Greetings draterf250,
I can see that you have a web site stored in the "Trusted Zones" section of your log. The only advantage to having a domain stored in your Trusted Zones, is that the domain...
Type: Posts; User: redcar92; Keyword(s):
Greetings draterf250,
I can see that you have a web site stored in the "Trusted Zones" section of your log. The only advantage to having a domain stored in your Trusted Zones, is that the domain...
Before we go, is there anything that needs attention?
Thanks again for your patience and hard work.
We will close this thread for now.
Take care and safe surfing.
Greetings Ryodin,
This should take care of Spybot.
Press the WinKey + R to open a run box, then copy/paste the following single-line command into the Run box and click OK:
cmd /c del /f/a/q...
Greetings Ryodin,
Let's go after OTL2 first, if it works we will do the rest.
Press the WinKey + R to open a run box, then copy/paste the following single-line command into the Run box and click...
Greetings Ryodin,
Your Java appears to be down level.
Navigate to Control Panel Add Remove Programs.
Highlight each Java item listed then Remove or Uninstall.
Visit this site to down load and...
Greetings Ryodin,
One more thing.
Boot to Safe Mode and delete them. If no joy:
How to set, view, change, or remove file and folder permissions in Windows XP
(Pro/Home)...
Greetings Ryodin,
Have you tried uninstalling Spybot S&D?
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL...
Greetings Ryodin,
I am afraid that we have run to end of our resources in the malware removal forum with your update problem but your logs do look clean. When done here you should post your...
:bigthumb: No problem, my pleasure.
Greetings Ryodin,
MS has a Windows Fixit Center here http://support.microsoft.com/fixit/ that has .Automatically diagnose and fix common problems with Windows Update After page opens, Step 1 Click...
If you haven't done so, try a reboot, then see if updates work.
Greetings draterf250,
You say your PC is OK but a little slow. There are many thing besides malware that can slow down your pc. you could start by clicking Start -> Run enter cleanmgr and click OK....
Greetings Ryodin,
If you will post the exact name, extension and location of those files that you cannot delete, we can use the tools to do the job.
Next
Here is a program that is excellent for...
Greetings Ryodin, I hope you survived Irene in good shape.
How is your pc behaving now? Originally you stated that Spybot S&D would not run. Windows updates was not right, shutdown gave you an icon...
Greetings jkusano
Before you go just a couple of details to take care of.
Recovery Conole is installed by Combofix as a backup measure in the event your pc become unbootable. Here is a good...
Greetings draterf250,
Good you have an AV and MS Security Essentials is a good one.
I apologize for the confusion. I see that you have a program called Registry Booster on your system. These...
Greetings jkusano
Next
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
IE -...
With the storm headed your way, no telling what is happening. It worked for me but was a bit slow. If you loose connection for a while don't worry we will hold the thread open until all parties are...
Hello ryodin,
I think we are nearing the end,
Next
Please go to Virus Total
click on Browse, and upload the following file for analysis:
c:\windows\maxdrive\SbcpHid.sys
Then click...
Greetings jkusano
Things are looking a lot better from this end. How is your pc behaving now? Are there any problems that we may have missed?
Next
Double click on the OTL icon to run it....
Hello ryodin,
Download GMER Rootkit Scanner from here or here.
Extract the contents of the zipped file to desktop.
http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif
Double...
Greetings Ryodin,
I need to relay to you that your PC has/had a very serious and difficult infection and not easily fixed. Besides me there are two other senior experts working on our problem.
...
You should allow "Artemis!753BC16326FE" it is part of Combo fix.
For the next step it is necessary to be sure Recovery Console is installed on your PC. When you boot up do you see the black screen, for about 3 seconds with Windows XP and Recovery Console listed?...
The very first time you run Combofix it looks to see if Recovery Console is setup on your system. If it isn't CF stop and ask to install it. If the Recovery Console is installed CF will continue on. ...
Greetings Ryodin,
Please drag Combofix to Recycle Bin.
Download a new Combofix from
Here
or
revised version here
save to your desktop.
Reboot in to Safe Mode with networking.
To start the...
Greetings Ryodin,
Let's run aswMBR to see if serial.sys still shows up.
Double click the aswMBR.exe icon to run it
Click the Scan button to start the scan
On completion of the scan, click...
Thanks for the heads up. :bigthumb:
Greetings Ryodin,
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
Double-click SystemLook.exe to run it.
Copy the...
Hey jkusano are you still with me, do you need assist with Combofix?
Greetings Ryodin,
Here we go with Combofix
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open...
Greetings Ryodin,
We need to check one more please.
Please go to one of the below sites to scan the following files:
Virus Total
VirScan
jotti.org
click on Browse, and upload the...
How is your PC behaving now?
Greetings Ryodin,
Please go to one of the below sites to scan the following files:
Virus Total
VirScan
jotti.org
click on Browse, and upload the following file for analysis:...
Oh yes there is more to do , you will know when we are done I will post All Clean,
Back soon.
Greetings draterf250,
Did you find an anti Virus yet?
ESET showed some files that need to go.
You have 3 on your PC. Here is a good link to some good info on...
Allll right, way to go, :bigthumb: :thanks:
Greetings jkusano
There are a couple of file that there may still be a problem, so we shall continue.
***Read through this entire procedure and if you have any questions, please ask them before you...
Greetings Ryodin,
We really need to see the combofix log, so let's try it this way. Please note there are a couple of changed steps.
First
Boot to Safe mode with networking by restarting your...
That file is in the C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624} witch is the location of your system restore point data and files. I would leave it. We will delete all...
I apologize for not telling you earlier, combofix.txt is on c:\
It is almost 11:00 so let it go tonight. Sometimes CF takes quite a while, I have seen over half hour on a clean machine. If you are a night owl stop it in 2 hrs. The fact that it completed stage 50...
No problem post back when you can. :bigthumb:
Greetings Ryodin,
This one is a bit stubborn. Let's go at it from this direction.
***Read through this entire procedure and if you have any questions, please ask them before you begin. Then...
I am not seeing anything wrong with dropbox.exe. You can reboot your pc anytime you wish, just rerun rkill after booting.
Back soon.
Greetings jkusano
You have done an awesome job so far, just a little bit more.
P2P - I see you have P2P software VUZE & Conduit installed on your machine. We are not here to pass judgment on...
Jkusno, please don't go yet, there is still more to do to make sure you are as clean as possible and we still need to clean up our tools.
OK Ryodin,
Let's try it this way please.
Print out these instructions as we may need to close every window that is open later in the fix.
It is possible that the infection you are trying to...
Hello Ryodin,
aswmbr log looks like it finished to me. It usually doesn't take more than 10min to run. You can kill it if you wish. I will get back to you soon with another action plan.