Sagipsul, et cetera.

Status
Not open for further replies.
I

ilymandias

My computer's been infected since Jan. 1 (happy new year, right?), and searching around for fixes led me to techspot.

Random popups when not online, or on webpages that shouldn't have popups started occurring, mostly from sagipsul. Before the attacks happened, I had AVG and AdAware free versions on my computer (albeit outdated). Installing the most recent versions and multiple scans with both failed to fix the problems, so I discovered + followed the 8-step virus removal thread. Logs are attached.

Things are looking MUCH better since following the instructions, and I haven't gotten popups every few minutes since completing them. Still, I want to be sure I've got everything cleared up, so please let me know if there is anything else I need to do or be aware of.

Thanks a bunch!

[edit] Oh, by the way, of the list of recommended anti-virus and firewall programs in the 8-steps, I installed Avast! and Comodo.
 
Uninstall AVG using Removal Tool

Frequently I need to point this out. Computer restart was a required user action.
Code: 
Memory Modules Infected:
C:\WINDOWS\system32\cndqiolt.dll (Trojan.Vundo.H) -> Delete on reboot.

Since you report popups are gone, we will conclude with routine steps.

MBAB did not handle all that it found until the computer restart.

It appears that the infection is mostly handled.

Rescan with MBAB & SAS (run as pairs) until clean or something that cannot be cleaned.

HJT scan informs what has not been handled (computer restart before HJT scan)

HJT scan. Tick & fix. Restart computer.
Code: 
O2 - BHO: (no name) - {8FFE8FDE-9A5D-4908-BE37-A76AAD7D088E} - C:\WINDOWS\system32\khfCvWOI.dll (file missing)  >> broken (not listed)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
 - c:\Program Files\BAE\BAE.dll  >> objectionable ([URL="http://www.systemlookup.com/lists.php?list=1&type=clsid&search=CA6319C0-31B7-401E-A518-A07C3DB8F777&s="](see here[/URL]
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)  >> broken (Realcom)

If symptoms remain, post new logs and describe conditions.


Following clean scans, Establish a new clean restore point and Clear your existing System Restore points:
  • New
    • Go to Start > All Programs > Accessories > System Tools > System Restore>
    • Select Create a restore point> OK.
  • Clear Old
    • go to Start > Run > cleanmgr > Select the More options tab >
    • Choose the option to clean up System Restore > OK

      • This will remove all restore points except the new one you just created.
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
Your outdated version of Windows Media Player 6 will still work after the Y2K38 bug ends...
Replies
6
Views
139
dangh
dangh
Cal Jeffrey
Recent system update intentionally borks emulators on Xbox consoles
Replies
6
Views
536
passwordistaco
P
Cal Jeffrey
Hackers are using Genshin Impact's anti-cheat software in ransomware to kill antivirus...
Replies
6
Views
820
terzaerian
terzaerian

Latest posts

Back