Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kb-ribaki.org/Zodiac Problem


  • This topic is locked This topic is locked
2 replies to this topic

#1 Rusty134

Rusty134

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sweden, Lapland
  • Local time:05:36 AM

Posted 15 January 2017 - 05:47 PM

I seem to have gotten infected by this nasty malware/adware and none of my fixes have managed to remove it.

I have used Farbar+ADWcleaner but both of these have failed to remove it, the popup opens everytime and i need help in removing it for good.

There is also this CMD window that keeps opening and everytime after it does it I get a virus warning.



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,870 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:36 PM

Posted 15 January 2017 - 05:58 PM

Specifically...;which Farbar application have you used?

 

If you used FRST, then I suggest that you initiate a new topic in the Malware Removal Logs Forum and paste the FRST log results into your new topic.

 

Since no such log is present in this topic, I am moving it to the Am I Infected forum.

 

Louis



#3 Rusty134

Rusty134
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sweden, Lapland
  • Local time:05:36 AM

Posted 16 January 2017 - 08:35 AM

Hello and thanks for helping, i'm currently using the latest version of Farbar 2017-01-15

Log is below, it says it found this file HKU\S-1-5-21-3144774058-3468314797-1625910121-1001\...\Run: [Rusty] => explorer.exe hxxp://kb-ribaki.org <===== ATTENTION

But it was not removed.

 

Mod Edit:  Deleted FRST data, not allowed/used in this forum.  You have reposted topic properly in MRL, https://www.bleepingcomputer.com/forums/t/637560/kb-ribakiorgzodiac-problem-found-on-system/ , please pursue that topic..

 

This AII topic is now closed to avoid confusion - Hamluis.


Edited by hamluis, 16 January 2017 - 03:56 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users