Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS does not finish


  • This topic is locked This topic is locked
3 replies to this topic

#1 KevinAg

KevinAg

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:06 AM

Posted 15 October 2011 - 06:20 PM

Previous Thread

I don't have any script-blocking programs enabled that I know of. It always freezes up when the # signs get 3/4 across the command prompt window. Not sure if I'm doing something wrong or what's going on but help would be appreciated so I could get a move on with my main problems. I already disabled my CD Emulator by using DeFogger.

BC AdBot (Login to Remove)

 


#2 KevinAg

KevinAg
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:06 AM

Posted 17 October 2011 - 06:10 PM

After even more attempts, DDS scans have continued to crash so I'm just going to move on and post the GMER log. It's attached too.

More problems with my computer as of late - When I restored my system to a previous checkpoint, the Google Redirects and what not all stopped interfering with my use but they came back this past weekend. Some websites are blocked, there are some processes going on at once in my Task Manager (iexplore.exe, rundll32.exe, svchost.exe). MSE and MBAM quick scans found nothing on my computer and I plan of doing full scans pretty soon.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-17 03:54:54
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHT2030AT rev.009B
Running: gmer.exe; Driver: C:\DOCUME~1\DellD505\LOCALS~1\Temp\ugtdqpow.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[528] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10022ADA C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] kernel32.dll!ResumeThread 7C832927 5 Bytes JMP 10022CBD C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!GetMessageW 7E4191C6 5 Bytes JMP 1002290A C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 100229B4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10022A61 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 10022A9F C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 46CB3704 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 46CB41DF C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 100225FE C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!socket 71AB4211 5 Bytes JMP 46CB354C C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 46CB35DC C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!send 71AB4C27 5 Bytes JMP 46CB3B92 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!recv 71AB676F 5 Bytes JMP 46CB4549 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!getpeername 71AC0B68 5 Bytes JMP 10022733 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[528] ws2_32.dll!WSAConnect 71AC0C81 5 Bytes JMP 100226A4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetReadFile 3D94654B 2 Bytes JMP 00A3BB10
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetReadFile + 3 3D94654E 2 Bytes [0F, C3]
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!HttpQueryInfoA 3D94878D 5 Bytes JMP 00A3D0E8
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetCloseHandle 3D949088 5 Bytes JMP 00A3C258
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!HttpAddRequestHeadersA 3D94CF4E 5 Bytes JMP 00A3A538
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!HttpOpenRequestA 3D94D508 5 Bytes JMP 00A396A8
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 00A38F60
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!HttpSendRequestW 3D94FABE 5 Bytes JMP 00A3B3C8
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetOpenA 3D95D690 5 Bytes JMP 00A38818
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!HttpSendRequestA 3D95EE89 5 Bytes JMP 00A3AC80
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetReadFileExA 3D963259 5 Bytes JMP 00A39DF0
.text C:\WINDOWS\system32\rundll32.exe[1320] wininet.dll!InternetErrorDlg 3D9CA783 5 Bytes JMP 00A3C9A0
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10022ADA C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] kernel32.dll!ResumeThread 7C832927 5 Bytes JMP 10022CBD C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!GetMessageW 7E4191C6 5 Bytes JMP 1002290A C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 100229B4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154BD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 025D318C
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!ShowWindow 7E42AF56 5 Bytes JMP 025D31CA
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB5C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5117 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5049 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E50B4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4F1A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4F7C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E517A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10022A61 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4FDE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 10022A9F C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E547F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 46CB3704 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 46CB41DF C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 100225FE C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!socket 71AB4211 5 Bytes JMP 46CB354C C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!connect 71AB4A07 5 Bytes JMP 46CB35DC C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!send 71AB4C27 5 Bytes JMP 46CB3B92 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!recv 71AB676F 5 Bytes JMP 46CB4549 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!getpeername 71AC0B68 5 Bytes JMP 10022733 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3940] ws2_32.dll!WSAConnect 71AC0C81 5 Bytes JMP 100226A4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10022ADA C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] kernel32.dll!ResumeThread 7C832927 5 Bytes JMP 10022CBD C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] USER32.dll!GetMessageW 7E4191C6 5 Bytes JMP 1002290A C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 100229B4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 10022A61 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] USER32.dll!TrackPopupMenuEx 7E46CF62 5 Bytes JMP 10022A9F C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 10022717 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 100225FE C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 1002263C C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] WS2_32.dll!getpeername 71AC0B68 5 Bytes JMP 10022733 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4040] WS2_32.dll!WSAConnect 71AC0C81 5 Bytes JMP 100226A4 C:\Documents and Settings\All Users\Application Data\KeyboardTrayTray.dll (Microsoft Connection Manager Utility Lib/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Sftfsxp.sys (Microsoft Application Virtualization File System/Microsoft Corporation)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\DellD505\Cookies\delld505@mmismm[3].txt 0 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\F46F7S0Q\ITPS_v105_IDAlerts_v5_watchListen.728x90[1].swf 10053 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\HN53O2IO\login_status[2].php 1188 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\HN53O2IO\fw-nonplayer-banner[1].htm 1301 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\HN53O2IO\fw-nonplayer-banner[2].htm 1310 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\HN53O2IO\tntwo[10].php 43 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\JIJOEI4I\pxabicm[1].gif 43 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\KNNGU1W1\isolate[1].html 0 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\X7OGMEKI\dref=http%253A%252F%252Fadme.mevio[1].com%252F%253Faction%253Dtoggle_playback 1549 bytes
File C:\Documents and Settings\DellD505\Local Settings\Temporary Internet Files\Content.IE5\X7OGMEKI\dref=http%253A%252F%252Fadme.mevio[2].com%252F%253Faction%253Dtoggle_playback 1752 bytes

---- EOF - GMER 1.0.15 ----

Attached Files

  • Attached File  ark.txt   25.78KB   1 downloads


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:06 AM

Posted 20 October 2011 - 10:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:06 AM

Posted 26 October 2011 - 08:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users