Once again, please disable any realtime protection applications. Highlight and copy the contents of the code box below and paste it into a blank...
Chances are it is infected with more than just the XP Antivirus and might require alternative methods. This is where guided help comes into play,...
Hi Tank, Are you able to boot to Safe Mode with Networking? If so, are downloads still blocked?
Copy and paste the following into the Run dialog. "%userprofile%\desktop\combofix.exe" /u ComboFix will appear to run, but it is actually...
Make sure you are doing it from the Dee user account, and that ComboFix.exe is on the Desktop. If ComboFix is not there, you will need to download...
Open My Computer On the Menu, click Tools then Folder Options Select the View tab Scroll down and select Show hidden files and folders...
That's odd. The last log you posted shows the following. Completion time: 2008-08-09 0:55:44 ComboFix-quarantined-files.txt 2008-08-09...
Are you currently using one of the desktop backgrounds that link to an online location? If so, does the error at logon persist if you don't use...
Hi Clif :) Who? Primarily comes out of the Russian Federation, like much of today's malware. A bit of info regarding 'who' here. Note yet...
Hi flatfoot, Click Start>Run and type (or paste) the following command, then hit Enter. sc stop lsass Now repeat with this command. sc...
Only Messenger Plus needs to be uninstalled. After you do that, reboot and run NoLop again, then post it's log here.
Run the following command from a command window. netsh int ip reset c:\resetlog.txt I need to see the contents of C:\resetlog.txt Reboot...
That's the same HijackThis log as your previous post. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:56:45 PM, on 8/8/2008...
You're most welcome. Glad I could help. :)
No, the one I want to see is located in C:\qoobox and is named ComboFix2.txt (unless you have run ComboFix again since the last time, which means...
That is the one. :)
It means the server at that address is dropping the ball. I'm surprised you got any results at all using www in that command. It's not a valid...
Both gmer and mbr.exe show the system is free of rootkits. Give me an update on the system's performance please.
Separate names with a comma.
