Please do an online scan with Kaspersky Online Scanner Click Accept, when prompted to download and install the program files and database of...
Please upload the following files to my submission channel for analysis. Leave a link back to this topic. C:\WINDOWS\system32\userinit.exe...
Great! Now, please see if the computer will boot in normal mode. If not, please reboot back to safe mode and let me know. Please do not attempt to...
Highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as; Filename:...
Welcome to WindowsBBS dude500 :) Please visit the following webpage for instructions for downloading and running ComboFix How to use...
The same user profile. If that is Tigerdistrict3 in normal mode then select it in safe mode as well. Just didn't want you using the Administrator...
I'm not seeing anything suspicious in thos logs. Lets see if there are any known to me WoW keyloggers. Highlight and copy the contents of the code...
First, you need to be logged onto the same account you were using in normal mode. Please delete the copy of ComboFix you have and grab a fresh...
You're very welcome. :)
You're most welcome. Happy Holidays! Geri has posted some very helpful information and recommendations regarding future protection in the...
I find it hard to swallow that those report.cab files are actually infected. They are created by the system. Suggest you inquire about those at...
Logs look good, but lets get an online scan to be sure there's nothing else lurking about. Please do an online scan with Kaspersky Online Scanner...
Open a browser and click Tools>Internet Options Select the Connections tab Click LAN Settings Uncheck the box for using a proxy server then...
Try doing a system restore to the restore point created by ComboFix at 2008-12-22 23:43 If that doesn't work try the next, etc.
Try it with only 196.168.1.254
We don't delete them. I'll mark it inactive. ;)
Go into RUBotted's main settings and add the following proxy. 196.168.1.254:1234 That appears to a legit address for some routers and RUB...
Please start the computer and when the choice of operating systems displays, press the arrow up button to select the Recovery Console. Once the...
Are you knowingly connecting through a proxy server, for school or something? Did you add the proxy to RUBotted's settings?
My guess would be that you did not disable Nod32 and it ate the nircmd.com file. Please make sure Nod32 is disabled. Highlight and copy the...
Separate names with a comma.
