Search:

Hi Jeff,

I followed your instructions, and I think that laptop is save to use again :) thank you so much for your help! Great job!
Cheers,

No problem... I had to give back the laptop already, so if anything new comes up I will try to get it back to get it done. Thanks a lot for your time and effort! :)

Hi Jeff,

sorry my internet connection broke down yesterday :(

I pasted the log below. I also had a look into services.msc and I noticed that the security center service does not seem to exist;...

Hi Jeff,

I run the merges and the FSS scan again; however, the Firewall is still not activating when trying to do so from the Control Panel :(

below the FSS log:

Farbar Service Scanner
Ran...

If it's possible to fix the registry keys then let's do it; if it is a major headache then I can install a third party Firewall instead. In any case, the infection seems to be gone, great job! :)

I need to give back that laptop soon, could you tell me how to uninstall comboFix? Thanks :)

FSS log below:

Farbar Service Scanner
Ran by marjan (administrator) on 03-01-2012 at 07:41:03
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal...

Hi Jeff,

I run the file and the text file opened (it was created newly) but it was empty, no report or log of any kind showed up in it.

Additional info on the firewall problem: the registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE does not exist on this machine, while it does on my own computer. Not sure if that...

Hi Jeff,

no, the Firewall seems to be bust. I also tried the instructions from:

http://support.microsoft.com/kb/2530126

which includes running a repair.bat file, but still the same issue....

Happy New Year, too :) I kind of forgot :):)

ESET Log:


C:\Qoobox\Quarantine\H\av4.zip multiple threats
C:\Qoobox\Quarantine\H\Backup\Documents\U1014.exe.vir a variant of Win32/Packed.Themida...

Another thing I noticed: when I want to set the Windows Firewall to its default setting, it comes up with an error message, saying:

"Windows Firewall can't change some of your settings: Error code...

Hi Jeff,

DDS log below, and the attach.txt log is attached as zip. How does it look?



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18...

I uninstalled Adobe Reader, without installing a newer version or an alternative so far. Also I removed the old JRE, but downloading the new one for some reason takes a very long time, so I did not...

Good news, it seems the browser redirections stopped :) that is great. Is there a way to know if there is still any malware hidden somewhere? Great job though, looks as if I do not need to reinstall...

Hi,

below the scan results:


CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.IKNAAP
----- EOF -----

Hi Jeff,

below are the logs pasted as per your request:

ComboFix.txt


ComboFix 11-12-29.05 - marjan 12/30/2011 18:45:47.4.4 - x64
Microsoft Windows 7 Home Premium ...

I did as instructed, attached is the new ComboFix log.

Just for your info, when running ComboFix a prompt came, asking me to install the newest version of ComboFix. I acknowledged and it...

Hi Jeff,

thank you for looking into that. I run both TDSSKiller and ComboFix and attached the logs. I had to zip the TDS Log as it was exceeding the size limit for file uploads.
Something I...

Hi,

one of my relatives gave me her Vaio Laptop to remove a virus; it seems to be a browser hijacker that redirects all browser requests to mediashifting.com. I run some anti-malware tools...