Thank you. If you really think I should send the logs even though things seem fine then I will do so. What I don’t want to do is waste his time.
Essexboy notified…
Once u attach the log and he confirms u are clean U are back on the track…I hope u understand that we trying to ensure u are clean…
Essexboy will arrive by night…so u may log off for now and check back at night.
Thank you very much…I do appreciate your help. I will now go through the process of sending the logs. Just hope my limited experience won’t be an obstacle!
Your Welcome!
just keep calm and stay cool! 8)
konfoozed post:24: true indian post:22:Essexboy notified…
Once u attach the log and he confirms u are clean U are back on the track…I hope u understand that we trying to ensure u are clean…
Thank you very much…I do appreciate your help. I will now go through the process of sending the logs. Just hope my limited experience won’t be an obstacle!
Your Welcome!
just keep calm and stay cool! 8)
Found a problem already regarding posting the logs. The instructions call for a Restore Point to be created after downloading OTL and doing the pasting in the Custom Scan box.
With a dual boot system (which I have) System Restore doesn’t function fully. You can create a restore point but if you shut down, you lose it. Whether you can create a restore point and go back to it if you don’t shut down I just don’t know. Guess I’ll have to await Essexboy’s advice on this before I proceed.
Meantime, for what it is worth on its own, here is the MBAM log:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.07.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ken :: NSYSKB101207 [administrator]
07/02/2012 10:25:51
mbam-log-2012-02-07 (10-25-51).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 172877
Time elapsed: 5 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Essexboy will answer your problems once he comes online.
Essexboy will answer your problems once he comes online.
Thanks again.
Just delete the [createrestorepoint] from the initial scan
Just delete the [createrestorepoint] from the initial scan
OK, thanks, will hopefully send all in the morning.
Just noticed the message time is an hour late?
Just delete the [createrestorepoint] from the initial scan
Logs asrequested, thanks.
Thanks! for the logs essexboy will be here by night or in another 1 hour
check back by that time!
Cheers!
Cheers!
Any Time!
Could you check in device manager to see if any yellow exclamation marks are there
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL IE - HKU\S-1-5-21-1957994488-842925246-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1 IE - HKU\S-1-5-21-1957994488-842925246-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080 O3 - HKU\S-1-5-21-1957994488-842925246-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O33 - MountPoints2\{33a2a2df-a252-11df-a4e1-001e8c269596}\Shell\AutoRun\command - "" = J:\laucher.exe O33 - MountPoints2\{33a2a2e1-a252-11df-a4e1-001e8c269596}\Shell\AutoRun\command - "" = J:\laucher.exe [2012/02/04 11:45:23 | 000,000,320 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\~rvjxVaaaNz56kH [2012/02/04 11:45:23 | 000,000,216 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\~rvjxVaaaNz56kHr [2012/02/04 11:45:19 | 000,000,344 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\rvjxVaaaNz56kH:Files
ipconfig /flushdns /c:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
With a dual boot system (which I have) System Restore doesn't function fully. You can create a restore point but if you shut down, you lose it. Whether you can create a restore point and go back to it if you don't shut down I just don't know.This will eliminate your WIN 7? restore points from being deleted when you boot into XP. Works for both Vista or Win 7 and any earlier Windows OS. Use Method 1.
Could you check in device manager to see if any yellow exclamation marks are there
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL IE - HKU\S-1-5-21-1957994488-842925246-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1 IE - HKU\S-1-5-21-1957994488-842925246-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080 O3 - HKU\S-1-5-21-1957994488-842925246-839522115-1003\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O33 - MountPoints2\{33a2a2df-a252-11df-a4e1-001e8c269596}\Shell\AutoRun\command - "" = J:\laucher.exe O33 - MountPoints2\{33a2a2e1-a252-11df-a4e1-001e8c269596}\Shell\AutoRun\command - "" = J:\laucher.exe [2012/02/04 11:45:23 | 000,000,320 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\~rvjxVaaaNz56kH [2012/02/04 11:45:23 | 000,000,216 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\~rvjxVaaaNz56kHr [2012/02/04 11:45:19 | 000,000,344 | ---- | M] () -- H:\Documents and Settings\All Users\Application Data\rvjxVaaaNz56kH:Files
ipconfig /flushdns /c:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Hi. I did have a problem just this afternoon when I discovered my Realtek HD Audio wasn’t recognized. I went into Device Manager and it had an exclamation mark by it. I subsequently got the sound back. I PM’d you today regarding current status.
Also, how do I disable MBAM (free)?
Again, regarding the latest fix, I can’t create restore point.
Presume quote points after [emptytemp]?
Please advise before I proceed anything else, thanks.