GT500

Emsisoft Employee
  • Content Count

    11009
  • Joined

  • Days Won

    315

Everything posted by GT500

  1. That log actually looks fairly good. Lets get a second opinion. Please run an online virus scan through ESET by following the steps below: Turn off your anti-virus software. Click on this link. Click on the ESET Online Scanner button. Put a check in the box that says YES, I accept the Terms of Use. Click the 'Start' button just to the right of the checkbox. Uncheck the box that says Remove found threats (this is very important). Click on Advanced settings. Put a check in the box that says Scan for potentially unsafe applications. Verify that Scan for potentially unwanted applications is also checked. Verify that Enable Anti-Stealth technology is also checked. Click the Start button in the lower-right corner of the page, and it will begin downloading it's database, and then it will start scanning. When the scan is done, if it shows a screen that says Threats found!, then click List of found threats, and then click Export to text file... (if nothing was found, then just let me know that no threats were found). Save that text file on your desktop, and then attach it to a reply (using the More Reply Options button in the lower-right corner of this forum topic) for me. Close the ESET online scan. I will take a look at the log, and let you know if anything needs removed.
  2. OK, lets move on with checking your computer. Please run an online virus scan through ESET by following the steps below: Turn off your anti-virus software. Click on this link. Click on the ESET Online Scanner button. Put a check in the box that says YES, I accept the Terms of Use. Click the 'Start' button just to the right of the checkbox. Uncheck the box that says Remove found threats (this is very important). Click on Advanced settings. Put a check in the box that says Scan for potentially unsafe applications. Verify that Scan for potentially unwanted applications is also checked. Verify that Enable Anti-Stealth technology is also checked. Click the Start button in the lower-right corner of the page, and it will begin downloading it's database, and then it will start scanning. When the scan is done, if it shows a screen that says Threats found!, then click List of found threats, and then click Export to text file... (if nothing was found, then just let me know that no threats were found). Save that text file on your desktop, and then attach it to a reply (using the More Reply Options button in the lower-right corner of this forum topic) for me. Close the ESET online scan. I will take a look at the log, and let you know if anything needs removed.
  3. It looks like the part of the scan that produces the Extras log is no longer selected by default. It isn't a big deal, unless you are still having trouble. It does give me some extra information to help with debugging problems, however most of what I need to assist you is in the main OTL log. I have written a cleanup script for OTL (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  4. OK, that log looks better. Lets move on to ComboFix. Please download ComboFix from one of the following links, and follow the instructions below to run it. Save as Combo-Fix.exe during the download. ComboFix must be renamed before you download to your Desktop Link 1 Link 2 * IMPORTANT !!! Save Combo-Fix to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools See HERE for help Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: (This applies to Windows XP systems only) If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, ComboFix will produce a log. Note: 1. Do not mouseclick combofix's window while it's running. That may cause it to stall! 2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet. Attach logs for: (USE THE "MORE REPLY OPTIONS" BUTTON TO BE ABLE TO DO THIS) ComboFix (C:\combofix.txt) Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
  5. I see your forum profile lists that you also have Microsoft Security Essentials and Malwarebytes' Anti-Malware installed. Do you have any other security software? Is MBAM registered with an id and key and running real-time protection?
  6. I have written a cleanup script for OTL (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  7. That log is looking better. Since you're having issues with browser performance, lets get a fresh OTL log, and let me know which browser you're actually using. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  8. Yes. Here's some final instructions for you: 1. Make Sure Java is Updated: Click on the Start button. Click on Control Panel . Click Uninstall a program . Look for Java in the list (should be alphabetical), and uninstall all versions of Java that you find listed. Click on this link and download and install the latest Java (the Windows Online download will be faster). 2. Make Sure Adobe Flash is Updated: Click on this link and download the latest version of Adobe Flash Player for your web browser. You will need to close your web browser when installing Flash. 3. Make Sure Adobe Acrobat Reader is Updated: Click on the Start button. Click on Control Panel . Click Uninstall a program . Look for any versions of Adobe Reader or Adobe Acrobat Reader in the list (should be alphabetical), and uninstall all of them (if you have Adobe Acrobat, which is the premium software from Adobe, then you do not need to uninstall it). Click on this link to go to the Adobe Reader download page, make sure to unselect any offers for toolbars or other free software, and download and install the latest version of Adobe Reader. (please note that some people do prefer to use third-party PDF viewers such as PDF X-Change Viewer and Foxit Reader which are not as commonly exploited as Adobe Reader, so if you would prefer to use one of those then you do not need to download and install Adobe Reader) 4. Make Sure Your Computer Has The Latest Windows Updates: Click on the Start button. Go to All Programs . Click on Windows Update . Click Check for updates in the menu on the left (should be near the top). Once it is done checking for updates, click the Install updates button on the right. Make sure that if your computer wants to restart after the updates are done, that you allow it so. 5. Web Of Trust Extension: While this is not a requirement, I highly recommend that you click this link and check out the Web Of Trust extension for your web browser. It will add an extra layer of protection to your web browsing for free, and it is especially helpful when doing searches on Google, Yahoo!, Bing, etc. as it will point out what sites are considered trustworthy and what sites are not by drawing a colored circle to the right of each search result. Green means trusted, red means not trusted, yellow is in between, and white means it is not in Web Of Trust's database. 6. Empty The System Restore: Click on the Start button. Right-click on Computer Select Properties from the list. In the window that pops up, click on the System protection link in the menu on the left. The buttons may not be clickable for a few moments, but once you can click on them select the drive in the list near the bottom that shows protection is on (this will usually be you C: drive) and click the Configure... button. Click the button near the bottom-right that says Delete to clear all System Restore data. Once finished, click OK to close that window. Now you will want to make sure that the correct drive is selected again (usually your C: drive) and click on the Create button to create a new restore point. Fill in a name for the restore point, and click the Create button. Once it is done, you can close the windows that were opened to get to the System Restore settings.
  9. I am not able to reproduce this issue. I see you have software from Zone Labs installed. Are you just using their "Extreme Security 2012", or do you have anything else installed in addition to that?
  10. You are quite correct that it is not the cause of the problem, however our testers who discovered the issue reported that adding rundll32.exe as 'Trusted' and as 'Allowed' did resolve the issue with not being able to launch applications. You seem to be having slightly different symptoms than they reported, however, so I cannot guarantee that it is the exact same issue, or that their reported work-around would even be effective in your case, however it is the best place to start if you experience further problems along these lines.
  11. There are a couple of possibilities. One is to forcibly remove them from the registry, however I intend on reserving that as a sort of "last resort" for when I have run out of other ideas since I cannot guarantee that it is a safe thing to do. The other possibility is to uninstall your network adapters in the device manager, and then attempt to uninstall the phantom devices. I suspect that this will not work, however it is worth trying. Windows will automatically reinstall your network devices after you restart your computer.
  12. I would believe the fix for this is available on beta updates. If you want to enable beta updates and let us know if there are any problems, then that might help expedite the process.
  13. I have opened a bug report on this, so our developers should take a look at it as soon as they can.
  14. What happens if you disable the option for e-mail scanning?
  15. Unfortunately, when I restart my VM, it resets the clock (I may need to complain to VMware about that). I may have to test this at real times of day, instead of by just changing the time on the clock.
  16. Are you certain that there's nothing physically wrong with your laptop? I know it's a long shot, but you wouldn't happen to have a Memtest86+ disk, would you?
  17. Since attempting to assist more than one person in the same topic can cause us to inadvertently overlook someone, I have split your post into a new topic. We also ask that, in the future, you create a new topic on the forums when asking for assistance so that it is easier for us to assist you.
  18. I'm not actually seeing any signs of an infection in that log. If you open Emsisoft Anti-Malware, and go to Logs on the left, are you able to find and export the log showing the detection? If so, please attach it to a reply. I want to make sure that this is not a false positive before I decide how is best to proceed.
  19. Those detections are just backups that TDSSKiller made after repairing files. They can't harm your computer unless you restore them from the quarantine in TDSSKiller (which is something you don't want to do in this case). Oh, BTW, we figured out why that OTL script was running together on a single line like that. It has to do with an issue that Internet Explorer 9 has on this type of forum. Fortunately there's a fix that we can apply to our forums for it. Anyway, it looks like your computer is clean. If you run a scan with Emsisoft Anti-Malware, does it detect anything?
  20. You said the Linux disk no longer works? Have you checked to make sure that the disk hasn't gotten dirty and that it can no fingerprints on it? Lasers have a hard time reading CD's when there's something on the disk.
  21. OK, I have written a script that will tell ComboFix how to delete some stuff I saw in your log. Here are instructions on what to do with the script: Download an updated version of ComboFix from one of the following links: [list=] BleepingComputer InfoSpyware [*] Turn off your Anti-Virus software. [*] Click your Start button, go to All Programs (or just Programs on Vista and Windows 7), go to Accessories, and then open Notepad. [*] Please copy and paste the contents of the quote box below into Notepad (here is a link to instructions if you do not know how to copy and paste), and make sure that you don't copy the word 'Quote': [*] Save this as a Text Document named CFScript in the same location as ComboFix (which should be on your desktop). [*] Close Notepad and verify that the CFScript file is saved on your desktop. [*] Referring to the animated picture below, click the left mouse button on top of the CFScript icon on your desktop, then holding the mouse button down drag the CFScript icon on your desktop onto the ComboFix icon, and then drop it (let go of the mouse button) on top of the ComboFix icon: When finished, it will display a new log in Notepad. Please attach that log to a reply the same way you did before. If you prefer, you can save the log on your desktop to make it easier to find.
  22. Here's instructions on how to uninstall ComboFix. You should be able to download the new version after doing this: Hold down the Windows key on your keyboard (it has the little Windows logo on it, next to the Ctrl key) and press R to open the Run dialog. Type ComboFix /Uninstall in the field (make sure to leave a space just before the /) and then click OK ComboFix should take care of the rest.
  23. OK, that log looks a lot better. Lets move on to an online virus scan. Please run an online virus scan through ESET by following the steps below: Turn off your anti-virus software. Click on this link. Click on the ESET Online Scanner button. Put a check in the box that says YES, I accept the Terms of Use. Click the 'Start' button just to the right of the checkbox. Uncheck the box that says Remove found threats (this is very important). Click on Advanced settings. Put a check in the box that says Scan for potentially unsafe applications. Verify that Scan for potentially unwanted applications is also checked. Verify that Enable Anti-Stealth technology is also checked. Click the Start button in the lower-right corner of the page, and it will begin downloading it's database, and then it will start scanning. When the scan is done, if it shows a screen that says Threats found!, then click List of found threats, and then click Export to text file... (if nothing was found, then just let me know that no threats were found). Save that text file on your desktop, and then attach it to a reply (using the More Reply Options button in the lower-right corner of this forum topic) for me. Close the ESET online scan. I will take a look at the log, and let you know if anything needs removed.
  24. I'm going over the possible causes of this issue with the developer of OTL. For now, I'll just attach the script to this message, and you can try again. Download the following file, and save it on your desktop: Now open OTL, then open the OTL_Script file, and then copy and paste the contents into OTL's Custom Scans/Fixes box. After that, click the Run Fix button to start the fix, and attach the logs just like last time.