reubencahn
Posts: 10 +0
Links that appear in Google search lead to random advertising pages. Have run the 8 step process. Any help is much appreciated. Here are the logs:
I am not aware if they are Malware or not (likely yes)c:\windows\system32\stcevent.dll
c:\documents and settings\rcc\Local Settings\Application Data\thqpfn
c:\documents and settings\NetworkService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
Why do all large corporations always have Norton?O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fd.org
O17 - HKLM\Software\..\Telephony: DomainName = fd.org
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBB3EDCC-96A6-4466-89A6-538EC7F3A8A4}: Domain = fd.org
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBB3EDCC-96A6-4466-89A6-538EC7F3A8A4}: NameServer = 192.168.180.11,192.168.182.11
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fd.org
I uploaded the first file. It was not found to be malware.The following files (if exist still)
I am not aware if they are Malware or not (likely yes)
Please upload them (one at a time) to HERE
And report back
Otherwise no other Malware found
But. I would like you to do an online scan
Please run this online scan. It will give you a log and I need to see it:
Run Eset NOD32 Online AntiVirus Scanner HERE
Note: You will need to use Internet Explorer for this scan.
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
These are entries necessary for our web-based VPNPlease let me know the results
EDIT
The following entries (Office of Defender Services)
Are obviously required by you and your department?
GovernmentWhy do all large corporations always have Norton?
Norton must have made some big deals with them
EDIT2
Not to sound rude or anything, but don't you guys have onsite techs?
You haven't answered if you have on site tech support.
For now, delete the copy of ComboFix that is on your desktop and redownload a fresh copy, run it and for the benefit of this forum, attach the log.
Okay.
It's always best to have the tech support do any work, if something were to happen to the computer during the cleaning process it will be nothing to do with us and will be completely on your shoulders.
That's strange
Combofix has now found Malware and removed it, but the first run nothing was found
Also did you end up checking those files for Malware?
And did you end up doing an online scan?
For some reason you have not done this?
:filefind
*atapi.sys
*iaStor.sys