But…after you helped me out last time, I deleted the one file you told me to from the TDSSkiller log you reviewed, and for quite some time, the avast rootkit warning disappeared.
Now, I received this warning : MBR:.…\Par MBR: Alureor
Anyway, I ran TDSSkiller, and the old 3 medium threats were found, nothing of course matching this description, though hell if know if it would come up that way anyway.
I have attached the log from today if that assists in anyway…Again, I really appreciate your time if you can respond.
Thanks, here you go. As you can tell, I accidentally saved the log before scanning, so it includes that, plus the proper scan whereby I can see the infected file but will wait for further instructions.
Thanks man, mike
Edit: Doesn’t look like I let the scan run all the way Essex, so I’m running it again and will attach it to my next post once it says completed. MJ
[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
[*]Select All Users
[*]Under the Custom Scan box paste this in
[b]netsvcs
%SYSTEMDRIVE%*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U*.* /s
%Temp%\smtmp\1*.*
%Temp%\smtmp\2*.*
%Temp%\smtmp\3*.*
%Temp%\smtmp\4*.*
C:\commands.txt echo list vol /raw /hide /c
/wait
C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT[/b]
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
Well…no problem with the disk management partition delete.
I have downloaded OTL a few times, opened…and then copied what you wanted in the custom scan space. When I hit quick scan, it starts running and then disappears.