Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirects


  • Please log in to reply
22 replies to this topic

#1 bsh5010

bsh5010

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 17 June 2010 - 06:52 PM

Hello,

It seems I have contracted some sort of virus. This virus, or whatever the problem is, redirects some of the links in search engines. It redirects them to some adware sites. I have done some looking around, and this seems to be a common problem, meaning I have read a lot of threads where people are experiencing the same issues. However, I cannot seem to fix my issue. I have run Norton Anti-Virus, MalwareBytes, Spyware Doctor, and SuperAntiSpyware. None of these programs find anything. I have run them before and they found quite a lot, and subsequently did the repairs.... however my redirect problem still exists. Although it does not seem to be as bad, it is still quite annoying, hinting there is still something on my computer and troubling that no software is able to detect anything. I will run any program and posts the logs. Please let me know. Any help would be greatly appreciated. Thank you.

-Brent

Edited by Orange Blossom, 17 June 2010 - 06:53 PM.
Move to AII as no logs posted and prep. guide not followed. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 17 June 2010 - 07:39 PM

Are they various site or the sane one?
Is it with alll searchines or just one?
XP/Vista etc,,??

Please run an online scan.
Please perform a scan with Kaspersky Online Virus Scanner.
-- Requires free Java Runtime Environment (JRE) to be installed before scanning for malware as ActiveX is no longer being used.
-- This scan will not remove any detected file threats but it will show where they are located so they can be cleaned with other tools.
  • Vista users need to right-click the IE or FF Start Menu or Quick Launch Bar icons and Run As Administrator from the context menu.
  • Read the "Advantages - Requirements and Limitations" then press the Posted Image... button.
  • You will be prompted to install an application from Kaspersky. Click the Run button. It will start downloading and installing the scanner and virus definitions.
  • When the downloads have finished, you should see 'Database is updated. Ready to scan'. Click on the Posted Image... button.
  • Make sure these boxes are checked. By default, they should be. If not, please check them and click on the Posted Image... button afterwards:
    • Detect malicious programs of the following categories:
      Viruses, Worms, Trojan Horses, Rootkits
      Spyware, Adware, Dialers and other potentially dangerous programs
    • Scan compound files (doesn't apply to the File scan area):
      Archives
      Mail databases
  • Click on My Computer under the Scan section. OK any warnings from your protection programs.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • Once the scan is complete (the 'status' will show complete), click on View Scan Report and any infected objects will be shown.
  • Click on Save Report As... and change the Files of type to Text file (.txt)
  • Name the file KAVScan_ddmmyy (day, month, year) before clicking on the Save button and save it to your Desktop.
  • Copy and paste (Ctrl+C) the saved scan results from that file in your next reply.
-- Note: Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 18 June 2010 - 06:56 PM

They seem to open to various sites actually. An example: when I click on link properties of a link after doing a search, it will show something like http://c.xmlppc.com/?d=hhhhAwDhZGRkY as the address. This is just a short example, the actual link has a lot more garbage behind it that I didn't copy and paste. This was from the Bing search engine. If I search something on google, the wrong address looks something like this: http://www.google.com/url?sa=t&source=...p;cd=12&ved with more garbage behind it as well.

It seems to be with all the search engines that I use, which is only google and bing.

I am using the Windows Vista operating system.

Also I have just finished the online scan, and it indeed has found some things no other software seems to be able to. I will post the scan below.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, June 18, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Friday, June 18, 2010 04:54:23
Records in database: 4291233
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
Z:\

Scan statistics:
Objects scanned: 275711
Threats found: 7
Infected objects found: 13
Suspicious objects found: 0
Scan duration: 06:45:55


File name / Threat / Threats count
C:\ProgramData\SysWoW32\wu245036203v1 Infected: Trojan.Win32.Pincav.aamt 1
C:\ProgramData\SysWoW32\wu245036203v2 Infected: Trojan.Win32.Pincav.aamk 1
C:\ProgramData\SysWoW32\wu245036203v3 Infected: Trojan.Win32.Pincav.aamo 1
C:\ProgramData\SysWoW32\_u245036203v1 Infected: Trojan.Win32.Pincav.aati 1
C:\ProgramData\SysWoW32\_u245036203v2 Infected: Trojan.Win32.Pincav.aalq 1
C:\ProgramData\SysWoW32\_u245036203v3 Infected: Trojan.Win32.Pincav.aatn 1
C:\Users\All Users\SysWoW32\wu245036203v1 Infected: Trojan.Win32.Pincav.aamt 1
C:\Users\All Users\SysWoW32\wu245036203v2 Infected: Trojan.Win32.Pincav.aamk 1
C:\Users\All Users\SysWoW32\wu245036203v3 Infected: Trojan.Win32.Pincav.aamo 1
C:\Users\All Users\SysWoW32\_u245036203v1 Infected: Trojan.Win32.Pincav.aati 1
C:\Users\All Users\SysWoW32\_u245036203v2 Infected: Trojan.Win32.Pincav.aalq 1
C:\Users\All Users\SysWoW32\_u245036203v3 Infected: Trojan.Win32.Pincav.aatn 1
C:\Users\Brent\AppData\Local\Temp\jar_cache52271.tmp Infected: Trojan-Downloader.Java.Agent.bf 1

Selected area has been scanned.


Any ideas on how to proceed from here would be great. Thanks!

-Brent

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 18 June 2010 - 07:49 PM

Hi, some important advice: this is a backdoor Trojan. It can allow an attacker to
gain control of the system, log keystrokes, steal passwords, access personal
data, send malevolent outgoing traffic, and close the security warning
messages displayed by some anti-virus and security programs.

I would advise you to disconnect this PC from the Internet, and then go to
a known clean computer and change any passwords or security information held
on the infected computer. In particular, check whatever relates to online
banking financial transactions, shopping, credit cards, or sensitive
personal information. It is also wise to contact your financial institutions
to apprise them of your situation.


Now we'll do another as this one removes what it finds.


ESET
Please perform a scan with Eset Online Antiivirus Scanner.
(Requires Internet Explorer to work. If given the option, choose "Quarantine" instead of delete.)
Vista users need to run Internet Explorer as Administrator. Right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Click the green ESET Online Scanner button.
  • Read the End User License Agreement and check the box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.
  • A new window will appear asking "Do you want to install this software?"".
  • Answer Yes to download and install the ActiveX controls that allows the scan to run.
  • Click Start.
  • Check Remove found threats and Scan potentially unwanted applications.
  • Click Scan to start. (please be patient as the scan could take some time to complete)
  • If offered the option to get information or buy software. Just close the window.
  • When the scan has finished, a log.txt file will be created and automatically saved in the C:\Program Files\ESET\ESET Online Scanner\log.txt
    folder.
  • Click Posted Image > Run..., then copy and paste this command into the open box: C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • The scan results will open in Notepad. Copy and paste the contents of log.txt in your next reply.
Note: Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.


Let me know if the redirex=cts stop.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 20 June 2010 - 02:35 PM

Thank you for the advice, the scanner found and cleaned some threats. See the log posted below:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=67391051dd6a9a4e8309c7b25224f183
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-06-20 12:47:06
# local_time=2010-06-19 08:47:06 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 95 7762870 113575955 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=280788
# found=8
# cleaned=8
# scan_time=26399
C:\ProgramData\SysWoW32\wu245036203v1 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\ProgramData\SysWoW32\wu245036203v2 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\ProgramData\SysWoW32\wu245036203v3 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\ProgramData\SysWoW32\_u245036203v1 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\ProgramData\SysWoW32\_u245036203v2 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\ProgramData\SysWoW32\_u245036203v3 a variant of Win32/Kryptik.EHK trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Brent\AppData\Local\Temp\jar_cache39784.tmp a variant of Java/TrojanDownloader.Agent.NAN trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Brent\AppData\Local\Temp\jar_cache52271.tmp a variant of Java/TrojanDownloader.Agent.NAN trojan (deleted - quarantined) 00000000000000000000000000000000 C



I am not sure if the search engine problem is fixed yet. I will get back to you. Also, has this scanner successfully removed the malicious trojan? Or should I still use caution and wait for more steps? Thanks.

-Brent

#6 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 20 June 2010 - 02:49 PM

It seems the redirect problem still exists..... on google and bing

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 20 June 2010 - 10:56 PM

Hello, let's take another look.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


Please read and follow all these instructions.
  • Please download GooredFix and save it to your Desktop.
  • Double-click GooredFix.exe to run it.
  • A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).

Rootkit scan:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 22 June 2010 - 08:29 PM

Hello, please see the scans you have asked for below:

I did the updates before scanning:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4226

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

6/22/2010 7:18:04 PM
mbam-log-2010-06-22 (19-18-04).txt

Scan type: Quick scan
Objects scanned: 136029
Time elapsed: 11 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GooredFix by jpshortstuff (08.01.10.1)
Log created at 19:39 on 22/06/2010 (Brent)
Firefox version 3.0.19 (en-US)

========== GooredScan ==========

Deleting "C:\Users\Brent\Application Data\Mozilla\Firefox\Profiles\3eniucp8.default\extensions\{f980b502-69b0-4370-88bb-a886820ae04d}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
talkback@mozilla.org [23:22 24/12/2007]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [23:22 24/12/2007]
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} [23:58 11/06/2008]
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [21:20 16/03/2009]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [16:06 15/04/2010]

C:\Users\Brent\Application Data\Mozilla\Firefox\Profiles\3eniucp8.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [22:47 25/06/2009]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [21:20 16/03/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [15:10 08/06/2009]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2" [15:53 20/06/2009]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\" [19:30 20/02/2010]

-=E.O.F=-

Also I cannot get the GMER to work. After two crashes, I restarted windows in safe mode and unchecked the devices. It still crashed, BSOD. How shall I proceed?

Thank you.

-Brent

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 22 June 2010 - 10:20 PM

Hi Brent let's try another ARK.

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 23 June 2010 - 07:06 PM

I cannot get rootrepeal to work either... I ran it with antivirus and internet turned off and it crashed. I rebooted in safemode and ran it 2 or three times, it produced an error then crashed each time.

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP2
Exception Code: 0xc0000005
Exception Address: 0x004cbe53
Attempt to write to address: 0x00000000

I am not sure why these do not seem to like working on my computer.

-Brent

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 23 June 2010 - 08:27 PM

Hello run DEFOGGER and try again please.
Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 24 June 2010 - 11:36 AM

Defogger has been run and I restarted my computer.

-Brent

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 24 June 2010 - 12:08 PM

Try rootrepeal again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 bsh5010

bsh5010
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 24 June 2010 - 07:55 PM

I cannot get rootepeal to work. It just keeps crashing.

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:19 AM

Posted 24 June 2010 - 10:23 PM

Sorry this is so rough.. Try one more ARK.

Please download Sophos Anti-rootkit & save it to your desktop.
alternate download link
Note: If using the vendor's download site you will be asked to register with MySophos so an email containing an activation link can be sent to your email address.

Be sure to print out and read the Sophos Anti-Rookit User Manual and Release Notes.
  • Double-click sar_15_sfx.exe to begin the installation, read the license agreement and click Accept.
  • Allow the default location of C:\Program Files\Sophos\Sophos Anti-Rootkit and click Install.
  • A message will appear "Sophos Anti-Rootkit was successfully installed. Click 'yes' to start it now".
  • Click Yes and allow the driver and its randomly named .tmp file (i.e. F.tmp) to load if asked.
  • If the scan did not start automatically, make sure the following are checked:
    • Running processes
    • Windows Registry
    • Local Hard Drives
  • Click Start scan.
  • Sophos Anti-Rootkit will scan the selected areas and display any suspicious files in the upper panel.
  • When the scan is complete, a pop-up screen will appear with "Rootkit Scan Results". Click OK to continue.
  • Click on the suspicious file to display more information about it in the lower panel which also includes whether the item is recommended for removal.
    • Files tagged as Removable: No are not marked for removal and cannot be removed.
    • Files tagged as Removable: Yes (clean up recommended) are marked for removal by default.
    • Files tagged as Removable: Yes (but clean up not recommended) are not marked for removal because Sophos did not recognize them. These files will require further investigation.
  • Select only items recommended for removal, then click "Clean up checked items". You will be asked to confirm, click Yes.
  • A pop up window will appear advising the cleanup will finish when you restart your computer. Click Restart Now.
  • After reboot, a dialog box displays the files you selected for removal and the action taken.
  • Click Empty list and then click Continue to re-scan your computer a second time to ensure everything was cleaned.
  • When done, go to Start > Run and type or copy/paste: %temp%\sarscan.log
  • This should open the log from the rootkit scan. Please post this log in your next reply. If you have a problem, you can find sarscan.log in C:\Documents and Settings\\Local Settings\Temp\.
Before performing an ARK scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.
  • Disconnect from the Internet or physically unplug you Internet cable connection.
  • Clean out your temporary files.
  • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
  • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users