Hello and welcome to TSF
Please
subscribe to this thread to get
immediate notification of replies as soon as they are posted. To do this click
Thread Tools, then click
Subscribe to this Thread. Make sure it is set to
Instant Notification, then click
Subscribe.
========
Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear.
Please
DO NOT Attach logs to your posts unless you are advised to do so.
=========
Let's try to get a GMER log. You must have extracted gmer.exe to your desktop for this to work.
Open
Notepad and copy/paste the text in the quotebox below into Notepad:
Quote:
@echo off
copy /y gmer.exe omer.exe
start omer
|
Save this as
run.bat Choose to "Save type as - All Files" next to gmer.exe
It should look like this:
Double-click
run.bat & allow it to run.
Then, use these settings to produce a log.
- If asked to allow gmer.sys driver to load, please consent .
- If it gives you a warning about rootkit activity and asks if you want to run scan...click NO.
Click the image to enlarge it
- In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- Sections
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
- Then click the Scan button & wait for it to finish.
- Once done click on the [Save..] button, and in the File name area, type in "gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
- Save it where you can easily find it, such as your desktop, and attach it to your next reply.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries