8/4/09 the results of the kapersky scan are: detected://www.viruslist (3)times password protected (10) times. I have no idea what that means except that the viruslist items were listed as "vulnerabilities" at one point.

0

Post a screen shot of detected items or active threat. If I'm helping you and I don't reply within 24 hours send me a PM.

0

I found 2 more items from kaparsky scan: 1.suspicious driver installed.....aegisi5.exe 2.vulnerabilities (3): #31106 Mozilla #31010 Java.exe #28083 Musicmatch jukebox I can't use my computer since I cannot access the internet. I am typing this from another. If the malware detected above is in the scan does that mean that Kaparsky has neutralized it? Where do I go from here?

0

Why isn't your internet working? If I'm helping you and I don't reply within 24 hours send me a PM.

0

I went into the router and found that the ip number had changed suddenly. My attempt to change it back failed. Mozy backed up my files and they tell me that they can make cd's of these files. If I clean my computer disc how can I load the mozy backup cd's without transfering the malware? I take it that the scan from kaparsky was of no value. It was not brought up to date because of my internet problem. I can only run in safe mode and that appears to be having problems. I tried to get a saved item from word and the computer froze.

0

humblejohn, you may want to unload IE8 and revert back to IE7. I've done that on many PC's in the past lately. Also try running a scan with Malwarebytes http://www.filehippo.com/download_m... and removing all it finds....try loading it onto a thumbdrive or rewriteable CD on another PC and then installing it on the problem one. Some HELP in posting on Computing.net plus free progs and instructions Cheers

0

For the time being I am back on the internet. I updated Kaparsky and scanning but everytime the scan stops on the virus "rootkit.win32.podnuha.a". The computer reboots and then the same thing happens again. When Karparsky finds something like this doesn't it delete it? Am I supposed to delete it??? I have not been able to complete a full scan-I got as far as 65% and then it stopped and the computer froze! Am I doing the right thing or should I shoot myself? BTW can I run malwarebytes when Kaparsky is in my computer?

0

Which version of kaspersky are you running? If I'm helping you and I don't reply within 24 hours send me a PM.

0

Here is a copy of the scan completed today. http://rapidshare.com/files/2649787... Thanks for your time.

0

follow: 1) Install, update database and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, fix anything detected. 2) Run full Scan with SuperAntispyware : http://www.superantispyware.com/dow... . Fix what it detects and post summary scan log. If I'm helping you and I don't reply within 24 hours send me a PM.

0

Here is the Superspyware logs from 8-8-09: http://rapidshare.com/files/2652433... Here is the Malware log: http://rapidshare.com/files/2652489... thanks for your time. My computer is still very, very slow despite all the scans. I think the trial versions do very little actual scanning and deletion. See ya.

0

Note: I can help you remove malware manually. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. First Track this topic. Then follow: 1) Can you please post your AVZ log: Note: Run AVZ in windows normal mode and make sure you are connected to internet. If avz.exe doesn't start, then try to rename the file avz.exe to game.pif and try to run it again. Pause/Stop your antivirus, firewall software (if any), close games, text editors and all other programs; leave Internet Explorer/Firefox running, before following the steps below. i) To create the log file, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder. ii) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice. iii) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open. Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator. You should now see the main window of the AVZ utility. --> Please navigate to "File" => "Custom Scripts". Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click. begin ExecuteAVUpdate; end. Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script. --> Choose from the menu "File" => "Standard scripts" and mark the "Healing/Quarantine and Advanced System Analysis" check box. Click on the "Execute selected scripts" button. Automatic scanning, healing and system check will be executed. A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip. Upload virusinfo_syscure.zip to rapidshare.com and paste the link here. * It is necessary now to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan. All applications will work properly after the system restart. Image Tutorial 2) Download and Run DDS which will create a Pseudo HJT Report as part of its log: DDS Tool Download Link. When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt Upload the logs to rapidshare.com and paste download link in your next reply. Note: Disable any script-blocking programs and then double-click on the DDS.scr icon to start the program. If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.scr to run. Please allow it to do so. In your next reply, please include download links to the following: [*] virusinfo_syscure.zip [*] DDS Logs If I'm helping you and I don't reply within 24 hours send me a PM.

0

cannot get avz.exe to scan fast enough. It has so far scanned to #3 which I believe is the disk scanning section. The remaining time keeps increasing from a start of .28 to 1.23. After about an hour this point is reached and then the computer starts to act up-the mouse will not activate anything. After I turn the computer off and restart I go through the same thing. Initially everything-internet connection-avz toolkit etc.After about an hour the whole thing locks up again.

0

AVZ can take couple hours. Pause all your antivirus/spyware programs and let it finish its scan. Don't use your computer while its scanning. If I'm helping you and I don't reply within 24 hours send me a PM.

0

Try to make this log: Start AVZ*. Choose from the menu "File" => "Standard scripts" and mark the "Advanced System Analysis" check box. Click on the "Execute selected scripts" button. A system check will be executed. A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip. Upload virusinfo_syscheck.zip to rapidshare.com and paste the link here. * It is necessary now to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan. All applications will work properly after the system restart. In your next reply, please include download links to the following: [*] virusinfo_syscheck.zip If I'm helping you and I don't reply within 24 hours send me a PM.

0

here is the file from the system check: http://rapidshare.com/files/2667812...

0

Here are the 2 scans from DDS: 1.DDS.txt http://rapidshare.com/files/2667918... 2.Attach.txt http://rapidshare.com/files/2667924...

0

This is the first full scan per your 8/11/09 instructions. Standard scripts and advanced sys analysis: http://rapidshare.com/files/2668111...

0

Wrong files for Response Number 21. Please attach the correct files. If I'm helping you and I don't reply within 24 hours send me a PM.

0

I hope these are the files you are looking for: http://rapidshare.com/files/2674966...

0

Wrong files again.. lol If I'm helping you and I don't reply within 24 hours send me a PM.

0

Follow: Run a full scan with http://www.eset.com/onlinescan/ # Check the box next to YES, I accept the Terms of Use. # Click Start # When asked, allow the activex control to be installed. # Click Start # Check below options: * Remove found threats * Scan archives * Scan for potentially unwanted applications (Advance Settings). * Enable Anti-Stealth technology (Advance Settings). # Click Scan # Wait for the scan to finish # When it finishes it will create a log file here: C:\Program Files\ESET\ESET Online Scanner\log.txt # Attach this logfile to your next message. Illustrated tutorial: http://img155.imageshack.us/img155/... If I'm helping you and I don't reply within 24 hours send me a PM.

0

Here is the Eset log of 8/15/09: http://rapidshare.com/files/2676508...

0

Follow these Steps in order numbered. Don't proceed to next step unless you have successfully completed previous step: 1) Attach a Combofix log, please review and follow these instructions carefully. Download it here -> http://download.bleepingcomputer.co... Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it. Now, please make sure no other programs are running, close all other windows and pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) until after the scanning and removal process has taken place. Please double click on the file you downloaded. Follow the onscreen prompts to start the scan. Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal. You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed. Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please upload that file to rapidshare.com and paste the link here. 2) Please zip up C:\qoobox\quarantine and upload it, to a filehost such as http://rapidshare.com/ Then, Private Message me the Download links to the uploaded files. If I'm helping you and I don't reply within 24 hours send me a PM.

0

Tried Kaspersky scan once again. I don't know how to make a zip but it is .rar. If this is any use let me know: http://rapidshare.com/files/2684909... I can't figure it out but the computer seems to be working better now even though it is still very slow. I made above scan after updating Kaspersky.

0

Did you finish Response Number 30 ? If I'm helping you and I don't reply within 24 hours send me a PM.

0

combofix.log 8/19/09: http://rapidshare.com/files/2692615... Please let me know if this is of any value. Thanks again

0

Complete part 2 of 30. If I'm helping you and I don't reply within 24 hours send me a PM.

0

I am not sure you can open my last pm to you regarding: http://rapidshare.com/files/2693308... I am resending here.

0

That is the log. Quarantined files is different. Read step #2 of 30. If I'm helping you and I don't reply within 24 hours send me a PM.

0