Jump to content

jeffce

Malware Removal Team
  • Content Count

    179
  • Joined

  • Last visited

Everything posted by jeffce

  1. Hi, Run OTL.exe Copy/paste the following text written inside of the quote box into the Custom Scans/Fixes box located at the bottom of OTL Then click the Run Fix button at the top Let the program run unhindered, reboot when it is done Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time ) ---------- Please post the OTL log and let me know how the system is running.
  2. Hi, Download Combofix from any of the links below but rename it to Vageta.com before saving it to your desktop. Link 1 Link 2 ================================== Right-click and Run as Administrator on the renamed ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt so we can continue cleaning the system.
  3. Good job! Download Combofix from the link below, and save it to your desktop. Link **Note: It is important that it is saved directly to your desktop** If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer. -------------------------------------------------------------------- IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, r
  4. Good job! Please run TDSSKiller again. With this item found >> \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) please select Cure. Once complete please post the new log.
  5. Hi and welcome! Please download aswMBR to your desktop. Double click the aswMBR icon to run it. Click the Scan button to start scan. If you are asked to update the Avast Virus database please allow it to do so. When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply. Click the image to enlarge it ---------- Please download TDSSKiller Double click TDSSKiller.exe When the window opens, click on Change Parameters Under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System” click OK
  6. Hi, Let's be sure there is actually a rootkit there and it is not a false positive. Please attach the logs made by aswMBR, TDSSKiller and ListParts.
  7. Go ahead and run new scans with aswMBR and also TDSSKiller and attach both the logs. ListParts Please download Listparts64 Run the tool, click Scan and attach the log (Result.txt) it makes. ------------
  8. Hi, I don't see anywhere a rootkit. ---------- Providing there are no other malware related problems... IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection. ---------------- Clean up with OTL: Right-click and Run as Administrator OTL.exe to start the program. Close all other programs apart from OTL as this step will require a reboot On
  9. Per the OP's request, this topic has been re-opened.
  10. Due to lack of feedback, this topic will now be closed. If you are the original poster and you still require help, please start a new thread. -------------------
  11. Hi, Let's keep going and check to see if anything else is hiding. Please download Farbar Service Scanner and run it on the computer with the issue. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center Windows Update Windows Defender [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply. ---------- Please download Malwarebytes Anti-Malware to your desktop. Right-click and Run as Administrator mbam-setup.exe and follow the prompts t
  12. Per the OP's request, this topic has been re-opened.
  13. Due to lack of feedback, this topic will now be closed. If you are the original poster and you still require help, please start a new thread. -------------------
  14. Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
  15. Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. =================================
  16. I apologize for any delay. Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below: Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Referring to the screenshot above, drag CFScript.txt into ComboFi
  17. Yes that would be fine. I am glad that your system is running better and I am happy I could help.
  18. Hi, Good to hear the system is running better. Panda Cloud Ultradefrag Wise Registry Cleaner Slim cleaner Cleanup! <<==I have never used any of these programs in bold so I really can't say, but I never recommend a registry cleaner at all. They seem to do more harm than good in my opinion. Of the rest I would only keep Malwarebytes and Emsisoft....but that is just my opinion. I have used them all but I would only use those two. ----------------- Providing there are no other malware related problems... IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LETS DO A COUPLE OF THINGS
  19. Due to lack of feedback, this topic will now be closed. If you are the original poster and you still require help, please start a new thread. -------------------
  20. Providing there are no other malware related problems... IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection. The following will implement some cleanup procedures as well as reset System Restore points: Press the Windows key + R and this will open the Run box. Copy/paste the following text into the Run box as shown and click OK. Combofix /U
  21. Ok....good job! Run Malwarebytes again and remove anything that is found. Attach the log that is made to your next reply. ----------- Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedde
×
×
  • Create New...