Abebot infection
- Thread starter incus
- Start date
- Status
Blind Dragon
Posts: 3,774 +4
Download and Install SDFix
Run SDFix
Afterwards run another scan with Hijackthis from Normal Mode and attach the log here
- Download SDFix and save it to your Desktop.
- Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)
Run SDFix
- Open the extracted SDFix folder and double click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
- Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
- Attach Report.txt back here
Afterwards run another scan with Hijackthis from Normal Mode and attach the log here
Blind Dragon
Posts: 3,774 +4
Combofix
Combofix will automatically save the log file to C:\combofix.txt
Run another scan with Hijackthis and attach the log back here
This thread is for the use of incus only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Download Combofix to your desktop.
- Double click combofix.exe & follow the prompts.
- A window will open with a warning.
- Type "1" (and Enter) to start the fix.
- When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Combofix will automatically save the log file to C:\combofix.txt
Run another scan with Hijackthis and attach the log back here
This thread is for the use of incus only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Blind Dragon
Posts: 3,774 +4
---------------------------------------------------------------
Please disable tea-timer, it could prevent the process from working.
Disable Teatimer
CFScript
Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..
Pay particular attention to this :-
Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Save this as CFScript.txt
Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.
-------------------------------------------------------------------------------------------------
Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components :
--------------------------------------------------------------
Finally run another scan with Hijackthis to accompany the combofix log
Please disable tea-timer, it could prevent the process from working.
Disable Teatimer
- Right click the Spybot -SD Resident Icon located in your system tray, Select Exit Spybot - S&D Resident
- Open Spybot S&D
- Click on Mode at the top and make sure that Advanced is checked
- Expand the Tools tab in the left pane
- Single click on the Resident Icon also in the left pane
- Uncheck Resident "TeaTimer" (Protection of over-all system settings) Active
- Close spybot
CFScript
Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..
Pay particular attention to this :-
Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Save this as CFScript.txt
Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.
-------------------------------------------------------------------------------------------------
Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components :
- Click Start, point to Settings, and then click Control Panel.
- In Control Panel, double-click Add or Remove Programs.
- In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.
How to prevent it from being recreated every time you run the AOL software:- Open AOL
- Go to Help on the toolbar
- Select About AOL
- Hit Ctrl D and a secret panel can be accessed which will allow you to disable all desktop and IM features associated with Viewpoint.
--------------------------------------------------------------
Finally run another scan with Hijackthis to accompany the combofix log
- Status
