Hi I need some expert to tell me if I am still infected looking at the log attached. How do I get rid off it please.
Thanks
Hi I need some expert to tell me if I am still infected looking at the log attached. How do I get rid off it please.
Thanks
Hi I need some expert to tell me if I am still infected looking at the log attached. How do I get rid off it please.follow the guide and [b]attach [/b] the logs....not copy and paste http://forum.avast.com/index.php?topic=53253.0
AdwCleaner
Malwarebytes
OTL
aswMBR
when done…be patient as it may take hours before the malware removal experts arrive
Log Files Attached
Last Of the Log files : only thing that stands out is 2 Registry entries …DNS … Controlset 001 & 002 , Thanks
Malware removers are notified…check back later today
I am not seeing any sign of snapdo… Where are you seeing it ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:OTL
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-3563665913-2513293735-2134829780-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
[2012/10/28 18:14:41 | 000,356,352 | ---- | C] (eSellerate Inc.) -- C:\windows\eSellerateEngine.dll
[2012/10/28 18:14:41 | 000,081,920 | ---- | C] (eSellerate Inc.) -- C:\windows\eSellerateControl350.dll
[2012/07/03 14:46:42 | 000,217,672 | ---- | M] () Unable to obtain MD5 -- C:\Users\Stephan\AppData\Local\Temp\winlogon.exe
[2012/07/03 14:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Users\Stephan\AppData\Local\Temp\svchost.exe
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Hi, Logs attached. I think snap.do and StopZilla1 have been removed.
Thanks
Do you have any other problems ?
Hi, No other problems. Thanks for the help
Run OTL and press the cleanup button to remove it ;D