04-04-2012 05:41 PM
I have the same problem as this thread and after doing the online research it seems it's very persistent. I am very dissapointed that I paid for Norton 360 and it is completely oblivious to the problem after running fully system scans consecutively and doing live updates.
Im running IE9 on WIndows 7 x64 (updated with the latest SP and automatic uptades. Ditto for Norton 360 v6.1.2.
Should I proceed with the "advanced tools" on my own risk or will Symantec actually care about their customers and push an update to remove this thing. Is my banking/website logon information also at risk? Would attaching some logs of norton 360 or some advanced tool (Tdss, combofixetc) help?
04-04-2012 06:56 PM
Please read carefully and follow these steps.
Download TDSSKiller hxxp://support.kaspersky.com/downloads/utils/tdsskill
doubleclick on TDSSKiller.exe to run the application,
Find the Change Parameters on the Main IU screen, then Select the Detect TDLFS filesystem.
then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach the log in the post back
Please download aswMBR hxxp://public.avast.com/~gmerek/aswMBR.exe to your desktop. (replace the hxxp with http)
Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT, YES
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and Please attach the log in the post back
04-05-2012 01:35 AM
Please scan with ESET next
I'd like us to scan your machine with ESET OnlineScan
If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.
04-05-2012 01:55 PM
Download Combofix to your Desktop from http://www.bleepingcomputer.com/download/anti-viru
Download the attachment to this post (CFscript.txt) and save it to your desktop also.
Disable Norton and close your Browser(s)
Now drag the CFScript.txt into the ComboFix.exe
Do not do anything else while it is running including moving the mouse cursor inside combofix.
****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
When it is finished it will create a log after, also you may have to restart the PC before you are able to use the Browsers.
04-05-2012 07:36 PM
Ok now I googled it and it seems I have visited the download page of hitman pro. However, I did not run it once you started to send instructions. I might have run it a couple of days back when I first stumbled upon the problem and read stuff on the forums on what other people tried.
I reiterate, though, I followed all the instructions to the very last one on this thread.
Is there any way we can still fix things now that I made this neophyte mistake?