Search:

Looks like we're clean!

Thanks for your help - much appreciated

Have solved the system restore problem - had to do a restart but the other one remains

I also still have the combofix folder in c:\ Drive as well as the txt file

Something's still not quite right!

Hi Ken

I have another problem - I have just looked for the System Restore in Control Panel/System as per bleepingcomputer.com's instructions but the tab is missing, all the others are there but...

Hi

Have just run the combofix uninstall I didn't get shown any disclaimer just the blue box and then combofix has been uninstalled

Another question - I have just had a popup from AVG saying...

Malwarebytes found nothing but there are still items in the quarantine folder, is it ok to delete these?

There is still a folder for BitTorrent on C:\ Drive - do I just delete this?

Everything...

Malwarebytes has just managed to update - did you want me to run that again

And the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:48:01, on 11/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)...

Combofix didn't install recovery console just went straight to run

Here is the log

ComboFix 09-01-10.03 - Ian Kemp 2009-01-11 13:31:41.1 - NTFSx86
Microsoft Windows XP Home Edition ...

Sorry for the delay I was on my laptop!

Have already got ATF installed - is it ok to use that or do I need to install it again

Sorry for what might seem silly questions but I am a bit of a...

And the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:59:16, on 11/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)...

Hi

Here is the Malwarebytes log

Malwarebytes' Anti-Malware 1.32
Database version: 1616
Windows 5.1.2600 Service Pack 2

11/01/2009 09:43:54
mbam-log-2009-01-11 (09-43-54).txt

Hi

Still no joy with the updates for Malwarebytes in Safe Mode - should I try to uninstall and reinstall the program

Your help is very much appreciated

Hi

I have installed Malwarebytes but am having trouble updating - it wouldn't do it on install so I closed this and am trying to run updates from the program but all I'm getting is 'Looking for...

I have just noticed that he also has Limewire installed - should I remove this as well before following your instructions

I also have a pop up about upgrading to Firefox 3.0.5 - is it ok to do...

Hi thanks for your help - it is very much appreciated.

I have removed BitTorrent from the system and have run a fresh HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:00,...

Hi

My son appears to have picked up a Virtumonde infection that I can't get rid off. Your help would be much appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:25, on...

OK I will delete the entire contents of the temp folder but not the actual folder - have I read that right before I go and do it.

Once again, many thanks for your help.

The Temp folder is there - the only thing that has been deleted is the 'sta1.exe'. - Is that how it should be?

Let's hope you only deleted one folder, the Temp folder was not to be deleted?

Re the above: I hope so too - I didn't read it right ( can I have done much damage?)

The only one who has used...

Have deleted those folders again, this time in safe mode. Restarted and looks like they've gone.

Have always had google as homepage not msn.com. Have deleted those four lines in HJT and changed...

HJT: O4 - HKCU\..\Run: [intra bone] C:\DOCUME~1\Carole\APPLIC~1\AXISDE~1\Modetransidle.exe

For the above line - do I need to re-run HJT, check line and fix checked as before

I did do this...

And the Kaspersky log:

KASPERSKY ONLINE SCANNER REPORT
Sunday, January 13, 2008 12:28:03 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online...

Hi

HJT and Kaspersky logs follow.

Home page was changed to msn.com this morning but I don't appear to have the CiD pop-ups.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:43,...

I can't find the following folder:

C:\DOCUMENTS abd SETTINGS~1\Carole\APPLICATION DATA~1\AXISDE~1\

I have found this though:
C:\Documents and Settings\Carole\Application Data

with a folder...

In HJT I don't see this line:

ADW_POP.A

Is it OK to just delete the other lines

I already have ATF Cleaner installed which I used regularly. Is this version OK or is there a newer version that I should be using?

These may seem silly questions but I don't want to get anything...

Thanks - do I still need to remove the old one before I click install or does this just update what is already there

Sorry, but I am not the wisest of people when it comes to technical stuff. I'm trying to update Java but which files do I want to download:

jre-6u4-windows-x64.exe
jre-6u4-windows-i586-p.exe...

And the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:57, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot...

Hi

Thankyou for helping me sort out this mess (daughter downloaded Messenger Plus!)

Here is the NoLop log:

NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and...

Here is the rest of the Kaspersky report:

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Online...

Hi

I am having problems with annoying pop-ups when using IE. Nothing is showing up on any of the programs that I use but when I ran Kaspersky it flagged up 3 viruses.

Here are the logs...

Hi, it's me again

AVG has just flagged trojan in system volume information\restore A0051314.dll whilst I was running Adaware. Is this the same file as i have just deleted from hijackthis backups...

Hi

Thank you once again

Hi

I have a file in the folder with the same name but without the .dll. Is this the same thing

Hi

Can i delete the whole backups folder or would that not be wise?

Hi

Thanks but not sure how to find the file

Hi

Sorry to be a pain but I have just notice a new trojan has appeared in the virus vault of AVG in C:\Hijackthis\backups\backup-20070512-155238-328.dll trojan horse Generic4.OAR. Is this related...

Hi

Sorry for the delay we have lack of internet due to service provider problems!

Everything seems to be ok, all scans show clear.

haven't managed to do disk defrag yet but I'm sure that'll...

Hi

I've run ATF, no problems

Have deleted vundofix backup folder and files from virus vault.

Everything seems to be clear.

Will run disk defrag in the morning.

I also have 25 files in the virus vault on avg - what do I do with these, leave them there? I'm presuming if i empty the vault these will be reinstated on the system or will they be permanently...

Hi

Had another thought, what about the Vundofix backups folders on c-drive

Hi

I have windows set for automatic updates, is this ok or would you advise doing these manually?

Your advice on disk cleanup and defragment would be most welcome, this hasn't been done since I...

Can i just ask a question

Control Panel - Add/Remove Programs

I have 2 java progams J2SE Runtime Environment 5.0 Update 6 and Java(TM)SE Runtime Environment 6 Update 1, is this as it should be...

Hi Shaba

Just to let you know, looks like we're still clear, have just run Spybot on all accounts - no threats found and have had no further problems.

Have you any advice on anything else i...

Hi

Ok and thank you once again, I will definitely be back should any more problems occur (hopefully they won't!)

Will let you know in a couple of days

Thanks

Hi

Will do and thanks for spending most of your weekend helping me and the others out - it is very much appreciated, even more so when PC World told me to take the computer back to factory state....

Hi

No other problems that i can see at the moment - hopefully all is now clear. The pop-ups and page diversions have definitely stopped and for the moment Smitfraud seems to have disappeared - I...

Sorry, there were two trojans flagged by AVG in files A0048252.dll and A0048267.dll - Trojan horse Lop.BV