first post, so I hope I'm doing this correctly. I've read the rules, but as for posting a new topic about sometihng that has been covered... hope that's ok.
Things seemed odd...
antivirus was off (clam) so I started it, and scanned. It took 2 seconds and said there were no issues on my computer.
That seemed like a bit of an issue in and of itself, actually.
downloaded Panda Cloud (free) and scanned.
Panda Cloud full scan:
-detected Sinowal (sdra64.exe and lowsec/ both in system32 folder) and about 100 other things.
-deleted or neutralized all but the sinowal stuff.
Looked for info online, found a discussion, followed those steps because they were so similar to my spec's.
Those steps included Combofix, a link given from the forum. It seemed to work.
Restarted today, antivirus (Panda Cloud) was off again, and firewall was off.
Panda had found sinowal again, but again failed to neutralize it.
In a perhaps foolhardy move I ran the latest version of Combofix, downloaded from author's site. Seems to have worked again.
I have attached the log file.
It says "also deleted: ... lowsec... etc." as you will see, but I realized that I don't really know what this stuff means and had better ask for some guidance.
ComboFix.txt 25.68KB 7 downloads
I have also run "hijackthis" downloaded from Trend Micro, and have attached my log file.
You may notice a flash app which downloads stuff. It's not labeled well, but it's the HMV Digital Music download manager.
hijackthis.log 9.95KB 10 downloads
So far, it seems like it's fixed. Again. But I don't want to restart my computer because I am sure that my antivirus and firewall will be disabled again.
I sure would appreciate a little guidance in this, if someone has a little time.
I won't do any other stupid things. I'll wait for advice and follow it.
Edit: Moved topic from XP to the more appropriate forum. ~ Animal
Edit: Thank you for that, Animal. Sheesh, I'm off to a great start, aren't I? Sorry about that. This is in fact where I meant to post it, but intention is meaningless unless followed up with action. I'll be more careful in the future.
Posted as an edit so it doesn't bump my topic.~Gbrl
Edited by zerotonin, 15 July 2010 - 03:39 PM.