Quote:
Originally Posted by Ried
Have you installed the Recovery Console yet? You really should have done that before running the tools.  |
Unfortunately, I realized that much later.
I installed the Recovery Console later and ran ComboFix once more. This time it deleted an additional file. I am copying the first few lines of the log below:
ComboFix 08-11-02.02 - User 2008-11-03 0:40:37.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1253.1.1032.18.1535 [GMT 2:00]
Running from: C:\Documents and Settings\User\Επιφάνεια εργασίας\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\mdhash.dll' C:\WINDOWS\system32\mdhsh.sys
.
---- Previous Run -------
.
C:\WINDOWS\system32\mdhash.dll' C:\WINDOWS\system32\mdhsh.sys
.
((((((((((((((((((((((((( Files Created from 2008-10-02 to 2008-11-02 )))))))))))))))))))))))))))))))
.
Quote:
Originally Posted by Ried
***************************************************
Close any open browsers.
--------------------------------------------------------------------
Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries:
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
Click 'Fix Checked' and close HijackThis.
--------------------------------------------------------------------
Open notepad and copy/paste the entire text in the quote box below: (don't forget to copy and paste REGEDIT4)
Save the file as "delete.reg". Make sure to save it with the quotes. Choose to "Save type as - All Files"
It should look like this: 
Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.
-------------------------------------------------------------------- |
Both done successfully!
Quote:
Originally Posted by Ried
What are your I: and D: drives?
|
I: is a removable drive and D: is the second partition of the laptop's drive (vaio comes from the factory with c: and d: partitions).
Quote:
Originally Posted by Ried
Do you know what this scheduled task is for? Is it something you created?
2008-10-31 C:\WINDOWS\Tasks\Temp.job
- C:\WINDOWS\Temp [2008-11-01 04:35]
|
[/quote]
Not sure. I noticed though that I can't create a new task (access denied). I may have created this file in the past to do a test but I can't remember. Is it ok that I deleted it now?