IE virus?

Sony / Vaio pcg-5g2m
June 2, 2009 at 09:50:13
Specs: Windows Vista
Hi,
I downloaded a bad torrent yesterday, which prompted Media Player to initialise a license download, and since then my AVG anti-virus shows alert pop-ups every time a new tab is opened in IE. I've tried to download Microsoft Malicious Software Removal Tool, but the page won't load after I click 'Download'. The same thing happens with numerous other Anti-virus downloads.
I have performed a Stinger scan, and 633(!!) viruses were found, as follows:
AdClicker-EV
AFXRootkit
Apropos
BackDoor-ALI
BackDoor-AQJ
BackDoor-AQJ.b
BackDoor-AWQ
BackDoor-AXO
BackDoor-BAC
BackDoor-CEB
BackDoor-CEB!bat
BackDoor-CEB!hosts
BackDoor-CEB.b
BackDoor-CEB.c
BackDoor-CEB.d
BackDoor-CEB.dll
BackDoor-CEB.dr
BackDoor-CEB.e
BackDoor-CEB.f
BackDoor-CEB.sys
BackDoor-CFB
BackDoor-CSX
BackDoor-CSY
BackDoor-CUX
BackDoor-CWD
BackDoor-DIX
BackDoor-DJF
BackDoor-DJZ
BackDoor-JZ
BackDoor-JZ.dam
BackDoor-JZ.dr
BackDoor-JZ.gen
BackDoor-JZ.gen.b
Bat/Autorun.worm.h
Bat/Autorun.worm.zr
Bat/Autorun.worm.zr!vbs
Bat/Autorun.worm.zw
Bat/Mumu.worm
Cleanup
CoreFlood
Coreflood!psexec
Coreflood.dldr
CoreFlood.dll
CoreFlood.dr
Cutwail
Danmec
DNSChanger.f
Downloader-AUE
Downloader-BAI
Downloader-DN.a
Downloader-DN.b
Downloader-UA
Downloader-ZQ
Exploit-DcomRpc
Exploit-DcomRpc.b
Exploit-DcomRpc.dll
Exploit-Lsass
Exploit-Lsass.dll
Exploit-MS04-011
Exploit-MS04-011.gen
Exploit-MSExcel.k
Exploit-MSExcel.l
Exploit-MSExcel.m
Exploit-MSExcel.n
Exploit-MSExcel.o
Exploit-MSExcel.p
Exploit-MSExcel.q
Exploit-MSExcel.r
Exploit-PDF.b
Exploit-PDF.b.gen
Exploit-PDF.c
Exploit-PDF.d
Exploit-PDF.e
Exploit-PDF.f
Exploit-PDF.g
Exploit-PDF.h
Exploit-PDF.i
Exploit-PDF.i.gen
Exploit-PDF.j
Exploit-PDF.k
Exploit-XMLhttp.d
Exploit-XMLhttp.d.gen
Exploit-XMLhttp.d.gen.b
Exploit-XMLhttpd.d
FakeAlert
FakeAlert-AA
FakeAlert-AB
FakeAlert-AB!htm
FakeAlert-AB.dldr
FakeAlert-AB.dr
FakeAlert-AC
FakeAlert-AD
FakeAlert-AE
FakeAlert-AF
FakeAlert-AG
FakeAlert-AG.gen.b
FakeAlert-AG.gen.c
FakeAlert-AH
FakeAlert-AI
FakeAlert-AJ
FakeAlert-AK
FakeAlert-AL
FakeAlert-AM
FakeAlert-AN
FakeAlert-AntiSpywarePro
FakeAlert-AntiSpywarePro.dll
FakeAlert-AntiVirusPlus
FakeAlert-AntiVirusPro
FakeAlert-AntiVirusXP
FakeAlert-AO
FakeAlert-AP
FakeAlert-AQ
FakeAlert-AR
FakeAlert-AS
FakeAlert-AT
FakeAlert-AU
FakeAlert-av2009
FakeAlert-av360
FakeAlert-AW
FakeAlert-AZ
FakeAlert-AZ!htm
FakeAlert-B
FakeAlert-B.dldr
FakeAlert-B.dr
FakeAlert-BA
FakeAlert-BB
FakeAlert-BC
FakeAlert-BD
FakeAlert-BE
FakeAlert-BE.gen
FakeAlert-BF
FakeAlert-BG.dldr
FakeAlert-BH.dldr
FakeAlert-BI
FakeAlert-BJ
FakeAlert-BK
FakeAlert-BL
FakeAlert-BM
FakeAlert-BN
FakeAlert-BO
FakeAlert-BO.dldr
FakeAlert-BP
FakeAlert-BQ
FakeAlert-BR
FakeAlert-BS
FakeAlert-BS.dll
FakeAlert-BT
FakeAlert-BU
FakeAlert-BV
FakeAlert-BV.dldr
FakeAlert-BW
FakeAlert-BX
FakeAlert-BY
FakeAlert-BZ
FakeAlert-C
FakeAlert-C.dr
FakeAlert-C.gen
FakeAlert-CA
FakeAlert-CB
FakeAlert-CC
FakeAlert-CD
FakeAlert-D
FakeAlert-E
FakeAlert-F
FakeAlert-G
FakeAlert-H
FakeAlert-I
FakeAlert-J
FakeAlert-K
FakeAlert-L
FakeAlert-LastDefender
FakeAlert-M
FakeAlert-MalDef
FakeAlert-MalDef.dldr
FakeAlert-MalDef.dll
FakeAlert-MCodec
FakeAlert-MCodec!htm
FakeAlert-N
FakeAlert-N.dldr
FakeAlert-O
FakeAlert-P
FakeAlert-Q
FakeAlert-R
FakeAlert-RealAV
FakeAlert-S
FakeAlert-S.dll
FakeAlert-SpyKiller
FakeAlert-SpywareGuard
FakeAlert-SpywareProtect
FakeAlert-SystemSecurity
FakeAlert-T
FakeAlert-U
FakeAlert-V
FakeAlert-W
FakeAlert-WinwebSecurity
FakeAlert-X
FakeAlert-XPAntivirus
FakeAlert-XPPoliceAntivirus
FakeAlert-XPSecCenter
FakeAlert-Y
FakeAlert-Y.dr
FakeAlert-Z
Fribet
Generic FakeAlert
Generic FakeAlert!lnk
Generic FakeAlert.d
Generic FakeAlert.e
Generic FakeAlert.f
Generic FakeAlert.g
Generic FakeAlert.h
Generic FakeAlert.i
Generic FakeAlert.j
Generic FakeAlert.k
Generic PWS.y!mem
Generic RootKit.a
Generic Rootkit.d
Generic RootKit.e
Generic RootKit.f
Generic!atr
Generic.dx
HackerDefender
HE4Hook
Hidden-Process.a
HideVault!sys
HideWindow
HideWindow.dll
HTool-T2W
IPCScan
IRC/Flood.ap
IRC/Flood.ap.bat
IRC/Flood.ap.dr
IRC/Flood.bi
IRC/Flood.bi.dr
IRC/Flood.cd
JS/Autorun.worm.ci
JS/Downloader-AUE
JS/FakeAlert
JS/FakeAlert-AB.dldr
MadCodeHook
NTRootkit-E
NTRootKit-H
NTRootKit-J
NTRootkit-S
NTRootkit-U
NTRootkit-Z
NTServiceLoader
Patched-Import
ProcKill
Proxy-Agent.af
Proxy-Agent.af.dr
Puper
PWS-Banker.dldr
PWS-FireMing
PWS-FireMing.dll
PWS-FireMing.dr
PWS-Gamania.gen.a
PWS-Gogo
PWS-Goldun
PWS-LDPinch
PWS-Narod
PWS-Narod.dll
PWS-Narod.gen
PWS-Progent
PWS-Sincom
PWS-Sincom.dll
PWS-Sincom.dr
Qoolaid.a
rootkit
RootKit-NTIllusion
Rustock
Spam-Mailbot.c
Spy-Agent.bv
Spy-Agent.bw
Spy-Agent.de
Spy-Agent.dn
Srizbi
StartPage-KM
StealthMBR
Vanquish
Vanti
VBS/Autorun.bj
VBS/Autorun.worm.au
VBS/Autorun.worm.ay
VBS/Autorun.worm.bi
VBS/Autorun.worm.bj
VBS/Autorun.worm.bs
VBS/Autorun.worm.by
VBS/Autorun.worm.ca
VBS/Autorun.worm.cy
VBS/Autorun.worm.dm
VBS/Autorun.worm.dn
VBS/Autorun.worm.dn!atr
VBS/Autorun.worm.dn!txt
VBS/Autorun.worm.dv
VBS/Autorun.worm.dz
VBS/Autorun.worm.en
VBS/Autorun.worm.ew
VBS/Autorun.worm.k
VBS/Autorun.worm.k!bat
VBS/Autorun.worm.k!reg
VBS/Autorun.worm.zd
VBS/Autorun.worm.ze
VBS/Autorun.worm.zl
VBS/Autorun.worm.zn
VBS/Autorun.worm.zo
VBS/Autorun.worm.zo!lnk
VBS/Autorun.worm.zs
VBS/FakeAlert-AB
VBS/FakeAV
VBS/IE-Title
Vundo
Vundo!grb
Vundo.dldr
Vundo.dr
Vundo.gen.aa
Vundo.gen.ab
Vundo.gen.ac
Vundo.gen.ad
Vundo.gen.ae
Vundo.gen.af
Vundo.gen.ag
Vundo.gen.ah
Vundo.gen.ai
Vundo.gen.aj
Vundo.gen.ak
Vundo.gen.al
Vundo.gen.am
Vundo.gen.an
Vundo.gen.h
Vundo.gen.i
Vundo.gen.j
Vundo.gen.k
Vundo.gen.l
Vundo.gen.m
Vundo.gen.n
Vundo.gen.o
Vundo.gen.p
Vundo.gen.r
Vundo.gen.s
Vundo.gen.s.dr
Vundo.gen.t
Vundo.gen.u
Vundo.gen.v
Vundo.gen.w
Vundo.gen.x
Vundo.gen.y
Vundo.gen.z
W32/Almanahe
W32/Almanahe.a
W32/Anig.worm
W32/Anig.worm.dll
W32/Autorun
W32/Autorun.worm
W32/Autorun.worm!inf
W32/Autorun.worm!ini
W32/Autorun.worm.a
W32/Autorun.worm.aa
W32/Autorun.worm.ab
w32/autorun.worm.ac
W32/Autorun.worm.ad
W32/Autorun.worm.ae
W32/Autorun.worm.af
W32/Autorun.worm.ag
W32/Autorun.worm.ai
W32/Autorun.worm.aj
W32/Autorun.worm.ak
W32/Autorun.worm.al
W32/Autorun.worm.am
W32/Autorun.worm.an
W32/Autorun.worm.ao
W32/Autorun.worm.ap
W32/Autorun.worm.aq
W32/Autorun.worm.ar
W32/Autorun.worm.as
W32/Autorun.worm.at
W32/Autorun.worm.av
W32/Autorun.worm.aw
W32/Autorun.worm.ax
W32/Autorun.worm.az
W32/Autorun.worm.b
W32/Autorun.worm.b.cfg
W32/Autorun.worm.ba
W32/Autorun.worm.bb
W32/Autorun.worm.bc
W32/Autorun.worm.bd
W32/Autorun.worm.be
W32/Autorun.worm.bf
W32/Autorun.worm.bg
W32/Autorun.worm.bh
W32/Autorun.worm.bk
W32/Autorun.worm.bl
W32/Autorun.worm.bm
W32/Autorun.worm.bn
W32/Autorun.worm.bo
W32/Autorun.worm.bp
W32/Autorun.worm.bp!reg
W32/Autorun.worm.bq
W32/Autorun.worm.br
W32/Autorun.worm.bt
W32/Autorun.worm.bw
W32/Autorun.worm.bx
W32/Autorun.worm.bx!inf
W32/Autorun.worm.bx.gen
W32/Autorun.worm.by
W32/Autorun.worm.bz
W32/Autorun.worm.c
W32/Autorun.worm.cb
W32/Autorun.worm.cb.dr
W32/Autorun.worm.cc
W32/Autorun.worm.cd
W32/Autorun.worm.ce
W32/Autorun.worm.cf
W32/Autorun.worm.cg
W32/Autorun.worm.ch
W32/Autorun.worm.cj
W32/Autorun.worm.ck
W32/Autorun.worm.cm
W32/Autorun.worm.cn
W32/Autorun.worm.co
W32/Autorun.worm.cp
W32/Autorun.worm.cp!bat
W32/Autorun.worm.cq
W32/Autorun.worm.cr
W32/Autorun.worm.cs
W32/Autorun.worm.ct
W32/Autorun.worm.cu
W32/Autorun.worm.cv
W32/Autorun.worm.cw
W32/Autorun.worm.cx
W32/Autorun.worm.cz
W32/Autorun.worm.d
W32/Autorun.worm.da
W32/Autorun.worm.db
W32/Autorun.worm.dc
W32/Autorun.worm.dd
W32/Autorun.worm.dd!inf
W32/Autorun.worm.de
W32/Autorun.worm.df
W32/Autorun.worm.dg
W32/Autorun.worm.dh
W32/Autorun.worm.di
W32/Autorun.worm.dj
W32/Autorun.worm.dk
W32/Autorun.worm.dl
W32/Autorun.worm.dn
W32/Autorun.worm.do
W32/Autorun.worm.dp
W32/Autorun.worm.dq
W32/Autorun.worm.ds
W32/Autorun.worm.dt
W32/Autorun.worm.du
W32/Autorun.worm.dw
W32/Autorun.worm.dx
W32/Autorun.worm.dy
W32/Autorun.worm.e
W32/Autorun.worm.ea
W32/Autorun.worm.eb
W32/Autorun.worm.ec
W32/Autorun.worm.ed
W32/Autorun.worm.ef
W32/Autorun.worm.eg
W32/Autorun.worm.ei
W32/Autorun.worm.ej
W32/Autorun.worm.ek
W32/Autorun.worm.el
W32/Autorun.worm.em
W32/Autorun.worm.eo
W32/Autorun.worm.ep
W32/Autorun.worm.eq
W32/Autorun.worm.er
W32/Autorun.worm.es
W32/Autorun.worm.et
W32/Autorun.worm.eu
W32/Autorun.worm.ev
W32/Autorun.worm.ex
W32/Autorun.worm.ey
W32/Autorun.worm.f
W32/Autorun.worm.g
W32/Autorun.worm.gen!job
W32/Autorun.worm.gen.cl
W32/Autorun.worm.gen.za
W32/Autorun.worm.gen.zb
W32/Autorun.worm.h
W32/Autorun.worm.h!lnk
W32/Autorun.worm.i
W32/Autorun.worm.j
W32/Autorun.worm.k
W32/Autorun.worm.l
W32/Autorun.worm.m
W32/Autorun.worm.n
W32/Autorun.worm.o
W32/Autorun.worm.p
W32/Autorun.worm.q
W32/Autorun.worm.r
W32/Autorun.worm.remmants
W32/Autorun.worm.s
W32/Autorun.worm.t
W32/Autorun.worm.u
W32/Autorun.worm.v
W32/Autorun.worm.v!bat
W32/Autorun.worm.w
W32/Autorun.worm.x
W32/Autorun.worm.y
W32/Autorun.worm.z
W32/Autorun.worm.zc
W32/Autorun.worm.zf
W32/Autorun.worm.zg
W32/Autorun.worm.zh
W32/Autorun.worm.zi
W32/Autorun.worm.zj
W32/Autorun.worm.zk
W32/Autorun.worm.zm
W32/Autorun.worm.zp
W32/Autorun.worm.zq
W32/Autorun.worm.zs
W32/Autorun.worm.zt
W32/Autorun.worm.zu
W32/Autorun.worm.zu.dr
W32/Autorun.worm.zv
W32/Autorun.worm.zw
W32/Autorun.worm.zw!inf
W32/Autorun.worm.zx
W32/Bagle
W32/Bagle!eml.gen
W32/Bagle!pwdzip
W32/Bagle.ad!src
W32/Bagle.dldr
W32/Bagle.dll.dr
W32/Bagle.eml
W32/Bagle.fb!pwdzip
W32/Bagle.fc!pwdzip
W32/Bagle.fd!pwdzip
W32/Bagle.fe!pwdzip
W32/Bagle.fm.dldr
W32/Bagle.gen
W32/Bagle@MM!cpl
W32/Blaster.worm
W32/Blaster.worm.k
W32/Bropia.worm
W32/Bugbear
W32/Bugbear.a.dam
W32/Bugbear.b!data
W32/Bugbear.b.dam
W32/Bugbear.gen@MM
W32/Bugbear.h@MM
W32/Bugbear@MM
W32/Conficker
W32/Conficker.c
W32/Conficker.sys
W32/Conficker.worm
W32/Conficker.worm!inf
W32/Conficker.worm!job
W32/Conficker.worm.dr
W32/Conficker.worm.gen.a
W32/Conficker.worm.gen.b
W32/Conficker.worm.gen.c
W32/Conficker.worm.gen.d
W32/Cutwail.a
W32/Deborm.worm.ah
W32/Deborm.worm.gen
W32/Doomjuice.worm
W32/Dumaru
W32/Dumaru.ad@MM
W32/Dumaru.al.dll
W32/Dumaru.dll
W32/Dumaru.eml
W32/Dumaru.gen
W32/Dumaru.gen@MM
W32/Dumaru.w.gen
W32/Elkern.cav
W32/Elkern.cav.c
W32/Elkern.cav.c.dam
W32/Feebs
W32/Fizzer
W32/Fizzer.dll
W32/Fujacks!htm
W32/FunLove
W32/FunLove.apd
W32/Gaobot.worm
W32/Harwig.worm
W32/IRCbot
W32/IRCbot.worm
W32/IRCbot.worm.dll
W32/Klez
W32/Klez.dam
W32/Klez.eml
W32/Klez.gen.b@MM
W32/Klez.rar
W32/Koobface.worm
W32/Koobface.worm.gen
W32/Korgo.worm
W32/Lirva
W32/Lirva.c.htm
W32/Lirva.eml
W32/Lirva.gen@MM
W32/Lirva.htm
W32/Lirva.txt
W32/Lovgate
W32/Lurker
W32/Maslan
W32/Mimail
W32/Mimail.c@MM
W32/Mimail.i!data
W32/Mimail.q@MM
W32/MoFei.worm
W32/MoFei.worm.dr
W32/Mumu.b.worm
W32/Mydoom
W32/Mydoom!bat
W32/Mydoom!ftp
W32/Mydoom.b!hosts
W32/Mydoom.dam
W32/Mydoom.t.dll
W32/Mytob
W32/Mytob.gen@MM
W32/Mytob.worm
W32/MyWife
W32/MyWife.dll
W32/MyWife@MM
W32/Nachi!tftpd
W32/Nachi.worm
W32/Netsky
W32/Netsky.af@MM
W32/Nimda
W32/Nimda.dam
W32/Nimda.eml
W32/Nimda.gen@MM
W32/Nimda.htm
W32/Nuwar
W32/Nuwar.dam
W32/Nuwar.sys
W32/Nuwar@MM
W32/Nuwar@MM!rar
W32/Pate
W32/Pate!dam
W32/Pate.dam
W32/Pate.dr
W32/Polip
W32/Polip!mem
W32/Polybot
W32/Polybot.bat
W32/Sasser.worm
W32/Sasser.worm!ftp
W32/Sdbot
W32/Sdbot!irc
W32/Sdbot.bat
W32/Sdbot.cli
W32/Sdbot.dll
W32/Sdbot.dr
W32/Sdbot.worm
W32/Sdbot.worm!ftp
W32/Sdbot.worm.bat.b
W32/Sdbot.worm.dr
W32/Sdbot.worm.gen
W32/Sdbot.worm.gen.a
W32/Sdbot.worm.gen.b
W32/Sdbot.worm.gen.c
W32/Sdbot.worm.gen.d
W32/Sdbot.worm.gen.e
W32/Sdbot.worm.gen.q
W32/Sober
W32/Sober!data
W32/Sober.dam
W32/Sober.eml
W32/Sober.f.dam
W32/Sober.g.dam
W32/Sober.q!spam
W32/Sober.r.dr
W32/Sober.r@MM
W32/Sobig
W32/Sobig.dam
W32/Sobig.eml
W32/Sobig.f.dam
W32/Sobig.gen@MM
W32/Spybot.worm
W32/SQLSlammer.worm
W32/Swen
W32/Swen@MM
W32/Virut
W32/Virut!mem
W32/Winemmem
W32/Yaha.eml
W32/Yaha.gen@MM
W32/Yaha.y@MM
W32/Yaha@MM
W32/Zafi
W32/Zafi.b.dam
W32/Zindos.worm
W32/Zotob.worm
W32/Zotob.worm!hosts

I've tried healing/removing the viruses, but this has not worked (AVG says 'action interrupted by user'). I don't really know what to do now, and which virus is the cause of my recent problems. Please help, anyone!! Thanks in advance!


See More: IE virus?

Report •


#1
June 2, 2009 at 10:04:59
Hi,
1) Can you please post your AVZ log:
Note: Run AVZ in windows normal mode. If avz.exe doesn't start, then try to rename the file avz.exe to something else and try to run it again. Make sure you have your web browser open in background before following the steps below.

1) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.

2) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.

3) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator.

You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.

begin
ExecuteStdScr(3);
RebootWindows(true);
end.


Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.

Image Tutorial

2) Can you also make a new HijackThis log and upload it to rapidshare.com. HijackThis: Here

-------------------------------------------------


Report •

#2
June 2, 2009 at 10:25:43
Thanks for the quick reply! Here's the link:
http://rapidshare.com/files/2400516...

Report •

#3
June 2, 2009 at 10:35:29
Still need Response Number 1 second part.

-------------------------------------------------


Report •

Related Solutions

#4
June 2, 2009 at 10:37:42

Report •

#5
June 2, 2009 at 10:41:50
Did you start AVZ As admin? http://img91.imageshack.us/img91/90...

-------------------------------------------------


Report •

#6
June 2, 2009 at 11:01:47
avz admin link:
http://rapidshare.com/files/2400642...

sorry about that.


Report •

#7
June 2, 2009 at 11:21:10
Follow these Steps in order numbered. Don't proceed to next step unless you have sucessfully completed previous step:

1) Run this script in AVZ like before, your computer will reboot:
Note: Make sure you start AVZ with "Run as administrator"

begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 QuarantineFile('\\?\globalroot\systemroot\system32\gxvxcghpusikfeentxsppqqdoyiikmrmiuxyv.dll','');
 QuarantineFile('c:\windows\temp\398130307.tmp','');
 DeleteFile('c:\windows\temp\398130307.tmp');
 DeleteFile('\\?\globalroot\systemroot\system32\gxvxcghpusikfeentxsppqqdoyiikmrmiuxyv.dll');
 DeleteFile('c:\windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job');
BC_ImportAll;
ExecuteSysClean;
ExecuteRepair(14);
ExecuteRepair(15);
BC_Activate;
RebootWindows(true);
end.

2) After Reboot. Attach a Combofix log, please review and follow these instructions carefully.

Download it here -> http://download.bleepingcomputer.co...

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows and pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan. Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please upload that file to rapidshare.com and paste the link here.

-------------------------------------------------


Report •

#8
June 2, 2009 at 12:56:14
computer crashed, so had to do it twice :(
http://rapidshare.com/files/2401044...

Report •

#9
June 2, 2009 at 13:32:35
That log is incomplete. How did it crash what error?

-------------------------------------------------


Report •

#10
June 2, 2009 at 13:35:50
I had the blue window up, saying Combofix is preparing the log, then the screen went blue and turned off, then restarted. Should I run the Combofix programme again?

Report •

#11
June 2, 2009 at 13:42:38
Please read Response Number 7 Carefully. Computer will restart by itself. Yes run combofix again and post complete log.

-------------------------------------------------


Report •

#12
Report •

#13
June 2, 2009 at 14:32:10
Follow these Steps in order numbered. Don't proceed to next step unless you have sucessfully completed previous step:

1) Run this script in AVZ:
Note: Make sure you start AVZ with "Run as administrator"

begin
CreateQurantineArchive('c:\quarantine.zip');
end.

2) A file called quarantine.zip should be created in C:\. Then please zip up C:\qoobox\quarantine and upload both it and C:\quarantine.zip to a filehost such as http://rapidshare.com/ Then, Private Message me the Download link to the uploaded file.

3) Lastly, uninstall Combofix by: pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) > Start > run > type combofix /u > ok. Or Start > run > type 123 /u > ok.

-------------------------------------------------


Report •

#14
June 2, 2009 at 14:50:14
Download Malwarebytes latest version or try running combo fix in safe mode....this should defenitely fix the problem

Report •


Ask Question