jholland1964

Sorry this response has been so long in coming. Holidays. Follow these instructions for running the TDSSKiller from Kaspersky [url]http://support.kaspersky.com/viruses/solutions?qid=208280684[/url] * Download the file [B][URL="http://support.kaspersky.com/downloads/utils/tdsskiller.zip"]TDSSKiller.zip[/URL][/B] and extract it (use archiver, for example, WInZip) into a folder on the infected (or potentially infected) PC. [CODE] * Execute the file TDSSKiller.exe. * …

Run HiJackThis again and put check marks next to the following entries: R3 - URLSearchHook: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} - C:\Program Files\SporTV\tbSpor.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll O2 - BHO: SporTV Toolbar - {a298ed31-d405-40e2-880f-b7511948e582} …

Hi Ben, welcome to daniweb. Please bear in mind that the thread you noted is nearly 4 years old, and while your symptoms may be similar it is probably unlikely you have the same one. AVG antispyware is no longer used or even available. If you found it some place …

Can you post the MBA-M logs when it found the infections? I need to see what all was found.

You forgot the GMER log. Please don't attach it, please copy/paste it. We don't like to open attachments from infected computers.

[QUOTE=sharvin;1397384]ok got to run and type msconfig and then adialog box will appear click on startup tab and click disable all restart and normally delete d file it wil get deleted and then go to msconfig and enable each process by clicking on each of it((run is present on the …

Since you didn't post the MBA-M log we don't know what was removed. We need to see that log. rkill should have been used BEFORE that first run of MBA-M and since you were able to run MBA-M before using rkill it is likely you didn't need to use it …

You absolutely must run MBA-M, just removing that one file would not remove the infection. It's very likely it is still there someplace. Right now it just can't run, But you must run an updated Full Scan with MBA-M and be sure to have it remove everything found and Reboot …

First of all you need to follow the instructions given in our Read Me sticky, yes you have posted the DDS log, but you have posted no other logs. MBA-M in particular. You also have not done as instructed in 1A of the instructions: [I][B][COLOR="Red"]1A – Please Uninstall or Disable …

Did you follow this caution? [B][COLOR="Red"]Do not mouse-click combofix's window while it is running. That may cause it to stall[/COLOR][/B]

I would advise you totally Uninstall AVG and install a truly good anti-virus program, either Avira Free or Avast Free. Both are much better programs and rated much higher. [url]http://www.free-av.com/[/url] AVIRA Antivirus or [url]http://www.avast.com/free-antivirus-download[/url] AVAST AV You have at least one P2P program on there,BitComet, the easiest way to get …

Hi, Welcome to daniweb, First we prefer that people begin with the steps found on our Read Me First sticky [url]http://www.daniweb.com/forums/thread134865.html[/url] You HAVE completed one of these steps and that is running MBA-M however you only posted a portion of the MBA-M log. We need to see the Entire log …

Where are the logs from the other programs you ran, especially the MBA-M log. The HJT log will tell us nothing unless we can see the other logs. We don't even know the names of infections found or the locations or the action taken for sure. Please post all additional …

Follow steps given here and post back with all logs. Please copy/paste all logs we do not open attachments. [url]http://www.daniweb.com/forums/thread134865.html[/url]

[QUOTE]My PC is infected with Clicksor and both Spybot S&D & Malwarebytes' AM have failed to detect it.[/QUOTE] Probably because I can find no information on an infection called Clicksor. Clicksor is a marketing technology but I see no evidence of that on your log either. Can you explain more …

This thread is closed Josh and over 4 years old. You need to begin your own new thread in order to obtain assistance.

Why not post your question in the Spyware Doctor forum? [url]http://www.pctools.com/forum/forumdisplay.php?f=54[/url]

Have you tried selecting view>toolbars> uncheck it?

You have two anti virus programs running on the computer. This is an absolute no-no. Only ONE antivirus program should be installed and running on a computer. Choose one of those you have on there and completely uninstall the other one. This would be one reason for your infections as …

And why did you run HJT? We need to know. I see an excessive amount of processes running during the scan. A lot of unneeded auto starts,an excessive number of auto starting services, and extraordinary number of Trusted Sites, some of which are considered very dangerous. Are these work related? …

Sounds as if an infection has changed your LAN settings. Go to Internet Settings, Connections, LAN button and make sure there are NO check marks in there. Ok your way out and attempt to connect. If you can then follow all the steps in our Read Me sticky and post …

Your MBA-M program is way, way out of date. Current database version is 5060, yours is listed as 4052. Please update the program and run a new Full Scan. Have it remove all items found, Reboot the computer and then come back here and post that new log. Judy

Don't know what all you have disabled using msconfig but it is likely you have turned off some needed files. msconfig should only be used for trouble shooting not as a way to stop auto starts permanently. You only have one auto start in programs and one in services. Go …

You may have deleted "some" of the infection but you need to follow all the steps given in our Read Me sticky, especially running MBA-M. Follow the instructions exactly. Post the logs back here when all have been completely and we can decide what needs to be done next. [url]http://www.daniweb.com/forums/thread134865.html[/url] …

<blockquote>yes combofix is very good for removing malware. but backup your data fefore using it.</blockquote> If you knew combofix you would know that this option is given by combofix itself.

You said there was no anti-virus program on the computer but the HJT log clearly shows McAfee + Avast4 on there so there are actually TWO anti-virus programs running on the computer. You have to go in and Uninstall ONE of them for sure, immediately. Since she said she didn't …

Please follow the steps given in our Read Me First sticky and post back with the requested logs and we will be most happy to offer assistance. [url]http://www.daniweb.com/forums/thread134865.html[/url]

You need to post the MBA-M log here. Other steps may be required, especially with the number of Trojans found. These may just be the "tip of the iceberg". There very well could be a rootkit on there which will just bring in more infections.

We prefer the logs be copy/pasted rather than uploading so next time please do that. You failed to update MBA-M before running the scan. As of writing of this post the current database is 4893. Please update MBA-M and run a new Full Scan with it. Have it Remove all …

[QUOTE=rangarecon;1363145]You could always stop the service for the iexplorer.exe process in task manager. 1. go into task manager and click on services or processes tab 2. click on services button down the bottom right of task manager window. 3. scroll through window in services (should direct you to services)and look …

Since we have no idea what tools you have used or anything about the computer then there is no way we can give you any information. We need to know what you found and HOW. You need to begin by following the steps given in our Read Me sticky [url]http://www.daniweb.com/forums/thread134865.html[/url] …

First of all you are using TWO antivirus programs on the computer, Avast and Microsoft Security Essentials. The absolute rule is [B]ONE[/B] antivirus program should run on a computer. Any more than one then, yes the computer can become extremely slow but, and more important, you actually can lessen your …

Hi Ed, welcome to daniweb. RegEdit is certainly NOT tool to run to remove infections, you need to know what registry entries ARE infected before attempting this. Your MBA-M shows you only ran a Quick Scan and No Action Taken. Did you reboot after running MBA-M? This is one of …

[QUOTE=Ulmo;1099699]Try ALT-TAB. It worked for me. What? ALT-TAB is what looks at other windows. I looked carefully after three times and realized I had a popup right before the above notify dll thing. Well, it was waiting for me to press OK, but that window was no longer there. I …

Continue with the rest of the instructions and post the logs. We cannot assist without these logs AND full information about the computer and the problems you are experiencing.

The steps given above are the least of your worries. NONE of those steps will remove this infection and that is the very first order of business that must be undertaken. File recovery at this point is useless, removal is #1. To begin this process follow the instructions in our …

Obviously you ARE infected. Please follow the steps given in our Read Me First sticky and post back here with all requested logs. [url]http://www.daniweb.com/forums/thread134865.html[/url]

The log is incomplete, we need to see the full log, including the top portion that reads like this; [I][COLOR="Green"]Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:40:36 AM, on 10/9/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal[/COLOR][/I] What programs did you …

You need to follow the steps given in our Read Me sticky and post back here with all requested logs. [url]http://www.daniweb.com/forums/thread134865.html[/url]

[QUOTE=MichaelH.;1008648]Hi, I keep having problems installing iolo System Mechanic Professional 9 . The Anti-Virus won't install and I get a window that says there is a problem with something called Real Time. Can anyone help me?[/QUOTE] Probably has to do with the real time email settings. I suggest you check …

Hi and welcome to daniweb, We need more information, your operating system for instance. You should do the scans found in our Read Me sticky [url]http://www.daniweb.com/forums/thread134865.html[/url] Copy/paste the logs back here and we will be happy to offer further assistance. One thing to check is go to your Control Panel …

I'm sorry you had to wait so long for assistance. We are very short handed at the moment. Please download [B][URL="http://www.bleepingcomputer.com/download/anti-virus/combofix"]ComboFix by sUBs[/URL][/B] · [B]You must download it to and run it from your Desktop[/B] · [B]Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily …

First of all Uninstall that Perfect Optimizer, it's junk. Could even be how you got infected in the first place. There is no earthly reason to use a Registry Cleaner. If there are infected points in the registry then good tools like Malwarebytes' Anti-Malware will remove them. First of all …

Gronz, this thread is over one year old. Please create your own thread AFTER completing steps given in our [B][URL="http://www.daniweb.com/forums/thread134865.html"]Read Me Sticky[/URL][/B] and then post the logs along with a detailed description of your problems.

We need a LOT more info than what you have given us. We need to know all about your computer, operating system, what type of email program are you talking about, an actual program or webmail? You say Norton picked up nothing but McAfee trial picked up? You can't run …

Part of your problem is you are using programs which are not compatible with Windows 7 and/or also not compatible with a 64bit system. GMER runs only on Windows NT/W2K/XP/VISTA Malwarebytes's IS compatible with Windows 7 and 64bit systems however, [B]where is the log?[/B] We can make no determinations of …

Can you try booting to Safe Mode with Networking and downloading the scanners and then run the scans and posting the logs that way. Follow the instructions given on this link for correct booting to safe mode for your operating system [url]http://www.bleepingcomputer.com/tutorials/tutorial61.html[/url] After that Follow the steps given in our …

[QUOTE=OldTime;1337124]You have some malware loading: C:\DOCUME~1\phil\LOCALS~1\Temp\Tj1.exe[/QUOTE] You are correct OldTime. We saw that, this is why the poster must follow all the steps in the Read Me Sticky. The longer he waits the more infected the computer will become.

Hello, am [B]very[/B] concerned here by several things you said, [B]First:[/B][B][B][I][COLOR="Red"]Microsoft security essentials detected threats[/COLOR][/I][/B][/B] and then you said [B][I][COLOR="Red"]first thing I did was run avira scan[/COLOR][/I][/B] Are you saying that you have BOTH of these programs running on your computer? If so that is a BIG No-No. Both are …

House Call does remove infections found without charge as far as I know.But obviously another tool needs to be tried. Reboot your computer into Safe Mode with Networking using the instructions for your version of Windows found below: [url]http://www.bleepingcomputer.com/tutorials/tutorial61.html[/url] Once booted to Safe Mode with Networking do this: Download the …