OK, lets get some files deleted and see if we can't get your machine back in your control. Download the Killbox from here and save it to the...
Analysis continued here: http://www.windowsbbs.com/showthread.php?t=61112 This thread is now locked.
Hello and welcome to WindowsBBS Forums. There but a few minor items, unrelated to malware in the log. Can you please give me the exact...
Just split it up into as many posts as you need.
Ok, looks like we have unearthed Vundo as I expected so lets use the Vundo fix. download VundoFix.exe to your desktop. Double-click...
Hello and welcome to WindowsBBS Forums. Looks there are a few nasties on baord, lets see if we can't remove 'em. Below you will find my...
Where did you get the Sophos av software from, online or some other source? Have you tried uninstalling and then reinstalling? Sometimes...
I need you to look for a log created by the rustockbfix: Thanks.
Well none of the info contained in the logs is showing me the rk that ComboFix is saying is present, we may be dealing with a corrupt ComboFix....
Any more Drive Cleaner pop ups? Logs looks clean.
Ok, that didn't show us those drivers, but I'm told some rks can alter the log, sooooo.......another tool anyways, as it can't hurt. Download...
Ok Bill, got a way to look for those drivers. There is also another tool which should get this rk sa well. We'll check for the drivers first then...
Hello and welcome to WindowsBBS Forums. Looks like you have a LOP infection. This is pretty easy stuff to remove, but as with most others,...
For some odd reason GMER is not picking this rootkit up, and it usually does so with ease, I have used it about a dozen times in cleaning it up on...
Glad we could be of assistance. Due to resolution this topic is closed. If you need this topic reopened, please request this by sending the...
This issue and others, being handled here Locked by TeMerc
OK, so how did this manage to happen?? We removed WinBudget a few days ago. <head scratch>:confused: And this is the first I'm hearing of any...
Bill thanks, this thread is moved to 'General Internet'
Ok, nothing found by RKR, tho it's odd that CF would throw up that rk alert. I'm going to look more into that, for now we'll kill what remains....
Hmmm....not seeing what I expected there, lets run another rk tool. I'd also like you to fire up GMER again, run it, and then: Select the...
Separate names with a comma.
