Member Panel

Ok , lets get this nasty ******. The .dat file stayed gone now , thats a good start.


Start Killbox and place a tick next to [x]delete on reboot.
Copy this list into the windows clipboard:

C:\WINDOWS\system32\ecesq.dll
C:\WINDOWS\system32\t3odm.dll
C:\WINDOWS\system32\t5rdv.dll

Back in Killbox go > file > paste from clipboard,
Click the red highlighted X button and say yes to the prompt, then click OK.
Exit Killbox and restart your PC.


Copy the contents of Code box below to a notepad file. Save it to Desktop named Fixreg.reg and in the "save as" type box choose "all files".


Now double click Fixreg.reg and allow it to add/merge with registry when prompted.

And then please post a new Rkfiles and findqoologic log.
Again , Please Do Not reboot youre pc until I reply back.



And just to check to make sure , i keep leaving one file since im 99.9% sure it is a false positive. Can you upload this file to these sites and report back if they find anything?

C:\WINDOWS\system32\dfrg.msc

http://virusscan.jotti.org/

http://www.virustotal.com/flash/index_en.html

Joe please find attached reports Qoologic and Rkfiles.I can not find the dfrg.msc file to upload I can find system 32 but it does not show up as dfrg.msc.
This is what it shows me in respect to anything with dfrg

dfrag
dfrg
dfrgfat
dfrgntfss
dfrgres.dll
dfrgui.dll

log.txt

report.txt

Thats is when you press "browse" on those sites , and navigate to that file?

Can you find it manually on youre pc? And do you use the windows defrag or an separete app? Try this: Paste this in the box next to the "browse" button and press "submit"

C:\WINDOWS\system32\dfrg.msc




Start Killbox and place a tick next to [x]delete on reboot.
Copy this list into the windows clipboard:


C:\WINDOWS\system32\t3odm.dll
C:\WINDOWS\system32\t5rdv.dll


Back in Killbox go > file > paste from clipboard,
(ps ,are you pressing "file"/"paste from clipboard" , or are you pasting it in the "full path of file to delete" box?)


Click the red highlighted X button and say yes to the prompt, then click OK.
Exit Killbox and restart your PC.


Copy the contents of Code box below to a notepad file. Save it to Desktop named Fixreg.reg and in the "save as" type box choose "all files".

Now double click Fixreg.reg and allow it to add/merge with registry when prompted.

And then please post a new Rkfiles and findqoologic log.
Again , Please Do Not reboot youre pc until I reply back.

Joe I ran both the scans as requested and i used the paste method to do the scans....both came back with a report of all ok.That was the sacn for dfrg.msc.

I use windows Defrag only,no other defrag.
When i use killbox I go to file/paste from clipboard/full path to delete.
I have not done the qool or rkfile scan as to yet, will wait to see if i am doing killbox correctly.......Thanks Andy

Thats what i expected but i was trying to find the reason why only one entry at a time was removed , but see below for that , lol.

I think thats why only one file at a time gets removed , after "paste from clipboard" , just press the red X. If you also enter it in the "full path to delete" line , then only the first entry/line gets removed.

But where down to 2 anyway by now , so almost there.:cheesy:

Joe here r the scan results for qool and rkfiles,when i went to files/paste clipboard in Killbox the files went to delete full path?So i clicked on delete all files box on bottom of Killbox,it looked as though i had single files delete selected b 4?
Hope I got it okay......thanks Joe

log.txt

report.txt

Hmm , lol. That button hasn't always been there..:icon_joke They must have added that to the latest version(s). Sorry about that , my mistake.

All the files are now gone , only the reg entrys came back or are still there.

Ive made a reg file this time and attached it to this post , please download it , unpack it , double click on it and allow it to merge with the registry.

Then please post a new Qoologic log.