New
#21
here are the two files requested.
GilV37,
The scan did not run properly...
After:
20:00:01.0396 4392 Initialize success
20:00:01.0396 4392 ============================================================
You should have:
20:00:26.0356 2960 ============================================================
20:00:26.0356 2960 Scan started
20:00:26.0356 2960 Mode: Manual; TDLFS;
20:00:26.0356 2960 ============================================================
20:00:26.0668 2960 ================ Scan system memory ========================
20:00:26.0668 2960 System memory - ok
20:00:26.0668 2960 ================ Scan services =============================
etc., etc., etc...
Is there another TDSSKiller report in C:\?
If not, please give this another try.
here is one from 9:22 pm EST. I just ran the TDSSKiller again.
Yes!
Please run TDSSKiller once again, and this time, when presented with the TDSS File System entry in Threats Detected, select: Delete
Please attach the new TDSSKiller log in your reply.
Next, please use the Malwarebytes Anti-Rootkit Download
Save to the Desktop (easy to find)
Right-click the downloaded file and select: Extract here...
In the MBAR folder that appears on the Desktop, open it, and double-click the MBAR application.
At the main program console click: Next
At the Update Database prompt, click: Update
When the update is done, click: Next
At the Scan System prompt, under Scan targets, check: Drivers, Sectors, and System (If these items are already checked, that's fine.) Now, click on the SCAN button!
The results from the scan are shown as follows (Just an example)(Image courtesy of BleepingComputer):
If any threats are reported, DO NOT click on the Cleanup button to remove them!!!
At this point go back to the MBAR folder on the Desktop, and look for two reports:
1. system-log.txt
2. mbar-log-2013-04-30 (20-13-32).txt
(corresponds to mbar-log-year-month-day (hour-minute-second).txt)
Please attach the mbar-log and the system-log in your reply.
On the Cleanup screen, just press: Exit
Is this a "Legal" copy of Windows 7? I don't mean to offend, but my goodness you have a boat load of malware!!
yes this is a valid copy of windows 7. no I didn't reboot after Mbar.
Please reboot, and run MBAR once again.
This time, press: Cleanup
Also, post the new mbar-log-2013-05-11 (22-32-54).txt