft.
- Under Additional Scans click the checkboxes in front of the following items to select them:
- Reg - BotCheck
File - Additional Folder Scans
[*]Do not change any other settings.
[*]Now click the Run Scan button on the toolbar.
[*]Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
[*]Save the file to your desktop or another place that you will be able to find it back.
- Reg - BotCheck
Use the Add Reply button and attach the scan file using the BROWSE button below where you type your response.
- Double-click ATF-Cleaner.exe to run the program.
-
Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts.
- When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
- Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
- Please attach extra.txt to your post.
To attach a file to a new post, simply
- Go to the Atachments section on the post composition page.(just below the text entry window), and
- copy and paste the following into the "Select a file" box: C:\Deckard\System Scanner\extra.txt
- Click Upload.
What DSS will do:
- create a new System Restore point in Windows XP and Vista.
- clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
- check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
Using Internet Explorer please do an online scan with Kaspersky Online Scanner
Click on Kaspersky Online Scanner
Click "I accept"
You will be prompted to install an ActiveX component from Kaspersky, Click Yes.- The program will launch and then start to download the latest definition files.
- Once the scanner is installed and the definitions downloaded, click Next.
- Now click on Scan Settings
- In the scan settings make sure that the following are selected:
- Scan using the following Anti-Virus database:
- Extended (If available otherwise Standard)
[*]Scan Options:
- Scan Archives
- Scan Mail Bases
- Extended (If available otherwise Standard)
[*]Click OK
[*]Now under select a target to scan select My Computer
[*]The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
[*]Now click on the Save report button.
[*]Call it Kaspersky.txt
[*]Expand the arrow beside "file types" and save as .txt file.
[*]Save the file to your desktop.
[*]Copy and paste that information in your next post.
- Scan using the following Anti-Virus database:
*Note
If you have Internet Explorer 7 installed:
If you have trouble getting past the initial download you may need to use the "zoom" tool at bottom right of the scanner window and increase it to 125% to see and press the "accept" button.
Page will reload and you should be able to carry on scan.
If the KAV log has your email all over it -- please attach it rather than copy/paste.
- The program will launch and then start to download the latest definition files.
- Close all applications and windows.
-
I have gained administrative control after running sfc /scannow and using Kelly's Korner.
What a great site, huh. and sfc was comming up on my list of to do's
I'm gonna assume you've trashed the Limewire folder. Doesn't look like Limewire is current/active at least.
Do you know what is in C:\Die MoFo folder? Just name is a little quirky... Could be from Trojan OR from you to KILL said Trojans.
Only thing I see off hand is C:\Documents and Settings\Lindy Calkins\Application Data\xxx.exe.
If unknown to you perhaps check it at VirusTotal and remove if infected.
I'm also not certian on this Safeboot key
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Oknx64.sys]
@=""I'll look into it.
I'd also like one other/last Online opinion when you have time.
Please run the F-Secure Online Scanner
Note: This Scanner is for Internet Explorer Only!
- Click on the Start Scanning button at bottom of page.
- Accept the License Agreement and the ActiveX install.
- Once the ActiveX installs,Click Full System Scan
- Once the download completes,the scan will begin automatically.
- The scan will take some time to finish,so please be patient.
- When the scan completes, click the Automatic cleaning (recommended) button.
- Click the Show Report button and Copy&Paste the entire report to your Desktop for later posting.
Post
- Fsecure results
- Fresh Dss log (main.txt only)
in your next reply.
PS Also You've kept/got McAfee disabled instead of uninstalled. By choice? Still valid perhaps and just as a backup?? No harm just curious.
- Click on the Start Scanning button at bottom of page.
-
Would you upload a copy of C:\WINDOWS\system32\hrum135.txt for me to HERE please.
Most times when a txt file is found as infected it's just cuz of a string in the file. In you case not so sure. IF it really is a text file.
Talking to OT about your error, he says he's seen that before when missing one of the crypo dll OR in your case
is Crypo svc running??I have finally gotten the Services to stay enabled.If we can't get a log there let's try another route
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
If, for some reason you are unable to get the CF log do the following please.
Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts.
- When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
- Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
- Please attach extra.txt to your post.
To attach a file to a new post, simply
- Go to the Atachments section on the post composition page.(just below the text entry window), and
- copy and paste the following into the "Select a file" box: C:\Deckard\System Scanner\extra.txt
- Click Upload.
What DSS will do:
- create a new System Restore point in Windows XP and Vista.
- clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
- check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
- Close all applications and windows.
-
Download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Reboot
Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
- Close any open browsers.
- If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
- Open the OTScanit folder and double-click on OTScanit.exe to start the program.
- Leave all the setting to the default except as noted below
- Under Additional Scans sections, check the following
- Reg - BotCheck
[*]Now click the Run Scan button on the toolbar.
[*]The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Save that notepad file
- Reg - BotCheck
If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
-
TheTerrorist_75 Welcome to BestTechie. Sorry you had to visit under these circumstances. ROFLMAO.... Just couldn't resist that.
Let's see if we can get you cleaned up the rest of the way.
Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
- Close any open browsers.
- If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
- Open the OTScanit folder and double-click on OTScanit.exe to start the program.
- Leave all the setting to the default except as noted below
- Check the box for Scan all user accounts
- Under Additional Scans sections, check the following
- Reg - BotCheck
- Reg - Disable MS Config items
- Reg - BotCheck
[*]Now click the Run Scan button on the toolbar.
[*]The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Save that notepad file
- Check the box for Scan all user accounts
If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.
- Close any open browsers.
-
Next download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Reboot and post
- MBAM report
- Fresh HijackThis log make AFTER the reboot
in your reply here.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
-
Just to add.
Two site no OE user should be with out.
Tom Koch's Inside OE and Dr. Steve Cochran's OE Help
-
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
-
See if you can upload it HERE
-
Nothing showing in your logs could just be a matter of cleaning out your temp/TIFs
- Go to start > run and type: cleanmgr and click ok.
- Let it scan your system for files to remove.
- Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are thef only things checked.
- Press OK to remove them.
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
- Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
- Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
- Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
Download and scan with SUPERAntiSpyware Free for Home Users
- Double-click SUPERAntiSpyware.exe and use the default settings for installation.
- An icon will be created on your desktop. Double-click that icon to launch the program.
- If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
- Under "Configuration and Preferences", click the Preferences button.
- Click the Scanning Control tab.
- Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
[*] Click the "Close" button to leave the control center screen.
[*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
[*] On the left, make sure you check C:\Fixed Drive.
[*] On the right, under "Complete Scan", choose Perform Complete Scan.
[*] Click "Next" to start the scan. Please be patient while it scans your computer.
[*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
[*] Make sure everything has a checkmark next to it and click "Next".
[*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
[*] If asked if you want to reboot, click "Yes".
[*] To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
[*] Click Close to exit the program.
- Close browsers before scanning.
- Go to start > run and type: cleanmgr and click ok.
-
Download RegSeeker from here:
http://www.softpedia.com/progDownload/RegS...nload-4229.html
Save and extract its contents to the desktop
- A new folder will appear on your desktop. Within the folder, click on RegSeeker.exe. Click on Find in registry. Copy and paste the following string and click on Search.
2559A1F4-21D7-11D4-BDAF-00C04F60B9F0 - When scanning has finished, click Select, then on Select All.
- Click on Action, then on Export selected items.
- Name the export Report. It will be saved in RegSeeker > Backup folder.
- Please ATTACH this file in a reply
- A new folder will appear on your desktop. Within the folder, click on RegSeeker.exe. Click on Find in registry. Copy and paste the following string and click on Search.
-
got a program called spinrite, should i use this to fix the problem?
Certainly an option. If you DO use spinrite I sugguest you reboot once it's done and iimmediatly do a Chkdisk
Another is to install the Recovery Console (if not already installed) and run Chkdsik from there.
Guided info HERE
PS are you still getting the disconnects??
-
A nasty file or two...nothing too malicious.
You DO have LOTS of empty entries in your startup..
Wengo
FreeCall
all the Viop entries.
IF you uninstalled then the entries should have been removed by the programs when uninstalling.
Open HijackThis and put a check next to the following:
O4 - HKCU\..\Run: [Wengo] "C:/Program Files/Wengo/wengophone.exe" -background
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized
O4 - HKCU\..\Run: [LowRateVoip] "C:\Program Files\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
Close progrmas/windows (Even this one) besides HijackThis and click Fix checked.
Close HijackThis
Next download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
PS The logs also showed
The file system structure on the disk is corrupt and unusable.Please run the chkdsk utility on the volume \Device\HarddiskVolume1
Go ahead and run a scan disk on your C: drive.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
-
Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts.
- When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
- Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
- Please attach extra.txt to your post.
To attach a file to a new post, simply
- Go to the Atachments section on the post composition page.(just below the text entry window), and
- copy and paste the following into the "Select a file" box: C:\Deckard\System Scanner\extra.txt
- Click Upload.
What DSS will do:
- create a new System Restore point in Windows XP and Vista.
- clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
- check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
- Close all applications and windows.
-
Sorry for the delay in responding to your request. We (the helpers here and elsewhere) are just swampped with logs.
If you still need help do the following.
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.]HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
-
Please download VundoFix.exe to your desktop
- Double-click VundoFix.exe to run it.
- Click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will reboot your computer, click OK.
- Please post the contents of C:\vundofix.txt and a the CF log from below in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
- Double-click VundoFix.exe to run it.
-
Hey yardmaster I just got a PM from the forum owner telling me that Email notification have not been working.
Sorry I had NO idea you've waited this long. I guess when I thought I didn't get notice in last poist I should have watched closer.
I'm gonna ASSume you are still having this issue.
Download and scan with SUPERAntiSpyware Free for Home Users
- Double-click SUPERAntiSpyware.exe and use the default settings for installation.
- An icon will be created on your desktop. Double-click that icon to launch the program.
- If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
- Under "Configuration and Preferences", click the Preferences button.
- Click the Scanning Control tab.
- Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
[*] Click the "Close" button to leave the control center screen.
[*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
[*] On the left, make sure you check C:\Fixed Drive.
[*] On the right, under "Complete Scan", choose Perform Complete Scan.
[*] Click "Next" to start the scan. Please be patient while it scans your computer.
[*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
[*] Make sure everything has a checkmark next to it and click "Next".
[*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
[*] If asked if you want to reboot, click "Yes".
[*] To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
[*] Click Close to exit the program.
- Close browsers before scanning.
- Double-click SUPERAntiSpyware.exe and use the default settings for installation.
-
Let try something different then (Sorry I don' think I got a notice of your reply)
Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
- Close all applications and windows.
- Double-click on dss.exe to run it, and follow the prompts.
- When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
- Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
- Please attach extra.txt to your post.
To attach a file to a new post, simply
- Go to the Atachments section on the post composition page.(just below the text entry window), and
- copy and paste the following into the "Select a file" box: C:\Deckard\System Scanner\extra.txt
- Click Upload.
What DSS will do:
- create a new System Restore point in Windows XP and Vista.
- clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
- check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
- Close all applications and windows.
-
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
-
Please visit the webpage HERE for instructions for downloading and running ComboFix.
Post the log from ComboFix when you've accomplished that.
-
Well the GINA file are used for log in, fast user switching, etc. I'm betting you also no longer have a Welcome screen when you start Windows, correct? The one that displays user name...
Netgear uses thier own verison of msgina (RtlGina2.dll) and it has been know to cause all sort of login/start/switching issues.
MS-MVP Doug Knox has a fix/check for such issues. Go to his website HERE and download/use the XP_FixLogon.ZIP ..direction are on the page.
Let me know how you get on with this and if it fixes the issue.
Also do you have a XP install CD..incase we need to repair/fix some other files??
Infected Or Not? Computer Having Problems
in Malware Removal
Posted
Open HiJackThis. It should open to a "New users quickstart" menu
Click "Open the Misc Tools section"
Click "Delete a file on reboot..."
In the "Enter file to delete on reboot..." window, navigate to:
C:\WINDOWS\system32\
And select the file
mi1.exe
Then click Open. After you click Open, HiJackThis will ask you if you want to restart your computer now. click NO.
Repeat for mi2.exe only reboot after mi2.exe
Please download OTCleanIt from HERE to your desktop.
Double click to run it. It will clean up the assortment of tools used during malware removal. When it has finnished, it will ask you to reboot so it can remove itself.
Are you still haveing the slow loading issues??