Not having an OTL scan can hurt. Let me get someone. They’ll have other tools you can use that might help and run.
[Edit]: I have an idea, however I cannot ask you to do it. I’ve tested it, but without knowing any details about your OS and other info I can’t do it. Please wait for someone to come. I’ve asked someone to render aid to you. It might take a hour or two before they can help you
if I had to guess it’s a rootkit blocking the file. Every remover has different preferences. I will leave it up to whoever. They’ll know better then I will
atieclxx.exe shows up when I look up services running. I tried to delete it denied me access, tried to block and was back running. Do you know what that is?
Would a DDS scan do any better than an OTL? I mean, if one can't get it to work.
Both OTL and DDS tools are diagnostic tools in nature. The difference is in the following.
DDS will show the basic things, when I say basic I mean those items that helper need to read. DDS is a non-invasive tool and it does not perform any changes to the system and its purely serves as a diagnostic tool. Many security forums use the DDS tool as a primary diagnostic tool as it allows the helper to quickly read logs and gives the freedom to decide which tool to use next.
OTL is a tool which has more to show in log as it such has a fix abilities. OTL unlike DDS has a very low whitelist and this why the log is a bit longer.
OTL displays detailed system info while DDS shows the basics that helper can read and decide which tool to perform as follows.
As for example, if user have ZeroAccess rootkit, DDS will show just one line and valid helper knows that that line represents the active rootkit in system.
OTL shall attempt to read all ZeroAccess loading point and entries because as such a tool has a fix and should be able to view the rootkit (if able to see).
But yet again, DDS owed much to ComboFix.
So, both tools have their advantages and disadvantages, point of use is a matter of habit.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
FRST outputs shows no malware activity. If FRST says you’re clean, then you probably are. I say “probably” as there is always the possibility that a rootkit is hiding from detection and from our tools.
For this reason, we go the extra AntiRootKit check using GMER. If there is something hiding itself, GMER shall tell us that …
Please download GMER, the RootKit Detector tool from the link below and save it to your Desktop:
[url=http://www2.gmer.net/download.php][b]Gmer download link [/b][/url]
Note: file will be random named
Double-clicking to run GMER.
[*]Wait for initial scan to finish - if there is any query, click No;
[*]Click [ Scan ] button and wait until the full scan is complete;
[*]Click [ Save … ]- save the report to the Desktop (named ARK );
[*]Then click the >>> button and select Autostart card;
[*]Click [ Scan ] button;
[*] After quick scan, click Copy button;
[*]Open notepad and Paste text. Save report to the Desktop (named autostart )
> Attach here both Gmer logreports. (ARK.txt and autostart.txt)
The name does not matter.
It is more like aesthetics + indicates that the log is the primary (ARK.txt or in your case gmer.txt) and which is secondary (autostart.txt).
Btw, it’s missing autostart.txt. ;D
Re-run GMER > after initial scan click “>>>” tab > autostart tab > scan > copy > save log …
No need to apologize, I personally love when logs are copied into the post. Due to the length of the logs we require from user to post the logs as an attachment.
GMER logs are clean. As FRST and GMER does not show the malware presence, you may remove used tool.
Good workman always cleans up after himself.
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.