Jump to content

Tomk1

Honorary Members
  • Posts

    217
  • Joined

  • Last visited

Reputation

1 Neutral

About Tomk1

  • Birthday 01/21/1961

Recent Profile Visitors

4,014 profile views
  1. Op being helped at PCPitstop. http://forums.pcpitstop.com/index.php?/topic/203421-iexplore-running-in-background-at-40-usage/?p=1787921
  2. May the force be with you! You are very welcome. Good luck and be well!
  3. Great! I haven't been impressed with the action center. I suggest you take it's warnings as warnings... not facts. If Kaspersky says it's running - then it's running and the warning is wrong. Let's clean up: Log looks good Time for some housekeeping Click START then RUN Now type ComboFix /Uninstall in the runbox and click OK.Note the space between the X and the U, it needs to be there.The above procedure will: Implement some cleanup procedures.Reset System Restore. We need to remove the tools we've used during cleaning your machine Download Delfix from hereEnsure Remove disinfection tools is ticked Also tick:Create registry backupPurge system restoreClick RunThe program will run for a few moments and then notepad will open with a log. I don't really need to see the log. Please re-enable any security that was disabled. If you have any stray tools or logs left... just go ahead and delete them. The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing. Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein. I would also suggest you read this: So how did I get infected in the first place? by Tony Klein Also: "How to prevent malware" by miekiemoes Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved.
  4. I've been going back over your logs... and I'm just not seeing the problem. The open action center warning about no Anti-Virus when it is actually enabled is not unusual. For some reason that warning is even more prevalent on systems running MSSE. If Kaspersky says it's running... I'd not worry about it. I'm just not seeing any system files being reported other than they should be. You're not throwing errors. I just don't know what is going on. Please try to describe for me each of the issues you are having.
  5. Those are just setup files that have been patched to include google toolbar. They should not be causing your troubles. Let's get rid of them anyway. This will also give the tool a chance to see if anything has changed. COMBOFIX-Script Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: File::C:\Downloads\Software\ccsetup327.exeC:\Downloads\Software\dfsetup212.exeC:\Downloads\Software\gamefire.exeC:\Downloads\Software\Shockwave_Installer_Slim.exeC:\Users\David\Downloads\ccsetup318.exeC:\Users\David\Downloads\ccsetup319.exeC:\Users\David\Downloads\ccsetup321.exeC:\Users\David\Downloads\ccsetup328.exeC:\Users\David\Downloads\ccsetup400.exeC:\Users\David\Downloads\ccsetup401 (1).exeC:\Users\David\Downloads\ccsetup402.exeC:\Users\David\Downloads\ccsetup405.exeC:\Users\David\Downloads\ccsetup406 (1).exeC:\Users\David\Downloads\ccsetup406.exeC:\Users\David\Downloads\ccsetup407.exeC:\Users\David\Downloads\dfsetup209.exeC:\Users\David\Downloads\dfsetup213.exeC:\Users\David\Downloads\dfsetup214.exeC:\Users\David\Downloads\dfsetup215.exeC:\Users\David\Downloads\dfsetup216 (1).exeC:\Users\David\Downloads\dfsetup216.exeC:\Users\David\Downloads\py.exeC:\Program Files (x86)\GUM8CD3.tmpC:\Windows\SysWow64\sho5739.tmpSave this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
  6. Let me trouble you for one more scan. ESET online can sometimes find things I don't see. It takes a long time so you want to run it while you're doing something else. It can take hours. ESET Online Scanner: Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here. Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu. Please go here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install.Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.Now click on Advanced Settings and select the following:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth TechnologyNow click on: The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.When completed the Online Scan will begin automatically.Do not touch either the Mouse or keyboard during the scan otherwise it may stall.When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!Now click on: Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.Copy and paste that log as a reply to this topic. Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  7. Well how about you post me a new set of DDS logs to give a final look. I'm honestly not expecting much as nothing was really showing originally. Assuming I'm correct, and that you don't notice any more problems... I'll have some cleanup procedures for you.
  8. When system file check ran, did it replace some files? How do things seem to be running now?
  9. Sorry I haven't replied sooner. ISP was down all weekend. Now that I think we have the garbage all off... let's see if we can restore files that may be corrupted. Download Windows Repair (All in One) from this site Install the program then run it. NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator". NOTE 2. Disable your antivirus program before running Windows Repair. Go to Step 2 and allow it to run CheckDisk by clicking on Do It button: Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button: Go to Step 4 and under "System Restore" click on Create button: Go to Start Repairs tab and click Start button. Leave all checkmarks as they're. NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button. Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder: 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
  10. Let's try one more tool, Download RogueKiller and save it to your desktop.Quit all other programsStart RogueKiller.exeWait until the Prescan has finished ...Click on Scan Wait for the end of the scanA report will be created on your desktop.Click on the Delete button Next click on the ShortcutsFix another report will be created on your desktop. Please post: All RKreport.txt text files located on your desktop.
  11. Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it on the desktop as fixlist.txt AlternateDataStreams: C:\ProgramData\Temp:5C321E34CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONNOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
  12. I'm not seeing the problem there. Let's get a different look: Please download Farbar Recovery Scan Tool and save it to your Desktop. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.Press Scan button.It will produce a log called FRST.txt in the same directory the tool is run from.Please copy and paste log back here.The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
  13. Who did you email it to? To attach, click on the More Reply Options button on the lower right. In the new window you should see Attach Files on the lower left. Click the Browse button and select the file. Then click the Attach This File button. Then click Add Reply button.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.