Search:

Edit
http://forums.spybot.info/showthread.php?t=62987

Computer stocked on start. tried safe mode and was able to run roguekiller and malwarebyte. after their scan, they delete some stuff but the...

Tashi, we have 4 machine in the house and my lovely wife just can't avoid stuff on the net. It's a new topic and yes I have been around here more than once.
:oops:

once again I am down. a quick resume, the computer did not want to start. in safe mode, I was able to run roguekiller and malwarebyte. they did get some virus, but I think there are still on the...

Thank You Jeff.
I surf with WOT, I try to be safe on the web but I think when you run on XP, there is more and more chances to get something just because somebody whant us, XP users, to move to the...

so here is the malwarebytes log:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6767

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
...

DDS log
.
DDS (Ver_2011-06-01.06) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25
Run by NICOU at 23:52:29 on 2011-06-02
Microsoft Windows XP Home Edition ...

No problem Jeff, I'll follow your instructions!!!!

and welcome in your new world :thanks:

It never happened before. since yesterday, Avast seems to be upset about SPTD.SYS which happened to be a file associated with Alcohol52% (an emulation driver).
the thing is after running several...

If malwarebyte pro does that, I think I'll loot at it.
I am uninstalling the programs as you said.

Thank You ken545 :bigthumb:

If think I am impressed of avast. I had the opportunity this morning to see it in action against 3 corrupted files malware win32.gen something like that.
avast detected them, erased them by doing a...

oh maybe I talked a lil bit too fast.
the machine goes in black screen for no reason. it seems like the computer can't go in standby by himself. I mean if you don't touch the computer for 20...

oups I forgot, so do you think it's wise to uninstall, all the scanners we used to fix the machine, now?

I think I found the problem. On the computer, the memory is only 1Gig (the ram) so it might explain the reason why it goes in black screen. the machine is 5 year old so I'll try to expand it to 2 gig...

after installing spywareblaster and spywareguard, I tried to scan with spybot and piouff black screen nothing else...
Mcafee is still installed. I am trying to force reboot...

the computer is installing bunch of updates from microsoft right now.
I don't see the red microsoft security slert icon so far.
It seems a bit slow but I'll see after the complete installation of...

SystemLook Log

SystemLook 04.09.10 by jpshortstuff
Log created at 16:40 on 12/05/2011 by Owner
Administrator - Elevation successful

========== filefind ==========

Searching for...

Ken545, out of the sudden, the computer download some updates from Microsoft!!! it did not happened for a long while because of the red microsoft security alert icon in the sytem tray. but today,...

after the scan, the windows security alerts red icon came back in the system tray. I put a picture of the red icon in attachment.
here is the log of combofix

ComboFix 11-05-11.02 - Owner...

After two scan, I can confirm you that ESET does not give me any possibility to create a log. Both scans came clean, meaning no threat found but I could not create a log. i ran the scan first and no...

So far, there is no more windows security red icon in the system tray.
I am monitoring the machine, if there is a change I'll let you know.
But the machine is still slow.
next post, the ESET scan

I noticed that after the fix, a file Thumbs.db is now on the desktop. Is it ok?
new scan after the fix

OTL logfile created on: 5/11/2011 4:48:57 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 ...

Run Fix log

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry key...

Extras.txt

OTL Extras logfile created on: 5/11/2011 5:00:04 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition...

OTL.txt log

OTL logfile created on: 5/11/2011 5:00:04 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service...

I finaly succed in updating malwarebyt after disabling the antivirus (McAfee)
here is the log after the update

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version:...

Here is a log of malware byte in march (when I suspected the computer to be infected) the bad files are still in the quarantine of malware byte

Malwarebytes' Anti-Malware 1.50.1.1100...

malwarebyte log (remember, I can't update...)
and in attachment a picture discribing the red shield (windows security alert) in the sytem tray

Malwarebytes' Anti-Malware 1.50.1.1100...

malwarebyte is already on the computer. I tried to update but I have an error message: PROGRAM_ERROR_UPDATING (12029,0,WinHttpSendRequest)
I am performing a quick scan, even if I can't update...

Ken545, please can you look at this thread
http://forums.spybot.info/showthread.php?t=62601

it is another computer and a new thread.

Thank You

after a fixed infection of xp security, the windows security alert red shiel is always in the system tray even if automatic updates is on an the firewall is on. th computer is slow and if you don't...

KEN545 YOU'RE GOOD!!!!!

I follow your instruction and the scan came CLEAN!!!!!!!!!!

well I think the machine is back on track. I'll put some protection to surf safer and THANK YOU VERY MUCH...

So the emulation driver is enable, thank you.
i ran spybot and again, click.giftload. I am so afraid I took no action.
I am still sick? I mean the computer, beside that, no redirect so far and no...

ok you answered all the questions except that one:

"I remembered that I used defogger to disable some thing, but I don't remember what. do I have to reinstall defogger in order to unable whatever...

One more thing can you please have a look at this scan from RogueKiller
before I use to have a host file (some 125....) now this is Yp1. is it bad?

RogueKiller V4.3.7 by Tigzy
contact at...

I did exactly what you told me to do.
Technically, the virus is gone. I'll monitor the behavior of the computer the next hours to be sure.

OTL did not remove everything. for example, aswmbr.exe,...

about the keyboard icon, this the language icon of windows which usually stays next to the system tray.
if i reload the recovery DVD, I'll have to reinstall the whole system I think..

log of eset scan

C:\System Volume Information\_restore{D5341F9C-33F7-43CF-8BD2-1AE937C9BA1B}\RP2\A0002492.exe probably a variant of Win32/Agent.EDQCSRE trojan

New OTL log after reboot and fix

OTL logfile created on: 2011-05-08 16:56:16 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\NICOU\Desktop
Windows XP Home...

here is the OTL log after the runfix with the code

All processes killed
========== PROCESSES ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E...

I just checked IE add-ons, I don't see bigseekpro there too.
I just realized that I have a program named "any video to DVD"
I think I never installed that program. it's really suspicious because I...

Bigssekpro is not installed in firefox add-ons.
I don't see it in the firefox add-ons.
I am a bit confuse

Ken545 I have a question:

I disable IE as my main internet browser. the problem is I can't find it anymore to go delete the add-on...
How and where can I find the ie icon to start internet...

I think the keyboard icon went away after one of the fixes...

I am doing the back up of the registry and the scan
the log are coming next

after checking in google, That bigseekpro thing get installed after installation of the add-on IMTOO in firefox. the thing is I did not install any of them...
so I am being used!!!! big time...

I have no idea what is BigseekPro!!!!!
I don't even know that thing was on the computer.
I want to get rid of it just like the whole virus. Please i want my perfectly working computer back!!!!
I...

I just notice that I don't have the small keyboard icon next to the system tray. the space is there but it is empty...
OTL log

OTL logfile created on: 2011-05-07 21:55:38 - Run 2
OTL by OldTimer...

part5
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4...

part4
+ 2011-05-07 18:15 . 2010-12-20 23:59 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-05-07 18:15 . 2010-12-20 23:59 5961216 ...

part3
- 2004-08-04 08:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 08:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
+...

part2
.
((((((((((((((((((((((((((((( SnapShot@2011-04-29_23.54.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-30 00:10 . 2008-07-30 00:10 26112 ...