-
Content Count
26 -
Joined
-
Last visited
About insipid
-
Rank
Malware Basher
-
You could uninstall Ewido, the real-time protection is only a 14-day trial, but it's good to keep around for scanning purposes, you can still use it for that afterwards. I very much doubt it or HJT are blocking your connection. Can you describe your connection difficulties in more detail?
-
Well, this log is from Normal Mode, well done . You can leave that 06 entry if you're not sure about it. The only thing I see that's left is this line: O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" WildTangent is thought to collect data regarding your surfing habits and report back to it's controlling server. I suggest removing it, but the choice is yours. If you choose to remove it, fix the entry with HJT and then remove 'WildTangent' in Add/Remove Programs. Other than that, your l
-
Dankwsc, that actually did quite a bit of good. We have more to do, though. Please first save these directions to the desktop as a text file, because you will need to copy and paste part of them later, once we are in Safe Mode. Click Start >> Run Type "services.msc" (without the quotes) in the run box that pops up. Locate Awlwsterkfp, right-click on it and select 'Properties'. Click 'Stop'. Set 'Startup Type' to 'Disabled'. Exit services.msc. 1) Please download the Killbox. Unzip it to the desktop but do NOT run it yet. 2) Then please reboot into Safe Mode by restarting your computer and
-
Go ahead and do the HijackThis fixes in Safe Mode, then post a new log, even if it's from Safe Mode too. We'll see where we're at .
-
chupzy, there's still one bad process showing in your log. C:\WINNT\System32\irftp.exe is a variant of the W32/SDBOT worm. Please run both of these online virus scans: Trendmicro Housecall....Panda Active Scan For Housecall, select the 'Autoclean' option. Please tell me of any files it can't clean. For Panda, use the default settings and save the log it generates to post in your next reply. Reboot and post a fresh HijackThis log as well as the Active Scan report .
-
Please proceed with the fix without updating Ewido. We'll work it out.
-
Dankswsc, since I haven't heard back I'm going to work with this log. You have quite a mess there, so this may take a few posts to clear up. First, download and install CleanUp! but do not run it yet *NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. Download, install, and update Ewido Security Suite Install ewido security suite Launch ewido, there should be a big E icon on your desktop, double-click it. The program will prompt you to update click the OK button The program will now go to the main screen You will need to update ewido to the latest defin
-
Ok, do what you can. If you can only get a log from Safe Mode, so be it. We'll work with what we have.
-
I apologize, I didn't get the email notification that you had replied. Please post one more HijackThis log to be sure you got it all .
-
chupzy, I see you're running Microsoft Anti-spyware, and this is good, but it may interfere with our fixes. Please disable it for the time-being by right-clicking it's icon in the System Tray and selecting 'Shut Down...'. Rescan with HijackThis and place a checkmark next to the following entries: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oemji.com/side_search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oemji.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://203.125.138.181:83/sop/ R1 - HKLM\Softwa
-
User posted new topic, being helped here http://www.besttechie.net/forums/index.php...&st=0&p=26295
-
chupzy, I'm looking over your log now, I'll have a reply for you soon.
-
Hi Dankwsc, I'm guessing the forum you were being helped at is Spywareinfo . That's my home forum, so it's only fitting that I should continue. Can you tell me the name of the helper that was working on your log so I can inform him/her, so they don't take the time to respond to your log when SWI gets back online? The HijackThis log you posted appears to be done in Safe Mode. Please post a log from Normal Mode, it's important I see everything that's running, and I'll be happy to help. Also, can you tell me what you mean when you say your Internet is "useless"? Is it that you can't get onli
-
I wish I could have helped more. Let me know how it turns out .
-
Vile_DR, other than the Limewire thing, this looks great. In way of general cleanup, I have a couple of recommendations: MWAV detects WildTangent as a possible threat, Panda Active Scan does as well. I generally propose it as an optional fix, so I will do so here as well. It's unnecessary and possibly malicious. I suggest uninstalling WildTangent via Add/Remove Programs in the Control Panel (if it's there) and then deleting this directory: C:\Documents and Settings\mboree\Local Settings\Application Data\Wildtangent\ The other threats MWAV found are in the System Restore cache, you may want