Can't Get Rid Of Core.cache.dsk
I'm willing to learn! SANTOS7 22:16 17 Jan 08 If you are still getting the popups and your scans show nothing i can only suggest the infection is sat in your system volume info files If I give it one more shot, should I remove counterspy, spybot S&d and AVG and then run the smitfraudfix? TueSkool View Member Profile 29.04.2008 19:01 Post #5 Newbie Group: Members Posts: 6 Joined: 22.04.2008 Ok, I used Counterspy and it seemed to have done the trick, so I waited a
SANTOS7 19:35 18 Jan 08 Good info Burpie, you up on this sort of stuff..the HJT forum was me next stepclick here Pages 1 2 3 >> Next… This thread is Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a The computer seems OK, but I would really appreciate if you could take a look and let me know if there is anything I can do to finish cleaning up.Thanks again.Logfile Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy): C:\Program Files\Dot1XCfg Return to OTMoveIt, right http://www.bleepingcomputer.com/forums/t/132567/need-help-cleaning-up-corecachedsk-infection/
iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 Close OTMoveItIf a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. Search didn't bring up either core.sys or core.cache dsk, thanks for the advice tho.The regedit never found a core folder either. I appreciate all the help thus far.
no quotes.Exit Recovery Console and reboot.The pop-ups should be gone.As I say, this method will leave a fair few dlls lurking around, but they should be just dross.More runs with anti-spyware Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? Several functions may not work. Copy everything on the Results window to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it on your
Is it failsafe or still inherently risky? Should you have a new issue, please start a New Topic. Ken Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014 Please consider a donation to help me keep up my fight against malware. https://forums.techguy.org/threads/cant-remove-core-cache-dsk-rootkit-agent-virus.673773/ A case like this could easily cost hundreds of thousands of dollars.
DavidM4 19:11 18 Jan 08 Good program, let me unlock it and delete it but it came back after reboot.I deleted it again and went online whilst deleted and I'm still Loading... If you're not already familiar with forums, watch our Welcome Guide to get started. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.
TueSkool View Member Profile 2.05.2008 22:06 Post #9 Newbie Group: Members Posts: 6 Joined: 22.04.2008 It doesn't seem to, I'll try it one last time. failed to delete
((((((((((((((((((((((((( Files Created from 2007-12-13 to 2008-01-13 )))))))))))))))))))))))))))))))
2008-01-13 13:31 . 2008-01-13 13:31
2008-01-13 13:30 . 2008-01-13 13:30932---------C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-13 12:23 . 2000-08-31 08:0051,200--a------C:\WINDOWS\NirCmd.exe
2008-01-12 If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box. Once the program has loaded, select "Perform Quick Scan", then click Scan.
Is t Jump to content Existing user? Jeffry83, Jan 19, 2008 #1 This thread has been Locked and is not open to further replies. viruses and worms > viruses and worms Win32.tratBHO infection that I can't get rid of! << < (2/3) > >> walkingparadox: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Open Kaspersky>Settings>ThreatsAndExclusions...
scan completed successfully hidden files: 0 **************************************************************************.------------------------ Other Running Processes ------------------------.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\System32\wltrysvc.exeC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\McAfee\MSK\MskSrver.exeC:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exeC:\PROGRA~1\McAfee.com\Agent\mcagent.exeC:\Program Files\SiteAdvisor\6253\SAService.exeC:\Program Files\Apoint\HidFind.exeC:\Program Files\Apoint\Apntex.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\McAfee\MSC\mcuimgr.exe.**************************************************************************.Completion time: 2008-02-10 23:13:02 - machine So thread closed. -------------------- Errare humanum est « Next Oldest · Virus-related issues · Next Newest » Forum Home Search Help English User Forum |-- Protection for Home Users I have used many scanners but Spyware doctor seems the only one that can detect it but it just simply can't remove the file core.cache.dks that is associated with it...
It will spread to all computers on your network, make or at least try to make the computer(s) have a "blue screen of death", and it gives you fake log-in screens
Please Wait... SANTOS7 20:29 17 Jan 08 How to Remove Core.sysFollow the instructions below to remove core.sys and core.cache.dsk and rid your computer of the "Powered by Zedo" and other ads.1) Boot into Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Forums Quick Links Search Forums Recent Posts Members Members Quick Links Click "Format" and be certain that Word Wrap is not enabled.Copy and paste all the text in the quote box below into Notepad.
The biggest problem I'm having is with a smithfraud.c.core which AVG (free version) and Spybot S&D both recognize and "fix" but always keeps coming back. Error code: 2S136/C Contact Us Existing user? As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Just a reminder that threads will be closed if no response in 3 days Back to top #7 ken545 ken545 Malware Response Team Malware Response Team 1,685 posts OFFLINE Gender:Male
Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014 Please consider a donation to help me keep up my fight against malware. Copy and Paste the entire report in your next reply along with a Hijackthis log.Drag Combofix to the trash as its updated on a regular basis and download and run a Book your tickets now and visit Synology.