AureolusV, Dec 17, 2012 #4 TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member AureolusV said: ↑ Before I go into the details, may I ask, is running this forum some Anyway, the results are a bit unexpected on my part (probably cause I don't know much when it comes to these things), so I have attached some images and logs as I really appreciate it. Please try the request again.
So long, and thanks for all the fish. Here are the results from DDS: . Do not include the word Code Code: :processes :killallprocesses :file C:\Users\Skywalker\AppData\Local\tbvmrndu\cenycqmi.exe C:\Users\Skywalker\AppData\Local\itupaixw.log C:\Users\Skywalker\AppData\Local\pyptqydm.log C:\Users\Skywalker\AppData\Local\rvrsbetv.log C:\Users\Skywalker\AppData\Local\vkkigntt.log C:\Users\Skywalker\AppData\Local\yndtjmny.log C:\Users\Skywalker\AppData\Local\dkaruphf.log C:\Users\Skywalker\AppData\Local\ebhfqmoc.log C:\Users\Skywalker\AppData\Local\fbwxotos.log C:\Users\Skywalker\AppData\Local\fslehpaq.log C:\Users\Skywalker\AppData\Local\bcmnjmfr.log C:\Users\Skywalker\AppData\Local\tbvmrndu :commands [PURITY] [EMPTYTEMP] [RESETHOSTS] [REBOOT] Then click the Run As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged
Your cache administrator is webmaster. Just close notepad and attach this log form OTL to your next message. Hope to hear from you soon. Now install an AV program!!
Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Are these steps to double check if I'm still infected? Haven't been doing anything out of the ordinary here lately which I can think of... Edited by Noviciate, 24 August 2012 - 04:14 PM.
Ignore it and click OK to continue. If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box. A case like this could easily cost hundreds of thousands of dollars. pop over to these guys Back to top Prev Page 2 of 2 1 2 Back to Virus, Trojan, Spyware, and Malware Removal Logs 2 user(s) are reading this topic 0 members, 2 guests, 0 anonymous
Anyway, it seems successful I can enter antivirus websites now! Before I go into the details, may I ask, is running this forum part of your past time, your passion? Please do so if asked. Thanks heaps!
The log for it is as attached anyway. Anyway, the logs requested are as attached. When it is finished, there will be a log on your desktop called: RKreport.txt Attach RKreport.txt to your next message. (How to attach) Do not reboot your computer yet. It won't let me download TDSSKiller too but I managed to used a program called Internet Download Manager to bypass that problem, but not for Malwarebytes Anti-Malware unfortunately.
Generated Tue, 31 Jan 2017 03:16:19 GMT by s_wx1219 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.9/ Connection Or do you get paid? 'Cause I would imagine helping others would take up quite a bit of your time, and it seems that there's quite a lot of people visiting AureolusV, Dec 26, 2012 #12 TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member It's hard to say where you got it from. One problem I came upon while following the steps is that I could not download "Malwarebytes Anti-Malware".
FF - ProfilePath - C:\Users\Adam McLaughlin\AppData\Roaming\Mozilla\Firefox\Profiles\1wz16g68.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files Then manually delete these items: C:\Users\Skywalker\AppData\Local\bcmnjmfr.log C:\Users\Skywalker\AppData\Local\dkaruphf.log C:\Users\Skywalker\AppData\Local\ebhfqmoc.log C:\Users\Skywalker\AppData\Local\fbwxotos.log C:\Users\Skywalker\AppData\Local\fslehpaq.log C:\Users\Skywalker\AppData\Local\itupaixw.log C:\Users\Skywalker\AppData\Local\pyptqydm.log C:\Users\Skywalker\AppData\Local\rvrsbetv.log C:\Users\Skywalker\AppData\Local\vkkigntt.log C:\Users\Skywalker\AppData\Local\yndtjmny.log Now tell me how things are running and if you are having any other issues. If we have ever helped you in the past, please consider helping us. Copy and Paste the following code into the Custom Scans/Fixes textbox.
Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #17 Noviciate Noviciate Malware Response Team 5,277 posts OFFLINE Gender:Male Location:Numpty HQ Local time:11:26 AM Posted Please try the request again. It may not be there now.
or read our Welcome Guide to learn how to use this site.
The system returned: (22) Invalid argument The remote host or network may be down. Back to top #9 Spudweiser Spudweiser Topic Starter Members 11 posts OFFLINE Local time:06:26 AM Posted 15 August 2012 - 03:45 PM Finally finished! It seems to be causing spikes throughout my internet browsing experience too, slowing my connection down. The fixME.reg was a success (it seems).
Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted. I used RogueKiller to delete the registry earlier and ran HitmanPro. Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). Several functions may not work.
Or do you get paid doing it? We are all volunteers here. Seems like there's a few Trojans. tmltesor.exe Started by Spudweiser , Aug 14 2012 08:51 AM Prev Page 2 of 2 1 2 This topic is locked 19 replies to this topic #16 Spudweiser Spudweiser Topic Starter
Let me have a OTL log, a fresh one for preference, and i'll see where all the data points. Several functions may not work. I really appreciate it. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys
You can have a look at it through Google. TimW, Dec 19, 2012 #7 AureolusV Private E-2 hmmm I don't understand how to fix the softonic item. TimW, Dec 18, 2012 #5 AureolusV Private E-2 All done. I can now access anti-virus websites Time to look for an anti-virus as you said lol...
Back to top #18 Spudweiser Spudweiser Topic Starter Members 11 posts OFFLINE Local time:06:26 AM Posted 17 August 2012 - 05:12 PM Evening Noviciate, The only thing that appears in AureolusV, Dec 20, 2012 #8 TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member If it is not showing up in the log, then don't worry about it. There is no "fix registry" button as far as I can tell...