Tim5755,
It's good you are on this site. Most help sites close out threads after 72 hours with no response.
I'm still with you.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
AdwCleaner Download and Run
Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.
Close your browser and double click on this icon on your desktop:
![]()
You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete. When it is done click on the Clean button, accept any prompts that appear and allow the system to reboot.
You will then be presented with the report. Copy & Paste it into your next post.
![]()
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
Let me know how it goes.
If you are unable to perform the requested, please tell me.
askey127
It's good you are on this site. Most help sites close out threads after 72 hours with no response.
I'm still with you.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
- In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
Code::Commands
[CREATERESTOREPOINT]
:OTL
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://isearch.babylon.com/?q={searchTerms}&affID=119351&babsrc=SP_ssbtis1&mntrId=C00E001676E0BF02
CHR - plugin: Wajam (Enabled) = C:\Documents and Settings\Tim Hall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
[2013/08/16 21:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2009/03/31 18:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
:Files
ipconfig /flushdns /c
:Commands
[EMPTYTEMP]
- Then click the Run Fix button at the top.
- Let the program run unhindered, and click to allow the Reboot when it is done.
When the computer Reboots, and you start your usual account, a Notepad text file will appear. - Copy the contents of that file and post it in your next reply.
That is the FIX log file. It will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
AdwCleaner Download and Run
Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.
Close your browser and double click on this icon on your desktop:
You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete. When it is done click on the Clean button, accept any prompts that appear and allow the system to reboot.
You will then be presented with the report. Copy & Paste it into your next post.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
(Vista - W7 users: Right-click and select "Run As Administrator")
If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
If you don't see file extensions, please see: How to change the file extension.
If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change. - Click the Start Scan button. Do not use the computer during the scan!
- If the scan completes with nothing found, click Close to exit.
- If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
- Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
- If Cure is not offered as an option, choose Skip.
- A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
(the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp) - Copy and paste the contents of that file in your next reply.
Let me know how it goes.
If you are unable to perform the requested, please tell me.
askey127