Thanks Ken545 for your help.
Off to get the Christmas meal.
I will perform the latest instructions when I get back.
I will be making a donation.
Thank you again and Merry Christmas.
...
Type: Posts; User: FlaCajun; Keyword(s):
Thanks Ken545 for your help.
Off to get the Christmas meal.
I will perform the latest instructions when I get back.
I will be making a donation.
Thank you again and Merry Christmas.
...
Running very well.
The computer seems to be back to its pre-virus status.
Boot-up times as well.
aswMBR log
aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-23 15:30:27
-----------------------------
15:30:27.718 OS Version: Windows 5.1.2600 Service Pack 2...
Malwarebytes was already installed on the desktop computer.
Updated files and ran program.
after about 30,000 files the program encountered an error and stopped.
The 'Send error message to...
ComboFix needed to be downloaded again for a full scan to be done.
Re-boot was not automatic.
Re-boot was much faster than previous reboots and fastest since infection.
Internet connectivity is...
I have the Windows XP disk.
I presume it is the one for this computer.
I had XP on another older computer.
Here is the SystemLook log.
SystemLook 30.07.11 by jpshortstuff
Log created at...
I believe I have the Windows CD, but I would have to locate it.
Below is the FSS log.
Farbar Service Scanner
Ran by Raymond Green (administrator) on 21-12-2011 at 15:21:22
Microsoft Windows...
Below is the TDSSKiller log.
Nothing malicious found.
Re-booted, no internet connectivity.
FixReg.reg hasn't been run.
Do you want FixReg.reg run or go on to the latest directive?
If you want...
OTL log with script run.
No Internet connnectivity regardless of re-cycling network system.
Will run the next programs.
All processes killed
========== PROCESSES ==========
========== OTL...
Extras.txt log below.
OTL log run with script to follow in next post.
OTL Extras logfile created on: 12/20/2011 8:00:19 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents...
The computer is substantially slow to re-boot.
Icons take substantial time to initialize and become visually recognizeable.
OTL.txt log below.
Extras.txt log in next post.
OTL logfile created...
I haven't run OLT.
It looks like I am to use TDSSKiller instead of OLT.
Is this correct?
Thanks,
FlaCajun
Both Winsockfix and WinsockxpFix were run, still no internet connectivity.
ComboFix was run only once.
Hard boot successful.
ComboFix ran on Startup.
No internet connectivity.
Rkill ran on the 1st execution. It seemed to work.
Ran Rkill again to be sure.
Both txt files indicated that Rkill had done its job.
Ran ComboFix and went into reboot mode (no log).
An hour...
Disabled McAfee antivirus
Don't know if Tea-timer is disabled, unable to run Spybot.
Connected desktop computer back to the internet, connection successful.
Transfered 'Combofix' via thumb...
Windows XP Professional v2002 SP2
IE Explorer 8
McAfee
Malwarebytes
Unable to run Malwarebytes
Unable to the Internet with IE Explorer 8
Unable to run SpyBot nor turn off tea timer.
Unable...
The computer is unable to boot-up.
It is also unable to boot-up in safe mode.
(note: a few weeks ago another computer had a similar problem but it would update in Safe-mode so it was able to be...
I should have it.
If I find it, I will post a new thread.
Thanks for your help.
Fla Cajun
Yes, that was tried as well as safe mode, without success.
Thanks for the update.
The problem began when I clicked on link about the Wikilinks story.
The primary computer hard drive went nuts (swap file on steriods).
When it lasted for about a minute, I...
ESET has been run.
No threats found.
Boot up was fine.
Any sign of Whitesmoke is gone.
Forgot this, the ComboFix log was posted directly from the infected computer.
First time this could be done during this problem.
Computer booted up fine.
Internet connection appears to be fine as well.
Whitesmoke icons are on the desktop and remains in the startup menu.
However, the executable and directory the icons...
TDSSKiller found 1 problem and it was corrected.
The computer hasn't been rebooted yet to clean up everything.
I will await for you call on that one.
Also, the desktop is stil unable to connect...
The Malwarebyte fixes were run on 800+ problems.
White Smoke icons are still on the desktop.
That could be because I didn't reboot the computer as Malware asked.
I am concerned about whether the...
DDS Log and Attach.txt
DDS (Ver_10-12-12.02) - NTFSx86
Run by Raymond Green at 23:47:15.04 on Sat 12/18/2010
Internet Explorer: 7.0.5730.11
============== Running Processes...
Here is the Malwarebytes log.
DDS log to follow.
It was too long so I zipped the file.
I uploaded the file using the paper clip attachment.
It has been scanned for viruses.
Don't know if it...
I am going to work on the secondary computer first, unless otherwise instructed. It has booted up in regular mode, but cannot connect to the internet.
The primary computer doesn't boot up even in...
I am not sure about doing anything, because I don't know if my computer will be able to boot back up.
The Problem(s)
About 10 days ago my primary desktop (up to date McAfee, Malwarebytes &...
Traveling today.
Will post later today or tomorrow.
Thanks
It has been running better as the cleaning process has progressed.
However, the computer just started hanging up every now and then.
Checked the Task Manager and the performance was spiking due to...
2 VT Community user(s) with a total of 2 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:...
Sorry about forgetting to post ComboFix log.
Thanks for the info about de-fragging.
Regarding McAfee, it was free from Comcast, till they switched to Norton.
For my desktop, I paid for McAfee when...
Sorry for the delay.
The computer is not only running slow,
but shuts down when it gets overheated from running processes sometimes.
Thanks for your help.
ESET log...
Unable to open web page about zipping 'Attach.txt'.
Computer has 'hung up' twice visiting the web page.
DDS (Ver_10-11-10.01) - FAT32x86
Run by Admin at 2:24:23.79 on Thu 12/02/2010...
DDS was run.
A DOS window screen appeared momentarily, then closed.
No logs.
DDS was run again, but same result.
ComboFix 10-11-30.09 - Admin 12/01/2010 20:19:25.1.1 - FAT32x86
Microsoft...
We are unable to turn off the anti-virus application.
The computer is infected with "Windows PC Defender" spyware.
What is the best way to get rid of this spyware?
Thanks
Here are the logs. Also the computer is running very slow.
DDS (Ver_10-11-10.01) - FAT32x86
Run by Admin at 14:23:52.20 on Fri 11/26/2010
Internet Explorer: 7.0.5730.11
Microsoft Windows XP...
A seperate window has opened titled, "Microsoft Security Essentials Alert".
None of the buttons have been clicked.
I have read the 'Forum' instructions.
The virus is on the kid's laptop which...
A seperate window has opened titled, "Microsoft Security Essentials Alert".
None of the buttons have been clicked.
I have read the 'Forum' instructions.
The virus is on the kid's laptop which...
OTM was successfully run to cleanup.
Regarding your suggestions,
McAfee has a firewall and it is installed.
I will install the recommended files.
All though getting throught this has been a...
Here are the results.
What happens with the c:\_OTM directory and files.
Is that to be deleted?
All processes killed
========== PROCESSES ==========
No active process named explorer.exe...
The items have been successfully removed.
Questions,
How did the computer get this virus with McAfee and Spybot?
The web sites I visit have never been a problem in the past.
Wednesday...
The scan is complete. Mostly cookies found.
However, there were 2 files, Virtumonde.sdn & Win32TDSS.rtk.
Looks like one of them is one of the tools used during the cleanup.
These are all going...
Spybot has been successfully installed.
It is now starting a system scan after immunization.
The restore point has been made and the others have been cleaned up.
Regarding the Vundo registries, McAfee has quarentined everything.
Also, the spybot directory with SpybotSD.exe in it is gone....
No I didn't do the deletion nor the clearing of the system restore points.
When the computer 'bizarrely' got hung up, I wasn't sure what to do.
Do you want me to take care of the restore points...
Here is the scan log from McAfee.
If there are any typo errors, it is because I had to type it from the logs.
Unable to copy and paste.
Also, after the scan was run, I attempted to delete Spybot...