So this is my problem, Obviously I've gotten this takeover, fighting for 2 days - finally got it under control. It took over NIS2009 - changed definitions, blocked access to everything.
After running ComboFix for 3-4 hours it finally started acting a little better. I'll try to attach the log.
Well I got Norton going again, and everything seems to be ok at the moment. But still cannot run Malwarebytes, gives me two Runtime errors - "440" & "0"
Trying to run SuperAntiSpyware and it says something like "Cannot find MSIEXEC"
I could never find any of the actual TDSS files or entries in the registry.
I know there are still issues, looking for "What to do next"...........Anyone help please?
Well it gave me a message saying that it had to be ran in "Administrator Mode" - but it allowed me to create the log anyway. Do I need to log out and log into Admin?
Did you right-click and select unblock and apply on the first run?
I wasn't asking you to log in as administrator I was asking that you right-click on the sysprot.exe and choose "run as administrator" - it's an option when you right-click the file
febfreak wrote: Those options aren't there - I unchecked the "Potect" box and created a new log.
OK. Obviously something isn't going right - probably due to the infection you have. I'm going to pass your details to Quads, our malware expert, for him to progress. He is in a different tme zone so it will be a while until he contacts you. In the meantime please be patient and please do not try further cleaning as this may make things more difficult for Quads to clean.
Does that log not do any good? It did contain more info that the first one.
The log, as it is, does not show any signs of a rootkit but I am concerned that it will not run as it should and so, to be safe, I think Quads should check it out.
Combofix was run more than once, It's good when people don't know how to read logs, they don't realise what they state for someone who can read them
Obviously from your first post, you didn't really know what you were doing but had fun having a go anyway. including not disabling Norton, and "I could never find any of the actual TDSS files or entries in the registry." of course you wouldn't, because that is TDSS.
You decide to have a good go tweaking your system in ways to get past the rogues and use advanced tool(s) without thinking of any problems afterwards, then tweaking the OS alters things also.
So I will not be part of pulling it apart any further So good luck., including all the .exe's
So this is my problem, Obviously I've gotten this takeover, fighting for 2 days - finally got it under control. It took over NIS2009 - changed definitions, blocked access to everything.
After running ComboFix for 3-4 hours it finally started acting a little better. I'll try to attach the log.
Well I got Norton going again, and everything seems to be ok at the moment. But still cannot run Malwarebytes, gives me two Runtime errors - "440" & "0"
Trying to run SuperAntiSpyware and it says something like "Cannot find MSIEXEC"
I could never find any of the actual TDSS files or entries in the registry.
I know there are still issues, looking for "What to do next"...........Anyone help please?