Hello Raeral,
Please copy this page to
Notepad since you will not have any browsers open while you are carrying out these instructions.
Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.
Download Ewido Security Suite- Install Ewido Security Suite
- When installing, under "Additional Options" uncheck..
- Install background guard
- Install scan via context menu
- Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
- On the left hand side of the main screen click update.
- Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to
manually update Ewido
When you have finished updating,
EXIT Ewido.
Download CleanUp! (
Alternate Link if main link doesn't work) and install it.
Do not run it yet.
*******************************
Please
disable your Windows Defender Real-time Protection, as it may hinder the removal of some entries.
- Open Windows Defender.
- Click on Tools, General Settings.
- Scroll down and uncheck Turn on real-time protection (recommended).
- After you uncheck this, click on the Save button and close Windows Defender.
*******************************
Click Start->Run - type
SERVICES.MSC & then click on the OK button
*Locate the service -
Ndlmsb0cfs
*Double-click on it to open the Properties dialog.
*Under the General tab:
<--Take note and write down the *Service name given as we will need it shortly.
*Stop the service by using the
Stop button.
*Change the Startup type to
Disabled & then click on the OK button
Next, start HiJackThis & go to Config>Misc.Tools...>
Delete an NT service...
*In the popup box that appears, type in the
*Service Name you found in the General Tab for
Ndlmsb0cfs. Click OK to allow reboot.
---------------------------
Next, please reboot your computer in
Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.
Go to
My Computer->
Tools->
Folder Options->
View tab:
* Under the Hidden files and folders heading:
*
select Show hidden files and folders.
*
Uncheck Hide protected operating system files (recommended) option.
*Also, make sure there is no checkmark beside
Hide file extensions for known file types.
* Click OK.
---------------------------
Run a scan in HijackThis. 'Check' each of the following if they still exist (make sure not to miss any):
O1 - Hosts: localhost 127.0.0.1
O4 - HKLM\..\Run: [dmakl.exe] C:\WINDOWS\system32\dmakl.exe
O23 - Service: Ndlmsb0cfs - Unknown owner - C:\WINDOWS\system32\FileOps.exe
Click
'Fix Checked' and close HijackThis.
---------------------------
Delete the following
Files if they still exist.
C:\WINDOWS\system32\
dmakl.exe
C:\WINDOWS\system32\
FileOps.exe
---------------------------
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "
Options..."
*Move the arrow down to "
Standard CleanUp!"
*
Uncheck the following:
-
Delete Newsgroup cache
-
Delete Newsgroup Subscriptions
-
Scan local drives for temporary files
Click
OK
Press the CleanUp! button to start the program.
Do NOT reboot/logoff when prompted.
Note:
CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! If you have a 64 bit Operating System do NOT run Cleanup and let me know as we will use another utility
---------------------------
Run Ewido with it's updated definitions:(...it's important that all windows must be closed)
- Click Scanner
- Click Complete System Scan to begin scanning.
- Click OK when prompted to clean files
With the first file it prompts to clean, select the option:
- "Perform action on all infections"
- Choose clean and click OK.
Once finished, click the
Save report button & save the report to your desktop
** Ewido scan would require at least an hour. Ewido is compatible with most AV and anti-spyware products, and the free version will continue to be useful as a second anti-malware scanner.
---------------------------
Reboot into Normal Mode.
---------------------------
Perform an online scan using Internet Explorer with
Panda ActiveScan
**
click on "Free use ActiveScan" located on the top right hand corner - Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
- Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting
My Computer- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and wants you to buy the program for removal as we will address this later.
- Click on see report. Then click Save report
In your next reply, I will need the following:
Ewido results
Panda results
New HijackThis log taken from Normal Mode
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."