|
|
|
re: Unable to removal antivirus
Thursday, July 6, 2006 at 4:48 pm
Windows XP Annoyances Discussion Forum
Posted by MrCharlie
(4060 messages posted)
You have a couple of nasties on the system:
Go to Start > Control Panel > Add or Remove Programs and remove the following programs,
if found:
Relevant Knowledge
rxtoolbar
rxtoolbar publisher
-----------------------
Download and unzip the KillBox
to a folder - we'll use it later.
--------------------
Close ALL programs down, leaving ONLY HijackThis running - Click Scan
and.....
Place a check against the following items:
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\ProgramFiles\RXToolBar\sfcont.dll
(file missing)
O2 - BHO: (no name) - {abac3d0c-4dd4-4095-b9a8-41278ab34147} - C:\WINDOWS\system32\kbdi32.dll
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - Winlogon Notify: kbdi32 - C:\WINDOWS\SYSTEM32\kbdi32.dll
Click on Fix Checked and exit HijackThis.
Delete this folder if found:
C:\Program Files\RXToolBar
Now open up the KillBox and copy and paste this in and hit delete, if the file exists,
it will appear in blue under the window.
C:\WINDOWS\SYSTEM32\kbdi32.dll
Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr.
Let it scan your system for files to remove. Make sure these 3 are checked and then
press *ok* to remove:
- Temporary Files
- Temporary Internet Files
- Recycle Bin
-----------------
I would also follow up with Ewido to clean out any other malware:
Please download and install the trial version of Ewido Security Suite 4.0 here:
http://www.grisoft.cz/softw/70/filedir/inst/ewido-setup_4.0.0.172a.exe
After it's installed...Check for updates:
Double click on the Ewido icon in the system tray or
on the desktop> this will bring up the main program if it's not already up.
On the Main Page click the Update
Tab and then Start Update
Download and install any updates if available.
Select the Scanner icon at the top of the screen, then
select the Settings tab.
Once in the Settings screen click on Recommended actions
and then select Quarantine.
Under Reports
Select Automatically generate report after every scan
Un-Select Only if threats were found
Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr Let it scan your system for files to remove. Make sure these 3 are checked
and then press *ok* to remove:
- Temporary Files
- Temporary Internet Files
- Recycle Bin
Now click the Scanner Icon on top
Click on Complete System Scan
Be patient - it takes a while to run.
Once the scan is complete do the following:
If you have any infections you will prompted, then select Apply
All Actions
Next select the Reports icon at the top.
Copy and paste the scan report in your next reply.
Close Ewido
Reboot and post the log from Ewido and a fresh HJT log, MrC
|
All messages in this thread [show all]
 | | |  | re: Unable to removal antivirus (MrCharlie: Thu, Jul 6, 2006, 4:48 pm) |
| |
| |
Return to the Windows XP Discussion Forum
|
|
|
|
