Tech Support Forum - View Single Post

alba · 12-07-2008, 09:49 AM

Hi Buddha61

I am happy to help you but could you please run the following tools, I dont want to jump in until I have a better picture of what is going on :)

=================================

Before scanning, make sure all other running programs are closed
There shouldn't be any scheduled antivirus scans running while the scan is being performed.
Do not use your computer for anything else during the scan.

====
DDS:
====

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

When done, DDS.txt will open.
Click Yes at the next prompt for Optional Scan.
Save both reports to your desktop.
1. DDS.txt
2. Attach.txt

=====
GMER:
=====

Download GMER Rootkit Scanner from here or here.

Extract the contents of the zipped file to desktop.
Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...say NO.
In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and make sure the Show all box is unchecked.
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

===========================
How the logs should be furnished:
===========================

Copy/Paste the contents of 'DDS.txt' to be posted as text to your post
The other two logs ...

* attach.txt
* gmer.txt

... should be zipped/archived before attaching to the post

When posting your reply, the zipped file may be attached by clicking the [Manage Attachments] button.
It's located under [Additonal Options] on the composition page.
Browse to where you saved the file, and click Upload.

Checklist

DDS.txt - copy/pasted directly into Reply box
Attach.txt - attached to post
gmer.txt - attached to post

12-07-2008, 09:49 AM	#2 (permalink)
alba Analyst, Security Team Join Date: Feb 2005 Location: Eire Posts: 2,006 OS: Vista, Ubuntu 8.04	Re: Trying To Clean Up A Computer, Need Help Hi Buddha61 I am happy to help you but could you please run the following tools, I dont want to jump in until I have a better picture of what is going on :) ================================= Before scanning, make sure all other running programs are closed There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan. ==== DDS: ==== Download DDS and save it to your desktop from here or here or here. Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS.txt will open. Click Yes at the next prompt for Optional Scan. Save both reports to your desktop. DDS.txt Attach.txt ===== GMER: ===== Download GMER Rootkit Scanner from here or here. Extract the contents of the zipped file to desktop. Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent . If it gives you a warning about rootkit activity and asks if you want to run scan...say NO. In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and make sure the Show all box is unchecked. Then click the Scan button & wait for it to finish. Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post. Save it where you can easily find it, such as your desktop Caution Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries =========================== How the logs should be furnished: =========================== Copy/Paste the contents of 'DDS.txt' to be posted as text to your post The other two logs ... * attach.txt * gmer.txt ... should be zipped/archived before attaching to the post When posting your reply, the zipped file may be attached by clicking the [Manage Attachments] button. It's located under [Additonal Options] on the composition page. Browse to where you saved the file, and click Upload. Checklist DDS.txt - copy/pasted directly into Reply box Attach.txt - attached to post gmer.txt - attached to post __________________ Member of UNITE If I have helped you in anyway, please DONATE to TSF Go raibh maith agat