Welcome to MalwareRemoval.com, What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Read the requirements and privacy statement then click on the Accept button.
The program will launch and start to download the latest definition files.
You will be prompted to install an application from Kaspersky. Click Run
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
Spyware, Adware, Dialers, and other potentially dangerous programs Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
Click on Save Report As....
Change the Files of type to Text file (.txt) before clicking on the Save button.
Save this report to a convenient place.
Copy and paste that information into your topic.
The scan will take a while so be patient and let it run. As it scans your machine very deeply it could take hours to complete, Kaspersky suggests running it during a time of low activity.
KASPERSKY ONLINE SCANNER 7.0: scan report Sunday, December 6, 2009 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Sunday, December 06, 2009 19:33:42 Records in database: 3337124 --------------------------------------------------------------------------------
Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes
Sorry, but I do not know how to run Combofix with the earlier provided script. When I started Combofix, it said there was an update and I pressed "Yes". It loaded and Combofix started the scan. I did not have an opportunity to run that script.
Folder::
c:\documents and settings\Todd\Application Data\LimeWire
FileLook::
c:\windows\system32\Drivers\SSPORT.sys
File::
C:\2.js
C:\4.js
C:\Documents and Settings\Todd\Application Data\Sun\Java\Deployment\cache\6.0\44\3efada6c-5b5e90c5
C:\Documents and Settings\Todd\Application Data\Sun\Java\Deployment\cache\6.0\58\7b79707a-27e4ca01
Save this as CFScript
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.
Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe Then post the resultant log. Let me know about the remaining issues.
Click start->run->type cmd.exe and press enter. Type following command in command prompt window: copy /y C:\WINDOWS\ServicePackFiles\i386\atapi.sys c:\atapi.sys.bak
You should get confirmation message 1 file(s) copied. Let me know if you didn't and stop following instructions below any further.
Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
Copy all of the text in the below textbox to the clibpboard by highlighting it and then pressing Ctrl+C.
Files to move:
c:\atapi.sys.bak|C:\WINDOWS\system32\drivers\atapi.sys
In the avenger window, click the Paste Script from Clipboard, button.
Click the Execute button.
You will be asked Are you sure you want to execute the current script?.
Click Yes.
You will now be asked First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now?.
Click Yes.
Your PC will now be rebooted.
Note: If the above script contains Drivers to delete: or Drivers to disable:, then The Avenger will require two reboots to complete its operation.
If that is the case, it will force a BSOD on the first reboot. This is normal & expected behaviour.
After your PC has completed the necessary reboots, a log should automatically open. If it does not automatically open, then the log can be found at %systemdrive%\avenger.txt (typically C:\avenger.txt).
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.