freakasis, please refrain from making new replies for one line comments. This is what the Edit feature is for> click on Edit to reopen the post> add, delete or change what you want, then click on Save. I have asked the moderator to merge posts 9-13.
I also ask that you use some patience. Your first post was only 18 hours ago, now the total is up tp 14, 11 of whicch are from you and clearly appear to be 'bumps'.
IF you would like me to help with the malware cleaning, I ask that you only run the programs I instruct you to. Why did you run RootDetective? It is possible that by running additional programs that were not recommended that you have skewed the reults of the entries in the logs.
The antivirus scan show malware TR/Dldr.WMA.Wimad.X Trojan on a music download. The source of this Trojan is Multimedia files. Trojan.Wimad is a Trojan that downloads remote files from remote Web sites by exploiting the Digital Rights Management (DRM) technology available in Windows. The Trojan arrives on the compromised computer as a license-protected multimedia file. It appears to have been removed by the AV program.
I would guess that you downloaded the music from a trorrent- file sharing-site. IF so, that is a sure way to get malware.
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Run Eset NOD32 Online AntiVirus Scanner HERE
Note: You will need to use Internet Explorer for this scan.
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
Attach the Combofix report and Eset log to next repky.
Do NOT run any other security or cleaning program.
I suggest that you disable both the BitDefender and Eset online scans running in the background. They could affect what is showing in the logs:
Open IE> Tools> Manage add-on find the following> highlight> disable
BDSCANONLINE ( might be listed as either scan8 or oscan8)
OnlineScanner Control (might be listed as eos)