Jump to content

steve-o

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sounds good. It should hold, it seems pretty stable right now.
  2. Lol. Definitely a mystery. So should I run MBAM again in Windows and see if anything else is picked up. And maybe another AVG scan as well?
  3. Thanks for the input Sulli. Any help is much appreciated.
  4. Yardbird, I made it through! Here is what I did. I closed out of everything and then went through the process of shutting down pc. Instead of restarting, I shut completely down, waited for 30 seconds and then pressed button to start the computer again. I booted up fine with no problems. My desktop showed up and everything looked fine. I clicked on the MS IE button on the bar at bottom of screen and after a few seconds I got a typical error message from MS Windows saying 'The system has recovered from a serious error. A log of this error has been created.' Then it basically goves me the option to tell Microsoft about the problem so I can send an error report to them. The buttons say 'Send Error Report' or 'Don't Send'.
  5. You bet. I will try it and if I am unsuccessful I will be right back to let you know.
  6. Yes, below is the log that found the infections: Malwarebytes' Anti-Malware 1.38 Database version: 2310 Windows 5.1.2600 Service Pack 3 6/20/2009 6:46:45 AM mbam-log-2009-06-20 (06-46-45).txt Scan type: Quick Scan Objects scanned: 180861 Time elapsed: 24 minute(s), 37 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 0 Registry Data Items Infected: 7 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\AVR09.exe (Adware.AdvancedVirusRemover) -> Quarantined and deleted successfully. C:\WINDOWS\system32\critical_warning.html (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  7. There are no other messages or errors or anything like that. The only issues are 1) continuous reboot just as my desktop shows itself, and 2) redirecting links (even in safe mode). Additional info: after MBAM discovered the infections, I rebooted the pc and it worked just fine for about three or four hours. Then it suddenly rebooted by itself and has not worked correctly since. I'm in safe mode now and it is the only way for me to communicate with you. And yes, I totally agree....one pc at a time.
  8. Yes, in fact I ran AVG twice with no detection whatsoever. The malware had the system (scan) slowed to the point it took most of this week to run them. So then I researched some of the issues on my work pc and discovered MBAM. That scan found the malware right away. But as indicated earlier, the pc still has issues.
  9. AVG 8.5 and I thought Windows Firewall, but that looks like it is disabled. Yes on Win XP with Service Pack 3.
  10. Yardbird, Thank you very much for responding so quickly. To be very blunt - I don't know. In fact I do not even know where to check or look to confirm your questions. I am a total amateur or newbie when it comes to computer troubleshooting. Can you direct me? Steve
  11. Below is the latest scan I ran without a trace of malware. However, I continue to get redirected and experience continuous reboots at startup. I get to the point where I can see my desktop and icons but then screen goes black and the reboot process starts all over again. The only way I can intervene is by hitting F8 and entering pc at Safe Mode level which allows me to then to have Internet access and the ability to run MBAM. If helpful I can show log that did find the malware previously. Any assistance is appreciated. Thank you. Malwarebytes' Anti-Malware 1.38 Database version: 2317 Windows 5.1.2600 Service Pack 3 6/20/2009 7:19:38 PM mbam-log-2009-06-20 (19-19-38).txt Scan type: Quick Scan Objects scanned: 183613 Time elapsed: 25 minute(s), 1 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected:
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.