[jpshortstuff]

Firstly, you must be registered on the forums. To do this, click the following link and follow the on-screen directions:
>>Register<<

Before posting to the forums and beginning any fixes, we strongly advise that you take some safety precautions.


Step #1

Backup Your Registry

Backup Your Registry with ERUNT

Backup Your Registry with ERUNT

• Please use the following link and scroll down to ERUNT and download it.
  http://aumha.org/freeware/freeware.php
  
• For version with the Installer:
  Use the setup program to install ERUNT on your computer
  
• For the zipped version:
  Unzip all the files into a folder of your choice.

Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe



Download TFC to your desktop

• Open the file and close any other windows.
  
• It will close all programs itself when run, make sure to let it run uninterrupted.
  
• Click the Start button to begin the process. The program should not take long to finish its job
  
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Step #2

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Click on Minimal Output at the top
  
• Download the following file scan.txt to your Desktop. You may need to right click on it and select "Save"  scan.txt (2.38K)
  Number of downloads: 0
  
• Double click inside the Custom Scan box at the bottom
  
• A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
  
• Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
  
• Select scan.txt and click Open. Writing will now appear under the Custom Scan box
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time

Step #3

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

• Double click GMER.exe.
  http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif
  
• If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
  
• In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
  • IAT/EAT
    
  • Drives/Partition other than Systemdrive (typically C:\)
    
  • Show All (don't miss this one)
    http://www.geekstogo.com/misc/guide_icons/GMER_thumb.jpg
    Click the image to enlarge it
  
  
• Then click the Scan button & wait for it to finish.
  
• Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
  
• Save the log where you can easily find it, such as your desktop.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Please copy and paste the report into your Post.



Starting a New Topic

Now we need to start a new topic in the Malware Removal Forum. To do this, click the following link:
>>Create New Topic<<

In the "Topic Title" and "Topic Description" fields, type a title and description that we can identify your problem with.

For Example:

Topic Title: Virtumonde Infection
Topic Description: IE Popups and Security Warnings

Then, type a detailed description of your problem in the main text area. This will aid us in analyzing your problem and devising a fix for you. The more information you can give us, the better.

Finally, post the OTL and GMER logs so we can get started at fixing your problem.



Your topic has now been created. A member of staff will help you as soon as they can. Please bear in mind that all the staff here have real lives as well as helping out at many forums, so we will not always be able to attend to your thread as quickly as we would like. If this is the case and you haven't received a reply within 3 days of posting your topic, add a reply to this thread with a link to your topic in the Malware Removal Forum. We will attend to your thread as soon as we can.


Here are a few rules and guidelines we would like you to take into account.

• Do NOT follow advice from a topic other than your own. Other topics may have similar problems but please do NOT follow the advice given. Doing so will/can cause your PC some damage. ALL PC's have different situations.
  
  
  
• Only post ONE topic in this forum
  
  
  
• Do NOT PM staff members asking for help
  
  
  
• Only staff are permitted to give out malware related advice. For more information about the different usergroups here, click here
  
  
  
• Do NOT reply to your own thread. This will delay help, as helpers look for threads with 0 replies starting with the oldest.
  
  
  
• Any topics with a cracked copy of Windows will be closed without warning.
  
  
  
• If a user who has previously been known to have cracks/keygens on their system returns with similar problems, the topic will be closed without warning.
  
  
  
• NO SPAM. Spammers will be banned and the topics deleted without warning.
  
  
  
• Do NOT post an OTL log to more than one forum. This severely wastes helper's time and duplicate topics will be closed without warning.
  
  
  
• Please follow your topic all the way through until the end, when the helper gives you the all clean/prevention speech. This way we can assure that we can provide the best service we can, and to insure that you are clean and will be protected for the future.

Thanks!

With Regards,
The 247Fixes Staff

[SpySentinel]

Bump to bring to order!