Here's the HJT Log. The wormradar.com entry looks fishy. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:22:40 PM, on 4/27/2009...
Hi Juliet, I've had no problems with google redirects since I last posted. I have NOT, however, reenabled the pagefile.sys. I'm afraid the virus...
Will do.
So far so good, no redirects, I ran another full scan with AVG 8.5 with no hits (also didn't mention mIRC, which I installed but haven't used in...
Happy Easter! Things are ok, but I have not re-enabled the virtual memory. Some programs are running a little slower (it seems). The last...
Reg query from earlier: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]...
HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:32:12 PM, on 4/11/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet...
Kaspersky: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Saturday,...
Update: Kaspersky has been running for 4.5 hours, and it is 7% done. I've got about 500 GB of data, and a lot of it is zipped files etc, but I...
Here are the "perma" files from the last OT log I was referring to: File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_1f8.dat scheduled to be...
I was in Tennessee last week! I have not rebooted my computer since we last spoke, I don't want to do something that might mess it up (i.e. when...
I just want to say thanks again for all your help. It's really amazing that a community of volunteers has so much knowledge and are willing to...
I also ran combofix per your earlier recommendation. Still haven't rebooted since last OT log: ComboFix 09-04-04.01 - Michael 2009-04-10...
I noticed that it didn't find 2 of those files on reboot, so I reran OT. It looks like those files are renaming themselves. I have not rebooted...
OT Log ========== PROCESSES ========== Process explorer.exe killed successfully. ========== REGISTRY ========== Registry value...
Good news! I have regained control of cmd and regedit. And I know how I messed it up. I didn't see which file was infected the first time the...
I did this part. I had not rebooted the machine at that point. It was the next part (regedit4) where it broke down. I will try the OTMove when...
Oh I also meant to ask. On the clean computer I can access regedit. Is there a way I can manually remove the line you instructed me to with the...
Thanks again for taking a look at this. I ran malwarebytes on the other computer with my infected hard drive as the slave. Mbam is what found it...
No worries, I really appreciate your help. I think I am going to pop it in my son's computer and try to clean it as a slave drive again. I'll...
Separate names with a comma.
