That scan didn't find a whole lot, how is your computer currently working for you? Do you notice any other malware related problems?
Type: Posts; User: __RiP_ChAiN_; Keyword(s):
That scan didn't find a whole lot, how is your computer currently working for you? Do you notice any other malware related problems?
Hello 1abrams,
Some those online anti-virus scanners lock up on certain files for various reasons, in this case I don't believe it's anything to worry about. I don't really see anything else that...
Hello 1abrams,
Open notepad and copy/paste the text in the quotebox below into it:
driver::
ewdmaudn
file::
c:\docume~1\KATY&S~1\LOCALS~1\Temp\ewdmaudn.sys
registry::
Hello 1abrams,
Alright, since you progessed to the point before Combofix was run we will need to go through that process again and then skip the SDFix step and move on past that.
Once again,...
Due to the lack of feedback this Topic is closed.
If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply,...
Hello 1abrams,
Let's try to jump to a system restore point before internet/network abilities were lost. Please follow this guide to restore your computer to a date before SDFix was first ran....
Hello 1abrams,
Since that computer has no internet connection may I assume you're using a different computer to post this information, maybe a second computer in the household? The reason I ask is...
Hello aura-13,
Your log looks clear of any malware issues, if there are no malware signs of infection, then I don't think that further review is warranted.
If you want to update your security...
Hello 1abrams,
Download SDFix and save it to your Desktop.
Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically...
Hello 1abrams,
Sorry for the delay in replying.
Please visit this webpage for download links, and instructions for running Combofix:
...
Hello 1abrams,
Download random's system information tool (RSIT) by random/random from here.
It is important that is saved to your desktop.
Double click on RSIT.exe to run RSIT.
Click...
Hello j.eckl,
Please have a look here: http://forums.spybot.info/showthread.php?t=288
Hello 1abrams,
Download the HostsXpert 3.7 - Hosts File Manager.
Unzip HostsXpert 3.7 - Hosts File Manager to a convenient folder such as C:\HostsXpert
Click HostsXpert.exe to Run...
Hello,
Do you still require any assistance, liquidchrome?
Hello seskill,
That scan didn't turn up anything unexpected, I think we're good to go here.
Make sure you have an Internet Connection.
Download OTCleanIt to your desktop and run it
A...
Hello seskill,
Ok, that's fine :)
Let's run through an online virus scan and see if anything else shows up.
Please do an online scan with Kaspersky WebScanner
Click on Accept
Hello AluminumAngel,
Make sure you have an Internet Connection.
Download OTCleanIt to your desktop and run it
A list of tool components used in the Cleanup of malware will be downloaded.
...
Hello AluminumAngel,
Your logs look good, please run through RSIT again and post the corresponding log from it. If it looks good we'll finish up here :)
Hello seskill,
The programs I asked you to uninstall still appear to be listed, are you having trouble removing them manually be way of add/remove programs?
These are the programs that still...
Hello seskill,
Please have a look at this topic: http://forums.spybot.info/showthread.php?t=282
Please uninstall all of your p2p related programs (if you have not already done so) and post a...
Hello AluminumAngel,
Please download ATF Cleaner by Atribune.
Caution: This program is for Windows 2000, XP and Vista only
Double-click ATF-Cleaner.exe to run the program.
Under Main...
I made a simple mistake with the regfix, the below one should work correctly:
Open notepad and copy (Ctrl C) and paste (Ctrl V) the following text in the quote:
REGEDIT4
...
Hello seskill,
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 -...
Hello seskill,
Download random's system information tool (RSIT) by random/random from here.
It is important that is saved to your desktop.
Double click on RSIT.exe to run RSIT.
Click...
Hello AluminumAngel,
Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.
Click Start.
Open...
Hello AluminumAngel,
Could you please open this file and paste its contents: C:\rapport.txt
Please download DirLook by jpshortstuff from here.
Double-click DirLook.exe to run it.
Ensure...
Hello seskill,
Please download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update...
Hello AluminumAngel,
Download random's system information tool (RSIT) by random/random from here.
It is important that is saved to your desktop.
Double click on RSIT.exe to run RSIT.
...
Hello seskill,
Download SDFix and save it to your Desktop.
Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically...
Due to inactivity, this thread will now be closed.
Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not...
Hello virusvictim,
Download random's system information tool (RSIT) by random/random from here.
It is important that is saved to your desktop.
Double click on RSIT.exe to run RSIT.
Click...
Hello blee0125,
Please download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update...
Hello Soil186,
Your logs look alright, is spybot still detecting those three unremovable threats?
Hello freedumfyter,
Please download Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update...
Hello blee0125,
Please go to VirSCAN.org FREE on-line scan service
Copy and paste the following file path into the "Suspicious files to scan"box on the top of the page:
c:\program...
Hello Soil186,
Please download JavaRa to your desktop and unzip it to its own folder
Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
...
Hello blee0125,
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste...
Hello blee0125,
Download ComboFix from one of these locations:
Link 1
Link 2
Link 3
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Hello Soil186,
Please have a look at this thread and reply with the needed log(s).
Hello virusvictim,
Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://windiwsfsearch.com...
Hello dudforla,
Your posted log looks fine to me, why do you suspect you've been reinfected by Vundo?
Hello freedumfyter,
Please go to VirSCAN.org FREE on-line scan service
Copy and paste the following file path into the "Suspicious files to scan"box on the top of the page:
...
Hello freedumfyter,
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and...
Hello freedumfyter,
While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you...
If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.
If it has been five days...
Due to the lack of feedback this Topic is closed.
If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to...
That is very kind of you; I assure you it is much appreciated.
That should be correct.
I'm glad to hear it. I wish you the best of luck in the future.
Hello Aszolnoki,
Excellent news, your logs look good, as well. Let's go ahead and wrap things up here.
Time for some housekeeping
Click START then RUN
Now type Combofix /u in the runbox ...
Hello rcbroncos,
I would personally recommend AVG Anti-virus. It has served me well for many years.