Tashi,
Thank you for your response. I have considered taking it to a local technician, but was hoping it would be possible to fix the issue here. I apologize for the delay in response to the...
Type: Posts; User: SLRHCristy; Keyword(s):
Tashi,
Thank you for your response. I have considered taking it to a local technician, but was hoping it would be possible to fix the issue here. I apologize for the delay in response to the...
Hello,
Shaba was working with me on a complex malware issue that has now wiped my computer. I was attempting to locate a system recovery disk, or my Windows Vista Startup disk. I have now found...
Hi Shaba,
My last message never posted-sorry for the delay.
We have Windows Vista Home Premium, but I cannot find the startup disk. Is there somewhere I can go online to validate our license...
Shaba,
I'm not sure which programs you refer to when you say Windows media...I see Windows programs listed when I click on the start menu and then click on all programs, such as Windows Defender,...
Shaba,
My family keeps using the computer no matter how much I tell them not to, and now I logged in, and EVERYTHING is just gone!! No desktop icons, no programs, no pictures, nothing.
What...
Hi Shaba,
The computer has not shut down again, but still having issues 1 and 2....
Should I try loading ComboFix and Spybot S&D in Safe Mode?
Hi Shaba,
There have been several issues-I am also no longer receiving email notifications when you reply, so apologies for the delayed response.
1. I cannot download Spybot S&D in normal...
Hi Shaba,
Seems to be running okay...still cannot run Spybot or ComboFix in normal mode-probably just need to uninstall and download a fresh version. What do you think? What's next?
Thanks!...
Hi Shaba,
Here is a fresh ComboFix log.
Thanks!
Cristy
ComboFix 11-08-04.02 - Jason 08/04/2011 14:09:26.3.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium ...
Hi Shaba,
I don't know what happened to my last two posts. I seriously feel like someone has access to my file and is deleting my posts or something. I updated the same day you responded to me,...
Just to clarify, the power went out in our town, not just on the computer...
Hi Shaba,
I was able to run ComboFix in safe mode, but the power went out right when ComboFix was preparing the log. Should I just run ComboFix again, or is there a way to retrieve the log?
...
Shaba,
I cannot locate ComboFix on my computer, so I tried installing from the link you posted previously-it begins, but I cannot get it to run. First I get an error saying it cannot be renamed...
Shaba,
I cannot locate ComboFix on my computer, so I tried installing from the link you posted previously-it begins, but I cannot get it to run. First I get an error saying it cannot be renamed...
Hi Shaba,
Had family emergency come up and lost track of getting the computer cleaned-my daughter was using playlist.com and other sites today, and now everything is slow and cannot even access...
Hi Shaba,
I changed the cookie settings, used the internet for a bit, ran Spybot, and no new problems found. Thank you!
Can you provide some information for final cleanup and protection?
Hello Shaba,
Yes, the same viruses still show up once I have shut down and re-started. We have used the internet over the past few days, but these are the same viruses that showed up originally...
Hello,
Here is the combofix log for your review.
Thanks!
ComboFix 11-06-15.04 - Jason 06/16/2011 12:33:46.2.2 - x86
Microsoft® Windows Vista™ Home Premium ...
Hello,
Seems like we are quite infected. Started with fake antivirus notifications (title of window popping up was "Windows Vista 2012 Alert" or something similar), which also suppressed our normal...
forgot to mention-removed Limewire via add/remove programs. I don't use this, and will let my bf know to stick with iTunes and stay away from P2P sites/programs. Thanks for the info!
Here you go-thanks again for all your help!
ComboFix 09-10-30.01 - cristy 11/01/2009 10:16.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2036.1207 [GMT -7:00]...
Here is the GMER Log, and DDR logs are attached. Thanks!
GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-01 09:09:35
Windows 6.0.6001 Service Pack 1
Running: 6f2p34jl.exe; Driver:...
The symptoms:
When I open my web Browser (I use FireFox but this also happens with Internet Explorer), it does not open with the Firefox start-up page-instead it re-directs and opens in random...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:37:05 PM, on 10/24/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal
...
Hi,
Sorry for the delayed response. We had a bit of an emergency here-my daughter threw the ball to my dogs in the house, which hit our turtle tank and flooded my dining room with 40 gallons of...
Is the Updater task with the blue white and green icon normal? (running every time I start the computer?)
Thanks!
Much better, no more pop-ups!
Thanks, Shaba!! I will continue with your previous instructions with regard to getting my system clean and secure.
Thanks so much for all your help!!!!
Hi,
Apologies, I did not know it was all user-specific. I have had to log into the admin account for several processes, but have always posted from my normal user account. Here is the HJT log for...
Hi,
I have run through the steps you listed for getting my system back in order, and I think I have run into some residual issues. I completed the steps for Java and for OTMoveIt2.exe. (have not...
Yes, looking good from here! :D:
Hi,
Here is my new combofix log:
ComboFix 08-02.05.3 - Anastasia 2008-02-10 10:38:56.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.276 [GMT -7:00]
Running from:...
Hi,
I'm not entirely sure how to empty those folders, vs. deleting them...do I just delete everything inside the folders?
As for any other issues, my computer seems to be working as it...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:18:47 PM, on 2/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
Shaba,
I knew you'd have an answer! :D:
Here is the new MWav scan result:
File C:\Program Files\Norton AntiVirus\Quarantine\122C23D7.class infected by "Trojan.Java.ClassLoader.Dummy.a"...
Also,
Here's a new HJT log just in case you need that also. Thanks so much for all your help!!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:13:17 AM, on 2/8/2008
Platform:...
Hi,
Glad to be rid of those folers :)
As for Kaspersky, the "accept" button on the link you provided is not working.
Also, I cannot get IE to let me go to any website besides myspace or...
(At least I think it's morning there...):)
Here is the new comobfix:
ComboFix 08-02.03.1 - Anastasia 2008-02-07 22:44:03.5 - NTFSx86
Microsoft Windows XP Professional ...
Shaba, I am still unable to remove the Grisoft folder-still the same error, but with "avgamint.dll", "avgse.dll". Also, could not find O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program...
Hi,
I'm trying to delete these in safe mode-the first time I tried to log into safe mode, a file (WINDOWS/System32/ntoskrnl.exe) was listed at the top of the screen, and the system would not log...
Good morning! :)
I am not able to delete the folder for C:\Program Files\Grisoft\AVG7. I keep getting an error that states: "cannot delete context.dll: Access is denied. Make sure the disk is not...
ComboFix 08-02.03.1 - Anastasia 2008-02-05 19:16:49.3 - NTFSx86
Running from: C:\Documents and Settings\Anastasia N\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Anastasia...
Here's the new combofix:
ComboFix 08-02.03.1 - Anastasia 2008-02-04 18:29:28.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.214 [GMT -7:00]
Running from: C:\Documents...
And here is the new HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:17:17 PM, on 2/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2...
I believe AVG and Kaspersky are up-to-date as I just downloaded them when reading your "before you post" thread, though I am unable to open any of them to run them-it took hours to get kaspersky to...
Sorry about that, lets try that again. Here's the new log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:26 AM, on 2/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...
Shaba,
Thanks in advance for all your help. Virtumonde is really nasty. Here is my new HJT log.
Thanks!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:00:28 PM, on 2/2/2008...
Hello,
I was on myspace (first mistake I suppose) using Mozilla and IE windows began popping up, and now my computer is infected wiith all sorts of viruses/spyware. I downloaded and ran AVG...