Comments
-
Hello Spaceman Spiff, Did you received an error message when you used killbox? It could be that needed to press also on all files. Can you please check the locations again to see if it's gone? The only thing I see is that you are still using an old version of Adobe Acrobat Reader. Please first remove the previous version…
-
Hello Spaceman Spiff Please paste this into notepad: C:\WINDOWS\SoftwareDistribution\Download\0a67b6c406b1d7e0f5c1e6f6d44a3f6e\BIT8.tmp C:\WINDOWS\SoftwareDistribution\Download\26924cbc8132a10b438ce6e2b49d4652\BIT6.tmp C:\WINDOWS\SoftwareDistribution\Download\2769b111678c52099a3b3123b12f2325\BITA.tmp…
-
You can activate System Restore now. Thanks will do. Spiff
-
Hello Spaceman Spiff, Are there still being any issues? To be 100 % sure can you please run sdfix,combofix and hijack this again. Just for a final check-up. Perform also a deep scan with BitDefender. Best regards, Niels Hi Neils, I ran a deep scan nothing found. Here are the logs: Thanks Hijack this: Logfile of Trend Micro…
-
Hello Spaceman Spiff, Sorry for the confusing but I don't have an English windows version. Yes that was the option that wanted you to check. I just wanted to be sure about these files. Because I couldn't find anything about it. To be sure that there aren't any hidden objects anymore please download blacklight from here.…
-
Hello Spaceman Spiff, You can move them to a different folder or you can temporary rename them. To be sure that the infection isn't stored in system restore please do the following. Right click on my computer choose properties,system restore,check the option disable system restore on all stations press on apply and ok.…
-
Not here, on http://www.virustotal.com/ !!! Leave here the test link !!! Hi here are the links: http://www.virustotal.com/analisis/3f3d657...4bcc8d51405c994 http://www.virustotal.com/analisis/e48bece...bf62c24279bab1b Thanks Hello Spaceman Spiff, Both drivers that are located in C:/I386 are very suspecious because normally…
-
Upload these files on http://www.virustotal.com/ and leave here the test link ! I can't find any record about the last one ! How do I upload the file? When I try to attach it here I get an error. Spiff
-
Hello Spaceman Spiff, That is good to hear that your scan came clear. Can you please post a new SDFix report? Just to be sure. Superantispyware free or Malwarebytes Anti-Malware will be enough as back-up. Change this setting also open BitDefender by right clicking on the red BitDefender icon near the system tray press on…
-
Hello Spaceman Spiff, When you copy and paste what I said was the section input ****** here empty? It should be empty. So delete any other line. And must only contain: Files to delete: C:WINDOWSTempbca4e2da.$$$ C:WINDOWSTempfa56d7ec.$$$ If it still fails please download killbox. Double click on it to run. Open wordpad…
-
Hello Spaceman Spiff, Please retry but type this in notepad. Files to delete: C:\WINDOWS\Temp\bca4e2da.$$$ C:\WINDOWS\Temp\fa56d7ec.$$$ Be sure that word wrap is not checked. Restart avenger but now click on Press on the exucte button. Recovery console can be very handy if you even can't get into safe mode. If I understand…
-
Hello Spaceman Spiff, Can you please download sdfix from here. Double click on it allow it to install in C:SDFIX Now reboot your pc into safe by pressing several times on the F8 button before the windows splash screen select safe mode press enter. Log in with your account. Now go to C:SDFIX and double click on RunThis.bat…
-
Run these tools http://www.gmer.net/gmer.zip && http://www.freedrweb.com/cureit Here is the log from gmer: GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2008-06-08 09:40:17 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT ??C:WINDOWSsystem32windrvNT.sys ZwCreateFile [0xBA40C36A] SSDT…
-
Hello Spaceman Spiff, Can you please download sdfix from here. Double click on it allow it to install in C:\SDFIX Now reboot your pc into safe by pressing several times on the F8 button before the windows splash screen select safe mode press enter. Log in with your account. Now go to C:\SDFIX and double click on…
-
Hi crysty2k5, do you have any other ideas before I do the reinstall? Thanks for all of your help Spiff Hi, I ran a deep scan last night and this link shows the screenshot; http://imagehost.rophotoshop.com/pics/0f0b...9688f44436b.JPG Items 1. Generic Keylogger, 3. Trojan Spy perlfloger ab and 4. Trojan Spy Perfloger AG I…
-
Windows reinstall is the last option ! Hi crysty2k5, do you have any other ideas before I do the reinstall? Thanks for all of your help Spiff
-
I am getting concerned about this. I am thinking I may do a reinstall of XP. Should I do a format too? Can I save my bookmarks for IE or is there a chance that may carry my virus? Spiff
-
Valid files. Check if MS Office is still working ! Office stopped working, I had to a quick reinstall. Spiff
-
delete all of em I have done everything mentioned on this thread and I am still getting the popup. Seems like I can't win Spiff
-
Change IE homepage to blank ! Tools->Internet Options->General After that, Tools->Internet Options->Security->Trusted sites and remove all the sites ! Go to: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ and post here another screenshot with the folder content ! Hi, crysty2k5 here is the link:…
-
Combofix deleted some things ! You can use http://imagehost.rophotoshop.com/ to upload the image and leave here the 3rd link ! Thank you crysty2k5 http://imagehost.rophotoshop.com/pics/2121...d4a214cfb6e.JPG Spiff
-
Press Print Screen key on your keyboard ! Open Paint and click Edit->Paste Save the image with the pop-up and attach it here ! I have the scrrenshot but it wont upload as it times out (pic size is 168kb). I will try again later. Spiff
-
Hello Spaceman Spiff, Can you please download combofix you will find it here. Print the following instructions and read them carefully. Please post the output of the scan into your next post. So I or someone else can see if there is still some infections. Best regards Niels here is the log; ComboFix 08-06-03.4 - Jon…
-
Hi, how do I get a screenshot? Spiff Here's the log report from Malwarebytes' Anti-Malware: Malwarebytes' Anti-Malware 1.14 Database version: 818 7:52:42 PM 03/06/2008 mbam-log-6-3-2008 (19-52-42).txt Scan type: Full Scan (C:\|) Objects scanned: 192830 Time elapsed: 1 hour(s), 42 minute(s), 15 second(s) Memory Processes…
-
Hmmmm... Malwarebytes' Anti-Malware version 1.14 http://www.malwarebytes.org/ Let's see if it's working ! Poste here a screenshot with the pop-up please ! Hi, how do I get a screenshot? Spiff
-
Thanks for your help. I will try the superantispyware and see what happens as I am still getting the popup. Spiff I ran the superantispyware and it found 21 bad cookies. The pop up still comes up. Sighhhhh. Spiff crysty2k5's EDIT: posts merged
-
Thanks for the reply crysty2k5, Here is the log report. Thanks for your help. Spiff Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:28:30 PM, on 27/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe…
