Hi,
gregory.gorbital! Welcome to
GeeksToGo! My nick name is
Render and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out
It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.
Please note:- Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
- Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
- Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
- Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
- Please reply within 3 days to be fair to other people asking for help.
- When in doubt, please stop and ask first. There's no harm in asking questions!
Please do the following:
Step 1- Please download aswMBR.exe to your desktop.
- Double click the aswMBR.exe to run it.
- Click the Scan button to start scan.
- On completion of the scan click Save log, save it to your desktop and post in your next reply.
Step 2Download
RogueKiller to your desktop
- Quit all running programs
- For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
- When prompted, type 1 and validate
- The RKreport.txt shall be generated next to the executable.
- If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.
Step 3 OTL Custom Scan- Download OTL to your desktop.
- Double click on the icon to run it.
- Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top, make sure Stadard output is selected.
- Select Scan all users
- Under the Extra Registry section, check Use SafeList
- Check the boxes beside LOP Check and Purity Check.
- Under the Custom Scans/Fixes box copy and paste this in:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
- Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
When completed the above, please post back the following in the order asked for:- aswMBR log
- Contents of the RKreport.txt
- OTL scan log
- Extras log
[/b]