Jump to content

mind5150

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello everyone, I have been having some strange redirecting type of issues as of late... I go to this website often called worldstarhiphop.com its a video website and you can click on various music videos and whatnot they also have a comments section below each video... I accidentally clicked on a link left on a comment and ever since then i was unable to watch videos on their website..If i click on a video it would take me to it..then after like 2 seconds my browser window will get redirected to a blank page..at the bottom of the browser the url says: pixel.adsafeprotected.com I dont know what this is, and i just want to get rid of it...any help would be great ..thanks maybe spyware of some kind...but i did a malwarebytes scan and here is my log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.14.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 Alvin Lau :: WINDOWS-7 [administrator] 5/16/2012 7:43:31 AM mbam-log-2012-05-16 (07-43-31).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 583168 Time elapsed: 1 hour(s), 32 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  2. C:\Program Files\Misc\New folder\Documents\FL Studio XXL v9.0.0 +UN-LOCKER +UN-LOCKED VSTi [ P.r.t.CreW!] 100% Clean.rar Win32/OpenCandy application deleted - quarantined C:\Qoobox\Quarantine\C\Users\Alvin Lau\AppData\Roaming\Mozilla\Firefox\Profiles\y96fpzoo.default\extensions\{45c6f340-e06b-4b06-b708-2b08da62ff93}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined C:\Users\Alvin Lau\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\576c5ff4-433c95c6 multiple threats deleted - quarantined C:\Users\Alvin Lau\AppData\Roaming\3A531B4BFE1D2B9DB2B57BFC09182833\enemies-names.txt Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined C:\Users\Alvin Lau\AppData\Roaming\3A531B4BFE1D2B9DB2B57BFC09182833\local.ini Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined C:\Users\Alvin Lau\Desktop\Image-Line.FL.Studio.ASSiGN.Edition.v10.0.0-ASSiGN\flstudio_10.0.exe Win32/OpenCandy application deleted - quarantined C:\Users\Alvin Lau\Downloads\Misc system files\Image-Line.FL.Studio.ASSiGN.Edition.v10.0.0-ASSiGN.rar Win32/OpenCandy application deleted - quarantined
  3. Here is the log attached... eset scan.txt
  4. Sorry for the delay, here is the log of the eset scan:
  5. Hello, yes im still here...i will do the last steps as soon as i can, i have not been to my computer in a few days because of the holidays...will post latest report soon
  6. Hello Elise, I deleted my AVG because there was too much extra stuff going on, installed Microsoft Security Essentials which is less of an annoyance on my computer, also picked up a few threats on my computer so far and claimed removed them. Deleted bit torrent, which i never use and have no clue how it got on here...also downloaded the java update like the one you said to do and follow instructions as per your post. After everything was done, updated malwarebytes and did a full scan...below is the log...please take a look when you have time and let me know what you think. Thank you so much, sorry for the late response by the way... Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8348 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 12/10/2011 12:26:28 PM mbam-log-2011-12-10 (12-26-28).txt Scan type: Full scan (C:\|) Objects scanned: 523541 Time elapsed: 1 hour(s), 14 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  7. Ok, my internet is working now, and everything seems to be working...i had deleted my AVG during this process....what kind of anti virus do you recommend i install? Any good free ones out there? THANK YOU SOOOOOO MUCH ELISE!
  8. Hello Elise sorry for the delayed response, below is the txt log from fss...i made sure the include all files was checked off, but the scan took literally less than a few seconds....i dont know if that is how its supposed to work. Anyway here is the log, please take a look and tell me what you think..thanks! Farbar Service Scanner Ran by Alvin Lau (administrator) on 29-11-2011 at 21:14:33 Windows 7 Professional (X86) ******************************************************** Service Check: ============== Dhcp Service is not running. Checking service configuration: The start type of Dhcp service is OK. The ImagePath of Dhcp service is OK. The ServiceDll of Dhcp service is OK. Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. tdx Service is not running. Checking service configuration: Checking Start type: Attention! Unable to open tdx registry key. The service key does not exist. Checking ImagePath: Attention! Unable to open tdx registry key. The service key does not exist. File Check: =========== C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcore.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys [2011-06-15 22:41] - [2011-04-24 18:35] - 0338944 ____A (Microsoft Corporation) 0DB7A48388D54D154EBEC120461A0FCD C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys [2011-11-08 20:24] - [2011-09-29 07:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C C:\Windows\system32\dnsrslvr.dll [2011-04-13 23:02] - [2011-03-02 21:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9 Connection Status: ================== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. **** End of log ****
  9. Im working on a tower computer which is in another room of the house and i do not have cables long enough to do that...however every other device in the house seems to be working, my phone, laptop, xbox, and even the tower computer that i'm having the issues with while on snow leopard. I petitioned the computer to have both snow leopard and windows 7...while using windows 7 this is where the problems persists. This is where the malware/ virus was, now it would seem i removed them, i'm still having problems connecting to the internet due to this "limited access" while only on windows 7, all other devices work, i do not think its the router, i think the malware/virus may have changed some of my settings ...any other suggestions?
  10. After restart programs seem to be running as normal, however connection to internet is still not available. Where the signal bars are there is an "!" saying that i have "Limited Access" still. I am currently using another computer to write back as this is the computer that in hooked up to the modem and router. The computer with the issues is connected via wireless router. Can it be some settings or should i change router passwords? Reinstall router? Ran malwarebytes again after restart (quick scan) and under 4 minutes said there was no infection...did not post log, but will do so if asked.
  11. Hello Elise, I ran the combofix again this morning, and again the prompt came up saying that i was running on mcafee and that i should turn it off, however i dont have mcafee on my computer...at least to my knowledge, did a search and found some lingering files from when i did have it, but now .exe mcafee file or anything like that. Did not find it in the icon tray as well. Combofix prompt said run combofix at your own risk...i clicked continue anyway. Deleted my AVG as well and ran combofix. Below is the log along with the same log as an attach on this post. UPDATE: - As of right now, my computer will not connect to the internet, under my network it says "Limited Access", so i just disconnected it manually. - All of my programs are no longer working, anything with .exe does not work, firefox, malwarebytes, etc. when i try to open a program a prompt will come up saying the file location of the program along with: "Illegal operation attempted on a registry key that has been marked for deletion." This virus/malware/rookit or whatever seems to be getting worse and worse by the minute. I have no clue what else to do. Malwarebytes no longer runs due to the problem mentioned above. I am now in the process of backing up my files in case i need to format my computer.....*SIGH* What else is there left to do?? Thank you for your help thus far Elise, you are greatly appreciated. Happy thanksgiving to you and yours. ComboFix 11-11-23.03 - Alvin Lau 11/24/2011 9:07.3.8 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2036.1041 [GMT -8:00] Running from: F:\ComboFix.exe AV: McAfee VirusScan *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-10-24 to 2011-11-24 ))))))))))))))))))))))))))))))) . . 2011-11-24 17:12 . 2011-11-24 17:12 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-11-24 17:12 . 2011-11-24 17:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-24 17:12 . 2011-11-24 17:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-11-23 04:16 . 2011-11-24 17:12 -------- d-----w- c:\users\Alvin Lau\AppData\Local\temp 2011-11-23 04:03 . 2009-07-13 23:11 53760 ----a-w- c:\windows\system32\drivers\intelppm.sys 2011-11-09 04:24 . 2011-09-29 15:43 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 04:23 . 2011-10-01 04:43 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 04:23 . 2011-09-29 04:20 2339840 ----a-w- c:\windows\system32\win32k.sys 2011-11-05 15:02 . 2011-11-05 15:02 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\aZZ99hTTXwjCeIB 2011-11-05 15:02 . 2011-11-05 15:02 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\XpppmGG5sQJ6EKf 2011-11-05 15:02 . 2011-11-05 15:02 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\cBBBrzzPN 2011-11-05 15:01 . 2011-11-09 15:02 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\ZVVVellOBtzPyc1 2011-11-05 15:01 . 2011-11-05 15:01 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\gIIIVrrlONtx0uS 2011-11-05 15:01 . 2011-11-05 15:01 -------- d-----w- c:\users\Alvin Lau\AppData\Roaming\kyyycAA1ivD2nFp 2011-10-26 11:54 . 2011-08-15 04:25 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-13 21:51 . 2010-02-07 19:01 156672 ----a-w- c:\windows\system32\rmc_fixasf.exe 2011-11-13 21:51 . 2010-02-07 19:01 237568 ----a-w- c:\windows\system32\rmc_rtspdl.dll 2011-10-01 02:59 . 2011-10-13 03:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-09-01 00:00 . 2011-06-02 13:23 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-27 04:43 . 2011-10-13 04:01 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 04:43 . 2011-10-13 04:01 233472 ----a-w- c:\windows\system32\oleacc.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-29 05:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-29 7862816] "Ask and Record FLV Service"="c:\program files\Replay Media Catcher\FLVSrvc.exe" [2009-09-22 156672] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-09-01 1047208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg&inst=NzctNjIwMDAwMzI5LUZMMTArMS1YTzEwKzExLUxJQysyLUNJUCsyLUxTRCsyLUREVCszNjg5NC1ERDEwRisxLVNUMTBGQVBQKzEtRjEwTTEyQU4rMy1GMTBNMTJBKzEtRjEwTTEyQUIrMS1VMTArMS1GMTBNMTJBVEJOKzEtRjEwTTEyQisx∏=90&ver=10.0.1411" [?] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ utilman.lnk - c:\users\Alvin Lau\AppData\Local\utilman.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux6"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-05 09:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 19:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . R1 SASDIFSV;SASDIFSV;c:\users\ALVINL~1\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x] R1 SASKUTIL;SASKUTIL;c:\users\ALVINL~1\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560] R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-03-10 25112] R3 RDID1078;Fantom G;c:\windows\system32\Drivers\rdwm1078.sys [2009-09-18 145792] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-03 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S3 e1qexpress;Intel® PRO/1000 PCI Express Network Connection Driver Q;c:\windows\system32\DRIVERS\e1q6032.sys [2009-07-13 190464] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . . ------- Supplementary Scan ------- . IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Alvin Lau\AppData\Roaming\Mozilla\Firefox\Profiles\y96fpzoo.default\ FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true . . ************************************************************************** . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 6.1.7600 Disk: WDC_WD6400AAKS-41H2B0 rev.07.04C07 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-6 . device: opened successfully user: MBR read successfully kernel: MBR read successfully user != kernel MBR !!! sectors 1250263695 (+0): user != kernel . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(3228) c:\users\Alvin Lau\AppData\Local\FLVService\lib\FLVSrvLib.dll . Completion time: 2011-11-24 09:13:35 ComboFix-quarantined-files.txt 2011-11-24 17:13 ComboFix2.txt 2011-11-23 04:23 ComboFix3.txt 2011-05-10 19:00 . Pre-Run: 21,472,272,384 bytes free Post-Run: 21,295,820,800 bytes free . - - End Of File - - 03EEA7414878393224BBCD8399C3E3BE ComboFix Log2.txt
  12. one last note, my AVG now has an error message which pops up everytime i start the computer up, which says there is an unidentified error or something along those lines (I cant remember) and asks me if i would like to report it to find out the problem, but when i agree it fails to do so.....What should i do next?
  13. Just did a AVG scan and found one infection and said it was unable to remove. c:\windows\system\32\drivers\tdx.sys Trojan Horse Hider.OKI I am now at the point where my internet is unable to connect last time i checked. Under my signal bar of my network it said limited access. Also my folder where my downloads go to is now hidden...the folder where i downloaded combofix. I tried to back it up on my computer and when i went to delete some files it just disappeared. Looks like its missing, i know this has happened to me before and i used a program called unhide, but i forgot how that works...SO Im now using the snowleopard side of this computer, which was petitioned to have windows 7 as well (where im having this issue), to be able to go online and continue replying. So what i want to do now is 1. removed the virus/malware/rookit. 2. be able to go back online. 3. recover my missing files. Going to attempt to run malwarebytes scan again, but will wait here for a reply......I would like to save the computer format option as a last resort, thank you.
  14. No i do not use bitlocker, things on this computer are running ok, i just avoid searching on google. MY AVG (which i disable when told to on this forum) still runs daily scans and seems to pick up threats, says it removes them but i know thats not true. I'm starting to think ALL of the antivirus products people can buy at their local retail stores are useless and a waste of money...if anyone has anything else for me to try i'm all ears....thanks for all the help thus far, greatly appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.