[BLC]

Everything seems to be working fine, but I keep finding an infection when I run Ewido.

I ran Ewido -three times. I keep getting the same message. The program says it is cured, but it shows up with every scan. It shows up as Adware.RXToolbar. I am posting the report.

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:20:52 PM, 2/28/2006
+ Report-Checksum: 427F3FE4

+ Scan result:

HKLM\SYSTEM\CurrentControlSet\Enum\USB\Vid_0c76&Pid_0005\27C03740D3208989\\Class -> Adware.RXToolbar : Error during cleaning


::Report End

[Advertisements]

See if this will get rid of it:

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\Vid_0c76&Pid_0005\27C03740D3208989]
"Class"=-

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

[greyknight17]

See if this will get rid of it:

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. Close the Registry Editor now. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\Vid_0c76&Pid_0005\27C03740D3208989]
"Class"=-

Save the file as "delete.reg". Make sure to save it with the quotes. Close Notepad. Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

[BLC]

I did what you suggested. The Malware is still there. Below is the log from the Ewido scan.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:21:46 AM, 3/2/2006
+ Report-Checksum: 4673C370

+ Scan result:

HKLM\SYSTEM\CurrentControlSet\Enum\USB\Vid_0c76&Pid_0005\27C03740D3208989\\Class -> Adware.RXToolbar : Error during cleaning
C:\Documents and Settings\bruce\Cookies\bruce@com[2].txt -> TrackingCookie.Com : Cleaned with backup


::Report

Does this problem pose any potential problems with e-mail or linking up with my computer at work. My station has the controls for our Company Network Server. We have a Microsoft Small Business Server. Our website is hosted on that computer as well as well as our e-mail accounts.

[greyknight17]

Not sure if it will cause any problems with the emails, but since it's detected, let's remove it.

Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. While in the Registry Editor, navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\Vid_0c76&Pid_0005\27C03740D3208989 and delete Class

If any of the above registry keys are giving you problems deleting, right click on them and click on Permissions. Then click on the Advanced button. Make sure the first box (Inherit from parent...) is checked. Click OK and OK. Then try deleting the entry again. Once you're done, close the Registry Editor.

Did that work?

[BLC]

That seems to have done the trick. Everything appears back to normal.

Thank you for all of your help.

With everything out there today, I will probably be posting again with a different problem.

Until then.

[greyknight17]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.