What is Popping Up?
#16
Posted 28 August 2006 - 06:55 AM
Register to Remove
#17
Posted 28 August 2006 - 06:48 PM
not a nuisance, thats what iam here for.Sorry to be such a nuisance, but I'm still having problems
looks like you have anumber of files with the virus.
lets try this first: we will do everything in safe mode. please limit your time online until computer is cleaned up
if you havent gotten atf cleaner yet, get it here:
http://www.atribune....tent/view/25/2/
check for updates to your av
---------------------------------------------------------
boot computer into safe mode by tapping the f8 key during a computer restart. chose the first option from the list: safe mode. once in safe mode:
use atf cleaner, under main. check: select all then click: empty selected.
still in safe mode, run your antivirus and ewido.
----------------------------------------------------
reboot normally, first stop>>>lets try kaspersky online scanner:
Kaspersky virus scanner
http://www.kaspersky.com/virusscanner
click on online scanner, accept EULA, after it loads database (may take awhile) click next
click Scan settings button
select extended
Under Scan options check both Scan Archives and Scan Mail Bases, then ok
click on My computer link and scan will begin
after scan is done (may take awhile) there is a option to Save report as a .txt file. Click that button. Copy and paste the report into your reply
--------------------------------------------
please post the kaspersky report from the scan.
shelf life
#18
Posted 29 August 2006 - 04:01 PM
#19
Posted 29 August 2006 - 04:02 PM
#20
Posted 29 August 2006 - 04:07 PM
#21
Posted 29 August 2006 - 04:09 PM
#22
Posted 29 August 2006 - 06:51 PM
#23
Posted 29 August 2006 - 07:45 PM
#24
Posted 30 August 2006 - 06:06 PM
we can try this first if you want. i was going to suggest running trendmicro cleaner, but have you download the files to cd then install on the bad computer. you can try downloading the files from there web site. there are 2 files the sysclean.com and the signature files. there are instructions on the web site also. about downloading installing and using. has to be run in safe mode after you get the downloads.
http://esupport.tren...entID=en-125991
they would just run virus apps to try and clean it up for you. they might also suggest a reformat/reinstall of windows, which you could do yourself (would wipe hard drive clean)of course it would cost money.Could I take my computer in for someone to work on it, perhaps where it was purchased, or would they just tell me the same thing?
your antivirus, is it setup to download updates automatically? if you click the icon by the clock do you see anything about check for updates. sorry i never used norton but it should be like the others.
see if this link helps:
http://service1.syma...src=sec_web_nam
shelf life
#25
Posted 31 August 2006 - 11:43 AM
Register to Remove
#26
Posted 01 September 2006 - 01:37 PM
sorry for the delay.
If I performed this system cleaning procedure, which I've read over, could I possibly lose Word or Kodak picture files that might be infected if I cleaned the system?
i couldnt say for sure. the virus damages windows .exe files. its possible that after getting rid of the virus that word may have to be reinstalled and also whatever app handles your picture files. lets say you reinstall them, would the reinstalled software open up any word or picture file? i cant tell you for sure because i dont know. i would think the saved documents or pics would be ok but i cant say for sure. and thats all based upon if the sysclean procedure would work removing the virus from your computer.
you know if your antivirus is up to date?
shelf life
#27
Posted 01 September 2006 - 02:15 PM
#28
Posted 01 September 2006 - 05:49 PM
excellent, thats good newsit really seems to have worked.
you need a free antivirus? first remove norton via the add/remove programs panel. restart computer once then go here to get avg free version:I think my subscription is lapsed.
http://free.grisoft....e/lng/us/tpl/v5
install, update and run a scan. can be set to check for updates automatically or manually.
you might also want to run ewido anti spyware to check for other nasties since the virus can download other carp**. its a 30 day version. after 30 days the ewido real time protection or "guard" becomes disabled unless you purchase it. you can still update and scan without purchasing it though.
questions? let me know
http://www.ewido.net/en/
shelf life
#29
Posted 05 September 2006 - 05:40 AM
#30
Posted 05 September 2006 - 05:00 PM
Could restoring my computer with the built in auto restore procedure for XP
no, we need to make new restore points. its possible for nasties to get archived in the restore points. best thing to do is make new ones.
in fact thats what all this is:
C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP10\A0028690.exe Infected: Virus.Win32.Sality.q skipped
C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP10\A0028691.exe Infected: Virus.Win32.Sality.q skipped
C:\System Volume Information\_restore{BC9F3C70-F33F-48FB-93C7-198E1A9B1607}\RP10\A0028694.EXE Infected: Virus.Win32.Sality.q skipped
how:
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(winXP)
1. Turn off System Restore. (deletes old possibly infected restore point)
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.(new restore points on a clean system)
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK, then reboot
since its been awhile how about posting another hjt log for me also.
shelf life
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users