Jump to content

RonB

Members
  • Content Count

    8
  • Joined

  • Last visited

About RonB

  • Rank
    Newbie
  1. Hi again Berny ++++ (you get an extra + in my posts), The Host file was corrected in regular mode...seems to have worked. Will set the file as READ ONLY...that is another good tip! I was thinking of getting NOD but will look at KAV too. Since cleaning out the system I have been using Sandboxie to run Firefox and deleting it's contents after each session. They claim it keeps everything separated from the system and you can decide what is "recovered" and allowed in, like downloads etc. Operates like one giant electronic condom... Have you tried it? I am also wondering if a proxie would help prevent virus or hyjacker problems...I know nothing about them or how to set one up but am going to look into it. Cheers, Ron
  2. Berny +++ Thank you my friend...the host file was the trick. In the week I have been hassling with this I must have read at least 50 paragraphs on uncounted forums and tech columns and you are the only person to suggest this, and you did it personally. I am in your debt and will go tomorrow to the Capitol Building Park and feed the pigeons and squirrells with a big bag of cracked corn in your name... Thanks much...I appreciate your help and will pass it on when my turn comes. Cheers, Ron
  3. Well, I turned off System REstore, booted in Safe Mode, ran full scans of MBAM, SAS and AVG. Restarted in Safe Mode again and ran all a second time. Rebooted regularly ran scans again. Turned on System Restore and restarted. All was running normal...Firefox was back and could access sites again...for about 5min. Then it started all over with a vengence...the internet is useless for me now. I almost quit trying to get here...took at least 10 tries. I was bounced all over the place when I clicked an option. From the Index page to here I went to a lawyer's site in Georgia to somewhere in Poland to an autoparts store in what looked like an Asian country and about 6 other places...it's nuts. Is ther a way to get rid of this dammed thing?...this is the 5th try to post this...RonB
  4. Thanks for your suggestions guys...Much appreciated. Cheers, RonB
  5. I have some very persistent and bothersome bug or trojan in my system. It was the reason I got SAS Pro but it has not taken care of it. Not too sure but I think it's being called "Google_Redirect". Whatever it is it's made a mess of Firefox and using the internet. Took 6 trys to get here... I had initially posted about a persistant adware that SAS see's but does not remove...must have been this thing but now it has gotten worse. Has anyone dealt with this and successfully resolved it? Neither SAS nor Malwarebytes is doing anything. Any and all suggestions are very much appreciated. Thanks much, RonB
  6. Thanks, I started a ticket...
  7. Here you go. Two scan logs, one from today as a full scan and one from yesterday as a quick scan. They both came up with the same thing. I could probably scan again right now and have the same result. I am wondering if this adware has parts embedded somewhere that SAS does not look and is using System Restore to reset itself after each scan. I am trying to figure out how to turn off System Restore and then scan but the functions are grayed out on it's tab even though I have Admin access. The never ending fun of computers... SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/07/2009 at 11:28 AM Application Version : 4.26.1002 Core Rules Database Version : 3881 Trace Rules Database Version: 1829 Scan type : Complete Scan Total Scan Time : 00:44:26 Memory items scanned : 434 Memory threats detected : 0 Registry items scanned : 5342 Registry threats detected : 5 File items scanned : 19551 File threats detected : 1 Adware.Vundo Variant HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4} HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32 HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\VEBIMAYO.DLL HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4} SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/06/2009 at 08:55 PM Application Version : 4.26.1002 Core Rules Database Version : 3875 Trace Rules Database Version: 1823 Scan type : Custom Scan Total Scan Time : 00:06:16 Memory items scanned : 0 Memory threats detected : 0 Registry items scanned : 5357 Registry threats detected : 5 File items scanned : 0 File threats detected : 1 Adware.Vundo Variant HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4} HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32 HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\VEBIMAYO.DLL HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}
  8. Hi, I am running the free copy and was thinking about upgrading to the pay version BUT. When I run a scan SAS comes up with an adware with 5 instances in two places. It's named Vondu or Varient. Clean it out and restart...Scan again and the same adware comes up in the same places!!?? Whats going on? Is this a false positive from something in my system or should I be concerned? Thanks much for any ideas, comments or suggestions...all MUCH appreciated! Cheers, RonB
×
×
  • Create New...