Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus ad popup/Trojan Rustok-n infection


  • Please log in to reply
1 reply to this topic

#1 Lazyjim

Lazyjim

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:46 PM

Posted 29 June 2009 - 03:05 AM

I don't know how to remove this virus, or even find out if I have more than just this one infection. I've had a major computer slowdown and trouble running any kind of anti spyware software after getting this virus. For example I can no longer get Spybot to start at all.


DDS (Ver_09-06-26.01) - NTFSx86
Run by Main at 2:51:03.54 on Mon 06/29/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.500 [GMT -5:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: AVG Anti-Virus *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.facebook.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: &Helper: {a77d3539-581d-450c-9e44-a84c415a6172} - c:\windows\system32\msxmlm.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program

files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mPolicies-explorer: hx-1 = 1
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F4430FE8-2638-42e5-B849-800749B94EED}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} - hxxp://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {33564D57-0000-0010-8000-00AA00389B71} -

hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -

hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137445284921
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 85.255.112.195,85.255.112.14
TCP: {843A85F6-4072-4B70-823B-9678B789E54E} = 85.255.112.195,85.255.112.14
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\main\applic~1\mozilla\firefox\profiles\nebutdlj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Amazon.com
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - component: c:\program files\mozilla firefox\components\FFComm.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla

firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla

firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-6-29 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-29 98440]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-29 26824]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-29 90632]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-29 231704]
S2 gupdate1c9e804a6accae8;Google Update Service (gupdate1c9e804a6accae8);c:\program files\google\update\GoogleUpdate.exe [2009-6-8

133104]
S3 asbp2poa;asbp2poa;\??\c:\docume~1\main\locals~1\temp\asbp2poa.sys --> c:\docume~1\main\locals~1\temp\asbp2poa.sys [?]
S3 cpuz130;cpuz130;\??\c:\docume~1\main\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\main\locals~1\temp\cpuz130\cpuz_x32.sys

[?]
S4 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-3-31 464264]
S4 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-3-31 234888]

=============== Created Last 30 ================

2009-06-29 02:35 <DIR> --d----- c:\program files\Trend Micro
2009-06-29 02:15 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-06-29 02:15 98,440 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-29 02:15 90,632 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-29 02:15 12,936 a------- c:\windows\system32\drivers\avgrkx86.sys
2009-06-29 02:14 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-06-29 02:14 <DIR> --d----- c:\docume~1\main\applic~1\AVGTOOLBAR
2009-06-29 02:14 <DIR> --d----- c:\program files\AVG
2009-06-29 02:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-06-29 01:59 <DIR> --d----- c:\windows\SxsCaPendDel
2009-06-28 01:57 16,311 a------- c:\windows\system32\56009not-azv9rus53e.cpl
2009-06-25 23:08 3,255 a------- c:\windows\system32\3959backdoor5153z.dll
2009-06-25 13:09 850 a------- c:\windows\system32\ProductTweaks.xml
2009-06-25 13:09 385 a------- c:\windows\system32\user_gensett.xml
2009-06-25 13:08 81,984 a------- c:\windows\system32\bdod.bin
2009-06-25 10:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BitDefender
2009-06-25 10:55 <DIR> --d----- c:\program files\common files\BitDefender
2009-06-25 09:21 5,912 a------- c:\windows\system32\611zt5ief10509.dll
2009-06-25 02:57 374,784 a------- c:\windows\system32\msxmlm.dll
2009-06-25 02:57 <DIR> --d----- c:\program files\common files\Uninstall
2009-06-24 11:45 <DIR> --d----- c:\program files\iPod
2009-06-24 11:45 <DIR> --d----- c:\program files\iTunes
2009-06-24 11:44 <DIR> --d----- c:\program files\Bonjour
2009-06-24 11:19 2,766 a------- c:\windows\25d9zackdoo958.bin
2009-06-23 10:23 10,695 a------- c:\windows\system32\3958addware152z.cpl
2009-06-22 19:18 4,043 a------- c:\windows\1564tr9j1z85.bin
2009-06-22 07:42 8,238 a------- c:\windows\18891trzj3595.cpl
2009-06-21 13:35 3,600 a------- c:\windows\system32\18578notza-v5ru9462.dll
2009-06-21 13:19 18,091 a------- c:\windows\system32\2731ste9l1255z.bin
2009-06-21 11:47 5,230 a------- c:\windows\system32\9ce6steal89z5.ocx
2009-06-20 15:32 2,552 a------- c:\windows\16959wzrm7a6.cpl
2009-06-20 11:42 14,955 a------- c:\windows\39ezsteal1514.ocx
2009-06-19 19:08 6,271 a------- c:\windows\system32\7z5fthr5at98153.ocx
2009-06-19 14:38 15,373 a------- c:\windows\system32\12d9d5wnz9ader57.cpl
2009-06-19 05:40 17,219 a------- c:\windows\system32\21a0backdoor109z5.dll
2009-06-18 08:45 3,320 a------- c:\windows\system32\60a5dow5lo9dez853.exe
2009-06-17 00:41 10,189 a------- c:\windows\system32\z988not-a-vir9s59c.dll
2009-06-16 00:10 14,916 a------- c:\windows\30143sz5mbot591.exe
2009-06-15 23:41 15,896 a------- c:\windows\system32\7229down5zader2536.bin
2009-06-15 18:28 8,763 a------- c:\windows\25093zpambot31d.bin
2009-06-15 05:36 4,209 a------- c:\windows\4az9vi52209.exe
2009-06-13 00:40 6,716 a------- c:\windows\system32\44z2ad9ware25595.dll
2009-06-12 19:46 11,673 a------- c:\windows\5faedo5nzoader9547.cpl
2009-06-12 13:30 10,092 a------- c:\windows\system32\5ca15zr9at27570.cpl
2009-06-11 08:40 6,288 a------- c:\windows\517z1wo9m42e.dll
2009-06-10 18:43 14,813 a------- c:\windows\13456s9zmbot157.exe
2009-06-09 18:40 13,867 a------- c:\windows\system32\z1spam9o5589.ocx
2009-06-09 11:14 9,749 a------- c:\windows\354addwar91042z.dll
2009-06-09 10:12 11,265 a------- c:\windows\2375zpyware1891.exe
2009-06-08 01:43 <DIR> --d----- c:\program files\common files\DivX Shared
2009-06-05 11:19 4,881 a------- c:\windows\29357hacktool3z8.exe
2009-06-05 05:27 2,969 a------- c:\windows\system32\265zs9yware2566.bin
2009-06-04 08:22 12,172 a------- c:\windows\system32\5cz9vir17935.cpl
2009-06-02 23:18 10,937 a------- c:\windows\756bstealz9359.bin
2009-06-02 10:02 10,402 a------- c:\windows\17929zot-a-9iru5239.ocx
2009-06-01 22:08 11,597 a------- c:\windows\91026zpam5ot1c.bin

==================== Find3M ====================

2009-06-27 00:00 3,558 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-05-27 20:52 8,821 a------- c:\windows\3f6bbzckd5or3951.bin
2009-05-27 09:15 7,224 a------- c:\windows\system32\69ezdownloade51964.dll
2009-05-26 06:30 6,686 a------- c:\windows\system32\61f5thiz9567.bin
2009-05-25 17:40 3,188 a------- c:\windows\10956spamz5t536.exe
2009-05-24 23:25 5,666 a------- c:\windows\system32\259zste9l2576.exe
2009-05-24 16:59 8,853 a------- c:\windows\31999h9zkt5ol593.bin
2009-05-24 08:30 15,185 a------- c:\windows\system32\9629hackt5ol6c3z.bin
2009-05-24 06:07 16,167 a------- c:\windows\system32\26909spy15z.bin
2009-05-14 03:49 10,746 a------- c:\windows\1448s5a9zot4e3.dll
2009-05-13 18:09 8,100 a------- c:\windows\90512vizus270.bin
2009-05-13 14:14 1,097,728 a------- c:\windows\system32\setup2.exe
2009-05-11 18:48 5,279 a------- c:\windows\1457zw9rm585.exe
2009-05-09 12:41 14,570 a------- c:\windows\system32\19897woz5529.bin
2009-05-09 02:54 4,821 a------- c:\windows\system32\2a5z9py5are1371.bin
2009-05-06 06:47 11,774 a------- c:\windows\5937thrzat9827.bin
2009-05-04 22:05 9,319 a------- c:\windows\3z513s9y695.exe
2009-05-04 10:38 8,560 a------- c:\windows\658spyz695.exe
2009-05-04 06:58 9,878 a------- c:\windows\system32\6025sz55b9.dll
2009-05-01 16:02 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-01 16:02 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-01 16:02 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-01 16:02 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-01 16:02 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-01 16:02 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-01 16:02 685,056 a------- c:\windows\system32\DivX.dll
2009-05-01 03:39 12,055 a------- c:\windows\system32\29975zot-a5virus1ec.bin
2009-04-26 09:10 3,907 a------- c:\windows\system32\29605zirus7ef.exe
2009-04-26 03:36 14,020 a------- c:\windows\system32\5665viruz97.exe
2009-04-24 04:54 15,670 a------- c:\windows\system32\273z1ha5ktool3339.exe
2009-04-23 01:32 16,311 a------- c:\windows\163849i5us55fz.dll
2009-04-21 08:02 17,751 a------- c:\windows\255249iruz78f.exe
2009-04-21 05:47 4,982 a------- c:\windows\755fdow9loazer1427.bin
2009-04-19 17:06 6,783 a------- c:\windows\1bzds9y5are1537.bin
2009-04-18 05:55 9,394 a------- c:\windows\5z32backd5or1988.exe
2009-04-16 06:08 5,641 a------- c:\windows\system32\11f3z9r28715.dll
2009-04-15 14:58 8,611 a------- c:\windows\z006859rus74c.exe
2009-04-15 12:27 8,936 a------- c:\windows\system32\50z61spa9bot133.bin
2009-04-14 15:47 4,893 a------- c:\windows\8330vir9s51z.bin
2009-04-09 20:56 3,202 a------- c:\windows\system32\29945zroj5c3.bin
2009-04-09 06:47 10,476 a------- c:\windows\56d4thief199z.exe
2009-04-06 09:08 7,469 a------- c:\windows\system32\26061spamboz5a95.dll
2009-04-03 15:13 17,453 a------- c:\windows\15ba9ownloa5zr250.bin
2008-11-29 21:02 38,384 ac------ c:\docume~1\main\applic~1\GDIPFONTCACHEV1.DAT
2008-06-19 22:31 3,510 ac------ c:\docume~1\main\applic~1\wklnhst.dat
2008-09-04 22:50 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local

settings\history\history.ie5\mshist012008090420080905\index.dat

============= FINISH: 2:51:29.29 ===============

Attached Files



BC AdBot (Login to Remove)

 


m

#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:01:46 PM

Posted 01 July 2009 - 10:38 PM

Hello Lazyjim,

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 14.
  • Click the "Download" button to the right.
  • At the Select Platform and Language for your download drop down box
    Select Windows and Mult-Language
  • Check the box that says: "Accept License Agreement" then press Continue ( Selecting Windows will give you the 32 bit version. )
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language jre-6u13-windows-i586-p.exe and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.2_03
    Java™ 6 Update 13
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u14-windows-i586.exe to install the newest version.
*************
Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.

*************

Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users