Hello, I moved you to the Am I Infected
forum for now as there are logs required for posting here.
Lets try this.
Please download MiniToolBox
, save it to your desktop and run it.
Checkmark the following checkboxes:
- Flush DNS
- Report IE Proxy Settings
- Reset IE Proxy Settings
- Report FF Proxy Settings
- Reset FF Proxy Settings
- List content of Hosts
- List IP configuration
- List Winsock Entries
- List last 10 Event Viewer log
- List Installed Programs
- List Users, Partitions and Memory size.
- List Minidump Files
and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note:
When using "Reset FF Proxy Settings" option Firefox should be closed.
Please download the TDSS Rootkit Removing Tool
) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (22.214.171.124) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 126.96.36.199 of the tool.
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
- If TDSSKiller does not run, try renaming it.
- To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
- Click the Start Scan button.
- Do not use the computer during the scan
- If the scan completes with nothing found, click Close to exit.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
- Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
- A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.188.8.131.52_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
- Copy and paste the contents of that file in your next reply.
If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe
, select Rename
and give it a random name with the .com
file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions
. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
I'd like us to scan your machine with ESET OnlineScan
- Hold down Control and click on the following link to open ESET OnlineScan in a new window.
- Click the button.
- For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on to download the ESET Smart Installer. Save it to your desktop.
- Double click on the icon on your desktop.
- Click the button.
- Accept any security warnings from your browser.
- Under scan settings, check and check Remove found threats
- Click Advanced settings and select the following:
- Scan potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push
- Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- Push the button.
[color="#8B0000"]NOTE: In some instances if no malware is found there will be no log produced.
Edited by boopme, 13 November 2011 - 12:03 AM.