| Other > Viruses and worms |
| Avast Warning for almost all websites |
| << < (2/4) > >> |
| jackdup:
Here is the combofix log. I noticed at one point while combofix was running it stated rootkit activity found. I also noticed this in the report and would imagine it needs a solution? c:\windows\system32\DRIVERS\pnp680r.sys . . . is infected!! . . . Failed to find a valid replacement. Thank you |
| jackdup:
Just a further follow-up, I am still getting the URL:MAL warning from AVAST. |
| essexboy:
That is a variant of the TDSS rootkit - we will try TDSSKiller first as that can sometimes repair the file. We will follow that up with a look for a replacement file just in case Please read carefully and follow these steps. [*]Download TDSSKiller and save it to your Desktop. [*]Extract its contents to your desktop. [*]Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. [*]If an infected file is detected, the default action will be Cure, click on Continue. [*]If a suspicious file is detected, the default action will be Skip, click on Continue. [*]It may ask you to reboot the computer to complete the process. Click on Reboot Now. [*]If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here. [*]If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. [/list] THEN 1. Please open Notepad[*] Click Start , then Run[*]Type notepad .exe in the Run Box.[/list] 2. Now copy/paste the entire content of the codebox below into the Notepad window: --- Quote ---SRPeek:: c:\windows\system32\DRIVERS\pnp680r.sys --- End quote --- 3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES 4. Save the above as CFScript.txt 5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again. 6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:[*]Combofix.txt [*]A new OTListit log.[/list] |
| jackdup:
Below is the log from TDSSKILLER and attached is the log from Combofix. Yesterday when I ran combofix it asked about installing the recovery console and I selected yes to install. It showed it as being installed and even noticed on one of the reboots a screen for a short period of time giving the option to use the recovery console however when I ran Combofix again today it once again asked if I wanted to install it, so again accepted the isntallation and it said it installed correctlly. Was just unsure why it would ask to install it again today. Also the OTListit.log file, I assume I run OTL again, however don't recall it generating a report named OTListit.log, so is there something special I need to do to get this log or just run quick scan with all users selected? Thank you I just tried to post this reply but with the text pasted from TDSSKILLER it said the post was too long so have attached the log from it as well. |
| essexboy:
TDSSKiller zapped it - what problems are you experiencing now ? |
| Navigation |
| Message Index |
| Next page |
| Previous page |