• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.

lance_yien

Retired Staff
  • Content count

    2,326
  • Joined

  • Last visited

About lance_yien

  • Rank
    Forum Deity
  • Birthday

Contact Methods

  • Website URL
    http://lanceyien.info/Forum/
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    France
  1. Hi civicdude590 >>> ComboFix scan: Please delete your copy of ComboFix and download its last version from here or here. Close all running programs and disabled all your protection programs: antivirus, firewall and antispyware (see here and/or here to know how to disable your programs). Then, right-click on "ComboFix.exe" => "Run as administrator" and follow the on-screen prompts. Please, DO NOT click ComboFix's window while it is running. This may cause it to hang. A log file (ComboFix.txt) will be saved at the root of the System drive (typically C:\ComboFix.txt). Please copy and paste its contents in your next reply. >>> aswMBR scan: Please download aswMBR and save it to your Desktop. Close all running programs and disabled all your protection programs: antivirus, firewall and antispyware (see here and/or here to know how to disable your programs). Then, please right-click on "aswMBR.exe" => "Run as administrator" and allow the program to download latest virus definitions (if prompted). Click the [Scan] button and let it run uninterrupted (you will get a message: "scan finished successfully"). Click the [Save log] button and save it to your Desktop as "aswmbr.txt". Please copy and paste its contents in your next reply (DO NOT fix anything!). I don't need to see the "MBR.dat" log. >>> In your next reply, please include the following (you may need to use two posts to get it all in): ComboFix.txt aswmbr.txt
  2. dmcky, I don't need a second HijackThis log. Please re-read my first reply (the last line) and post the requested logs from Malwarebytes Anti-Malware, DDS, and Security Check.
  3. Hi dmcky, I'm waiting for the requested logs.
  4. Glad we could help. If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  5. Hello dmcky and welcome to SWI. I'm lance_yien and will be helping you. Very Important! >>> Please do immediately: In the upper right hand corner of the topic you will see a button called "Watch this topic", by clicking on this => "Immediate E-Mail notification" => "Proceed" you will be advised when we respond to your topic and facilitate the cleaning of your machine. Back up your personal documents by copying them to a location of your choice (other than your system drive). Spybot's TeaTimer may interfere with our tools. Please disable it (if running on your computer): Run Spybot S&D => "Mode" => "Advanced..." => "Tools" => "Resident" and Uncheck "Resident TeaTimer" and OK any prompts. Close Spybot S&D. >>> During this cleanup, Please DO NOT run, install and/or uninstall any tools/ programs other than those I suggest to you because some programs can interfere with others and/ or can cause some problems to your system. >>> When you receive new instructions, Please Read the whole message. All our tools must be downloaded to the Desktop and launched from there (unless otherwise specified). Please perform all steps in the received order and DO NOT proceed if you need clarification. Please DO NOT re-run any program I suggest. If you encounter problems please stop and tell me about it. >>> When replying, Please use the "Add Reply" button . I do not need to see my previous instructions. Thank you! Please copy and paste your logs into your post unless specifically asked to attach one. Please read the SpywareInfo Forum FAQ and post the requested logs from Malwarebytes Anti-Malware, DDS, and Security Check.
  6. Please print out these instructions or copy them to a Notepad file for an easier reading and go to "Start" => "Run". Type notepad in the Open field and click "OK". Copy and paste the text present inside the quote box below (starting with @): Save this to your Desktop as SubSysRepair.bat and change the "Save as type" to "All Files". Then, please close all open windows and right-click SubSysRepair.bat => "Run as administrator". Click "OK" and restart your computer. Now, please navigate to and right-click on SubSystems.bat (on your Desktop) => "Run as administrator". Please post the contents of "results.txt" that opens and close it. >>> Run Jotti's malware scan: Please copy each line from the following (in bold): C:\Windows\System32\consrv.dll Go to Jotti's malware scan and click the Browse button. A window will open, right-click in the File name field and choose "Paste". Click the Submit button and let the scan run uninterrupted. If you get a message saying "File has already been analyzed", click "Reanalyze file now". When it's done, right-click the Permalink button and choose "Copy the link". Paste it in your next reply. If Jotti is busy, please go to http://www.virustotal.com. >>> Run aswMBR scan: Close all running programs and disabled all your protection programs: antivirus, firewall and antispyware (see here and/or here to know how to disable your programs). Then, please double-click/right-click on "aswMBR.exe" => "Run as administrator" and allow the program to download latest virus definitions (if prompted). Click the [Scan] button and let it run uninterrupted (you will get a message: "scan finished successfully"). Click the [Save log] button and save it to your Desktop as "aswmbr.txt". Please copy and paste its contents in your next reply (DO NOT fix anything!). You will also notice another file created on the desktop named "MBR.dat". Please go here and click on the "Browse" button. Navigate to and double-click on "MBR.dat". Click the "Upload" button. Please copy the content of the "Download link" field and paste it in your next reply. . >>> In your next reply, please include the following: "results.txt" The link to Jotti page aswmbr.txt The link to MBR.dat Any improvements?
  7. Your logs don't seem to show any signs of infection. >>> Tools removal: Please remove ComboFix from your computer by going to "Start" => "Run" and type (or copy and paste): ComboFix /Uninstall in the runbox (make sure to leave a space between "ComboFix" and "/Uninstall"). Click "OK". It will remove all its files/ folders and reset your System Restore by flushing out previous restore points and creating a new clean restore point for you. Please run OTL and click on the CleanUp! button, wait a while, and click "Yes" to reboot. Also, please delete any remaining files/folders from our tools on your Desktop and/or System drive (usually C:\) by right-clicking => "Delete". >>> System Restore maintains a backup of your system files and may also backup infections, so please reset it and make a clean Restore Point: Right-click on the "My Computer" icon on your Desktop or in the "Start" menu and select "Properties". Click on the "System Protection" link. Click on the available hard disk drive or partition that you want to delete the "System Protection restore points" for (usually C:\). Click on the "Configure" button => "Delete" => "Continue" button to confirm the deletion. Click on "Close" in the success prompt => "OK" => "OK" Wait a few moments for it to clear, then: Click on Start Menu. Click on the "System Protection" link and choose the same hard disk drive or partition. Click on the "Configure" button and choose "Restore system settings and previous versions of files" Click on "OK" => "OK" Close the "System" window. A new "Restore Point" will be created automatically. >>> Enable your UAC: Click "Start" => "Control Panel". Click "User Accounts And Family Safety". Click "User Accounts" => "Change User Account Control settings" Drag the slider up or down, depending on how often you want to be alerted. >>> If your computer continues to reboot on its own, please run the Disk Check utility and the System File Check utility and see if that helps. If not, I suggest you take your laptop to a repair shop. Run the Disk Check utility: Please right-click on the "Start" button and click on "Explore". Select the hard drive letter for which you want to run the Disk Check utility and right-click on it => "Properties." Click on the "Tools" tab and click the "Check Now" button under the "Error-Checking" section of the window (if you have User Account Controls enabled, a window will pop up asking permission to continue. Click "Continue") Check "Automatically fix file system errors" and "Scan for and attempt recovery of bad sectors" and click "Start". Click the "Schedule Check Disk" and restart your computer to run the Disk Check utility. Run the System File Check utility: Please go to "Start" => "All Programs" => "Accessories", then right-click on "Command Prompt" and click on "Run as administrator". In the window that opens, type sfc /scannow and press "Enter" (make sure to leave a space between sfc and /scannow). Let it run uninterrupted (you may be asked to insert your Windows setup CD/DVD). Type exit and press "Enter" to close the window. Restart your computer. >>> Protect your computer: Enable Automatic Updates for your Windows under "Start" => "Control Panel" => Automatic Updates. These updates address known issues and will strengthen your protection against known security threats. Without these updates I can almost guarantee that you will get infected again. Make sure ALL your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan ou Update Checker. Use: - Autorun Protector to prevent your PC from being infected with autorun worms and also protecting your removable devices from being infected from other sources (Make sure to insert all your removable drives/pendrives/memory cards, etc before running the tool). - SpywareBlaster to protect your computer from spyware, hijackers... A tutorial on using SpywareBlaster may be found here. Nowadays, most malware is developed only to steal personal information and/or various passwords. I recommend you change all your passwords - make sure you create strong passwords and use a different password for every site (you can keep them in KeePass). Back up your Registry using ERUNT. It can help you especially if the System Restore is disabled by malware or corrupted for some reasons. Please, note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a pop-up for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here. >>> Recommended reading: How to prevent malware How did I get infected in the first place P2P Programs: Popular and Perilous and P2P Downloads Fuel Spyware Why I don’t use registry cleaners Hopefully this should take care of your problems! Safe surfing!
  8. Please print out these instructions or copy them to a Notepad file for an easier reading and download to your Desktop SystemLook (by jpshortstuff) from here or here. Right-click on SystemLook.exe => "Run as Administrator") and copy/ paste the content of the following codebox (starting with :filefind) into the main textfield: :filefind consrv.dll Click the Look button to start the scan. When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. The log can also be found on your Desktop entitled SystemLook.txt Please pgo to "Start" => "Run", type notepad in the Open field and click "OK". Copy and paste the text present inside the quote box below (starting with @): Save this to your Desktop as SubSystems.bat and change the "Save as type" to "All Files". Then, please close all open windows and right-click SubSystems.bat => "Run as administrator". Click "OK". Please post the contents of "results.txt" that opens and close it. >>> In your next reply, please include the following: SystemLook.txt results.txt
  9. Happy Birthday jedi!
  10. Please print out these instructions or copy them to a Notepad file for an easier reading. >>> Use RogueKiller: Close all running programs and right-click on "RogueKiller.exe" => "Run as administratorr". Click the "HostFix" button and let it run uninterrupted! When that's done, click the "ProxyFix" button and let it run uninterrupted! >>> TDSSKiller: Please download to your Desktop TDSSKiller.exe from here. Right-click on TDSSKiller.exe => "Run as administrator", click on the "Start Scan" button and wait for the scan and disinfection process to be over. If an infected file is detected, the default action will be "Cure" and if a suspicious file is detected, the default action will be "Skip". Please DO NOT make any changes and click on the "Continue" button. If you are asked to reboot the computer to complete the process, click on the "Reboot Now" button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). If no reboot is required, click on "Report". A log file will appear. Please copy and paste the contents of that file in your next reply. >>> aswMBR scan: Please download aswMBR and save it to your Desktop. Close all running programs and disabled all your protection programs: antivirus, firewall and antispyware (see here and/or here to know how to disable your programs). Then, please double-click/right-click on "aswMBR.exe" => "Run as administrator" and allow the program to download latest virus definitions (if prompted). Click the [Scan] button and let it run uninterrupted (you will get a message: "scan finished successfully"). Click the [Save log] button and save it to your Desktop as "aswmbr.txt". Please copy and paste its contents in your next reply (DO NOT fix anything!). You will also notice another file created on the desktop named "MBR.dat". Please go here and click on the "Browse" button. Navigate to and double-click on "MBR.dat". Click the "Upload" button. Please copy the content of the "Download link" field and paste it in your next reply. . >>> In your next reply, please include the following: RKreport[x].tx TDSSKiller_log.txt aswmbr.txt and the link to MBR.dat
  11. That may be related to a hardware problem. When you update the program it restores its default settings. >>> OTL fixes: Please close all running programs and disabled all your protection programs. Insert all your removable drives/pendrives/memory cards and run OTL and paste the following (starting with :OTL) in the "Custom Scans/Fixes" window: Click the red Run Fix button. If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose "Yes". A fix log in Notepad will appear. Copy and paste its contents in your next reply and close OTL.
  12. Did you open your computer and see if there are any dust accumulations? Please print out these instructions or copy them to a Notepad file for an easier reading and download to your Desktop: MBAM' StartUpLite from here OTL (by OldTimer) from here or here. >>> Run MBAM' StartUpLite: Please right-click on StartUpLite.exe => "Run as administrator" to run the program. This will display all unnecessary startup entries. Select all options you would like executed, then click "Continue". I recommend you disable them all. >>> OTL scan: Please insert all your removable drives/pendrives/memory cards and close all open windows. Double-click/Right-click on OTL.exe => "Run as administrator" and paste the following (starting with netsvcs) in the "Custom Scans/Fixes" window: Click the Run Scan button and let the program run uninterrupted. When the scan completes, it will open two Notepad windows - "OTL.txt" (opened) and "Extras.txt" (minimized). These are saved in the same location as OTL. Please copy and paste the contents of these files in your next reply (please post only one at a time).
  13. Since the issue appears to be resolved this Topic is closed. If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  14. Your logs seem to be clean! >>> Very important: Any program out of date may contain some vulnerabilities exploited by hackers to infect your computer. Your versions of these programs are out of date. Adobe Acrobat Reader: Please uninstall this program and install the latest version from here (make sure to uncheck the install McAfee Security Scan option). Mozilla Firefox: Please install the latest version from here Adobe Flash Player: Please go here and click the "64-bit uninstaller (229 KB)" link to download the Adobe_Flash_Player_uninstaller to your Desktop and run it. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose "Agree and install now". This will install the newest version of Adobe Flash Player for your browser (Adobe Flash Player plugins for IE and Firefox must be installed separately). I recommend you uncheck the optional install (Free McAfee Security Scan or Free Google Toolbar). Java: I recommend you download to your Desktop the newest version from here or here. It's important that you uninstall older versions of Java because they can leave holes and vulnerabilities on your computer. Please, go to "Start" => "Control Panel" and double-click on the "Software" icon => "Add or Remove programs". Search in the list for all previous installed versions of Java (J2SE Runtime Environment.... ). They should have this icon next to them: Select each in turn and click Remove. Now install the newest version. Please, let me know how the updates went and if you still have any problems.
  15. Please print out these instructions or copy them to a Notepad file for an easier reading. >>> Use RogueKiller: Please close all running programs and double-click/ right-click on "RogueKiller.exe" => "Run as administratorr". Click the "Delete" button and let it run uninterrupted! A log "RKreport[x].txt" will be saved at the same location as RogueKiller.exe, please copy and paste its contents in your next reply. >>> TDSSKiller: Please download to your Desktop TDSSKiller.exe from here. Right-click on TDSSKiller.exe => "Run as administrator", click on the "Start Scan" button and wait for the scan and disinfection process to be over. If an infected file is detected, the default action will be "Cure" and if a suspicious file is detected, the default action will be "Skip". Please DO NOT make any changes and click on the "Continue" button. If you are asked to reboot the computer to complete the process, click on the "Reboot Now" button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). If no reboot is required, click on "Report". A log file will appear. Please copy and paste the contents of that file in your next reply. >>> aswMBR scan: Please download aswMBR and save it to your Desktop. Close all running programs and disabled all your protection programs: antivirus, firewall and antispyware (see here and/or here to know how to disable your programs). Then, please double-click/right-click on "aswMBR.exe" => "Run as administrator" and allow the program to download latest virus definitions (if prompted). Click the [Scan] button and let it run uninterrupted (you will get a message: "scan finished successfully"). Click the [Save log] button and save it to your Desktop as "aswmbr.txt". Please copy and paste its contents in your next reply (DO NOT fix anything!). You will also notice another file created on the desktop named "MBR.dat". Please go here and click on the "Browse" button. Navigate to and double-click on "MBR.dat". Click the "Upload" button. Please copy the content of the "Download link" field and paste it in your next reply. . >>> In your next reply, please include the following: RKreport[x].tx TDSSKiller_log.txt aswmbr.txt The link to MBR.dat