Jump to content

extremeboy

Experts
  • Posts

    1,088
  • Joined

  • Last visited

Reputation

0 Neutral

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Recent Profile Visitors

10,226 profile views
  1. Hello. Due to Lack of feedback, this topic is now Closed. If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request. This applies only to the original topic starter. Everyone else please start a new topic. With Regards, Extremeboy
  2. Hello. Don't worry about it then, let's just take a new DDS scan to take a final look at your system. Download and run DDS We need to see some information about what is happening in your machine. Please perform the following scan: Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pif [*]Double click on the DDS icon, allow it to run. [*]A small box will open, with an explanation about the tool. No input is needed, the scan is running. [*]Notepad will open with the results soon. [*]Follow the instructions that pop up for posting the results and then click Ok. [*]The black and message box window shall then disappear. [*]Please save both log files on your desktop and post the DDS.txt and zip up and attach Attach.txt as instructed. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE
  3. See if it's in the C:\Program Files\ESET folder
  4. Your blog is very useful! Keep up the good work! :)

  5. Hello. Due to Lack of feedback, this topic is now Closed. If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request. This applies only to the original topic starter. Everyone else please start a new topic. With Regards, Extremeboy
  6. Hello. Since the problem appears to be resolved, this topic is now Closed. Glad we can help. If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request. This applies only to the original topic starter Everyone else please start a new topic. With Regards, Extremeboy
  7. Hello. Due to Lack of feedback, this topic is now Closed. If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request. This applies only to the original topic starter. Everyone else please start a new topic. With Regards, Extremeboy
  8. Hello. Since the problem appears to be resolved, this topic is now Closed. Glad we can help. If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request. This applies only to the original topic starter Everyone else please start a new topic. With Regards, Extremeboy
  9. You're welcome. Glad to help out. Happy surfing again! ~Extremeboy
  10. Let me know how your computer is running and if you have any more problems, issues or symptoms left.
  11. Hello. That's looking good. Let's get an online scan done. Run ESET Online Scan Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the button. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Check Push the Start button. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan completes, push Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. Push the button. Push You can refer to this animation by neomage if needed.
  12. That's good. All is looking good. Let's wrap up. First, run ATFCleaner... Download and Run ATFCleaner Please download ATF Cleaner by Atribune. This program will clear out temporary files and settings. You will likely be logged out of the forum where you are recieving help. Double-click ATF-Cleaner.exe to run the program. Under Main Select Files to Delete choose: Select All. Click the Empty Selected button. If you use Firefox browser also... Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser also... Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Please follow/read the steps below to remove the tools we used and for some more information. Uninstall ComboFix Remove Combofix now that we're done with it. Please press the Windows Key and R on your keyboard. This will bring up the Run... command. Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/") Please follow the prompts to uninstall Combofix. You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself. This will uninstall Combofix and anything assoicated with it. Download and Run OTC We will now remove the tools we used during this fix using OTC. Download OTC by OldTimer and save it to your desktop. Double click icon to start the program. If you are using Vista, please right-click and choose run as administrator Then Click the big button. You will get a prompt saying "Being Cleanup Process". Please select Yes. Restart your computer when prompted. Congratulations! You now appear clean! Now that you are clean, please follow and read some of the prevention tips >over here<. Is your system a bit slow? If so, try some of the points and things suggested here. If you would like, visit my http://computermalwaresecurity.blogspot.com/ and Subscribe/Follow along. If you have no more questions, comments or problems please tell us, so we can close off the topic. Thanks. With Regards, Extremeboy
  13. Hello again, Let's continue. Run ComboFix with CFScript We will run ComboFix again. This time it will be slightly different from the initial run. Close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are unsure how. Open notepad (Start>Run>"notepad") and copy/paste the text in the quotebox below into it:http://forums.malwarebytes.org/index.php?showtopic=50367 Driver:: 1ecfa6aa 785b8bb2 Collect::[68] c:\windows\system32\drivers\1ecfa6aa.sys c:\windows\system32\drivers\785b8bb2.sys c:\windows\qwingsvc.dll Registry:: [-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]Save this as CFScript.txt, in the same location as ComboFix.exe. (This should be your desktop.) Refering to the picture above, drag CFScript into ComboFix.exe. When finished, it shall produce a log for you at "C:\ComboFix.txt" Please post the contents of the Combofix log in your next reply. Upload Samples by ComboFix When Combofix finishes running, the ComboFix log will open along with a message box. With the above script, ComboFix captured some files to submit for analysis. Important: Ensure you are connected to the internet before clicking OK on the message box. A blue-screen would appear auto-uploading the zipped file I requested. After the uploading is done you should see a message near the bottom saying "Upload was Succesfull". **NOTE** ================= IF for some reason Combofix fails to upload anything please do the following: Go to Start >> My Computer > C:\ Then Navigate to the C:\Qoobox\Quarantine folder. Find the archive zip file called "[68]-Submit_Date_Time.zip" Simply go to This Channel and upload the submit.zip archive file to me. Follow the instructions on that page to copy/paste/send the requested file. Let me know how it goes and if the upload went successfully or not in your next reply.
  14. Okay, that item in your C:\ drive was just a Java cache that was infected, that can be removed easily. How's your computer running at the moment?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.