06-09-2011, 05:09 AM
Greetings,
In return for this service, I propose to you two conditions:
Thank you.
Genuinely yours,
Quintus
Whilst I am in the process of scrutinizing your complete set of provided logs for any possible infections or problems, I ask for your forbearance. Understand that the process of analysis requires time and careful examination hence the need for a cautious response. Accuracy is of the essence. Once I come across infections, I shall present the finest methods of removal for your convenience.
In return for this service, I propose to you two conditions:
- You are not to create any new threads regarding the similar topic as it will waste another helper's time.
- You are not to install any new software in your system, as it may hinder our process thus making this futile.
- You are not to modify the logs in any way. Failure to do so will instantly deprive you of this service.
- You are to paste each log separately at 'Pastebin' as it is. That is correct, no syntax highlighting, no editing - just the log purely. Post back the links for each log. You shall not hide them under spoiler codes.
- You are to provide the complete set of requested logs.
- You are to keep all your trusted tools that the scanners may detect in a password protected archive. This is to prevent them from being deleted as we've had complaints or refusal to use the scanner for this reason.
- You are to respond to every step I ask you to do using the format provided at the end of my post.
- You agree that I have the right to discontinue the analysis at any time, upon a violation of a single rule.
Provided that you will continue with this service, you hereby agree to the above statements. If you deem the conditions are portraying equality, I will willingly perform the analysis without further delay. Should you have any concerns or problems with the above conditions, or if you feel that I have overlooked your log, do inform me through a Private Message.
Thank you.
Genuinely yours,
Quintus
- Optional Pre-Step
With regard to my fourth condition, here are the steps on how to password protect your trusted tools momentarily. Do note that I would advise you to remove all the infections present in your system as I am not certain of the sources of these programs thereby I will not be able to verify whether they are backdoored or not.
You are doing this at your own risk.
- Create a new folder with the name of your choice.
- Gather all of your tools into that folder.
- If you do not have a file compressor, download '7-Zip' and install it.
- After doing so, navigate to the said folder and right-click.
- You are now presented with options.
- Please chose 7-Zip > Add to Archive.
- Under the Archive Name, enter any name you wish.
- Set the Archive Format to 7z.
- Set the Compression Level to Ultra.
- Under Encryption fill in the Password field twice. You can tick Show Password if you desire.
- When everything is done, click OK.
- You are now presented with options.
- Wait for some time. The waiting time is determined by the size of your files.
- 7-Zip will have produced the file for you.
- Now we test the file by Right-click > 7-Zip > Extract Here.
- A prompt asking you for the password should appear.
- Select Cancel as this is for testing purposes only.
- Now delete the other folder, empty your Recycle Bin and proceed with the instructions.
- Create a new folder with the name of your choice.
- Pre-Step I
Click 'here' to download Temp File Cleaner by OldTimer. Save it to your desktop.
- Close any open windows.
- Double-click TFC.exe and select Run when prompted to execute the program. It will close all open programs itself in order to run.
- Click the Start button to begin the cleaning process.
- Please let the program run uninterruptedly.
- Once the cleaning has been done, your computer should automatically reboot. Otherwise, please do so when it does not.
- Close any open windows.
- Save it to your desktop.
- Double-click SecurityCheck.exe and follow the instructions inside of the black box.
- A Notepad document called Checkup.txt should automatically open; please post the contents of that document.
- Save it to your desktop.
- Pre-Step III
Download 'aswMBR.exe' to your desktop.
- Double-click aswMBR.exe to run it. Windows Vista and Windows 7 users should run it as an administrator.
- Click the Scan button to start the scan.
- Upon the completion of the scan, click Save Log, and save it to your desktop. Post it in your next reply.
- Double-click aswMBR.exe to run it. Windows Vista and Windows 7 users should run it as an administrator.
- Prerequisite
Your current version of HijackThis is out of date.
- Download the latest HijackThis Installer from Trend Micro by clicking 'here'. Save it to your desktop.
- Double-click the HijackThis icon. Click Run when prompted.
- By default, it will install to C:\Program Files\Trend Micro\HijackThis and will create a shorcut in your desktop.
- Upon running the program, click Accept to agree to the License Agreement.
- Close HijackThis.
If you are having a problem running HijackThis as an administrator (Windows Vista and Windows 7), please follow the steps below.- Download the latest HijackThis Installer from Trend Micro by clicking 'here'. Save it to your desktop.
- On your desktop, right-click the HijackThis icon and select Properties.
- Navigate to the Compatibility tab and put a check on the Run this program as an administrator box.
- Click Apply > OK.
- HijackThis should prompt you to run it as an administrator every time you open it.
- On your desktop, right-click the HijackThis icon and select Properties.
- Step 1
Please run a free online scan with ESET Online Scanner by downloading ESET Smart Installer 'here'. Save it to your desktop.
- Double-click esetsmartinstaller_enu.exe to execute the program.
- Tick Yes, I accept the Terms of Use.
- Click Start.
- If this is your first time installing the scanner, allow the ActiveX Control to install.
- Database download may take some time.
- When done, make sure that the option Remove found threats is ticked. Under the and Advanced Settings, please put a check on the following options:
- Scan for potentially unwanted applications
- Enable Anti-Stealth Technology
- Scan for potentially unwanted applications
- Click Start.
- Wait for the scan to finish.
- Once it is finished, use Notepad to open the log file located at C:\Program Files\ESET\ESET Online Scanner\log.txt.
- Copy and paste that log as a reply to this topic.
- Double-click esetsmartinstaller_enu.exe to execute the program.
- Step 2
Please download Malwarebytes' Anti-Malware 'here'. This is a scanner which I will ask you to use.
- Double-click mbam-setup.exe to install the application.
- Make sure a check mark is placed next to Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform Full Scan, then click Scan. The scan may take some time to finish, so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to restart. Restart if it tells you to.
- The log is automatically saved by Malwarebytes' Anti-Malware and can be viewed by clicking the Logs tab in the interface.
- Copy and paste the entire report in your next reply.
- Double-click mbam-setup.exe to install the application.
- Step 3
Download DDS.scr by sUBs from one of the following links and save it to your desktop.
'Link 1'
'Link 2'
- Double-click on DDS.scr and a command window will appear. This is normal.
- Shortly after two logs will appear, DDS.txt and Attach.txt.
- A window will open instructing you save and post the logs.
- Save the logs to a convenient place such as your desktop.
- Copy the contents of both logs and post them at 'Pastebin separately and post the links in your next reply.
- Double-click on DDS.scr and a command window will appear. This is normal.
- In your next post, please provide the following:
- A Fresh HijackThis (HJT) Log
- aswMBR Log
- Doesn't Do Squat (DDS) Logs
- DDS.txt
- Attach.txt
- DDS.txt
- A Fresh HijackThis (HJT) Log
- ESET Scan Log
- Malwarebytes' Anti-Malware Scan Log
- Security Check Log
- Format of Response
As part of my service terms, you are to fill this up every time you respond to your log. Copy and paste the content inside the code box and write directly after the closing tags.
Example: (Click to View)
- Code:
[b]Step # [/b]
[b]Problems Encountered: [/b]
[b]Step # [/b]
[b]Problems Encountered: [/b]
[b]Step # [/b]
[b]Problems Encountered: [/b]
[b]Step # [/b]
[b]Problems Encountered: [/b]
[b]Link To Requested Logs: [/b]