I ran the trendmicro housecall online scan and I kept getting a Firefox.exe "no disk error: cancel, retry, continue" if i clicked cancel it would continue the scan. it came up with a few results but I'm not sure if it fixed them or not, I can't figure out how to see a log of the results.
here is a new hijack this log for what its worth.
Logfile of HijackThis v1.99.1
Scan saved at 4:14:29 AM, on 11/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Your log is clean. How is your computer running now?
Please download Webroot SpySweeper from here: SpySweeper
Click the Free Trial link under to "SpySweeper" to download the program.
Install it.
Once the program is installed, it will open.
It will prompt you to update to the latest definitions, click Yes.
Once the definitions are installed, click Sweep Now on the left side.
Click the Start button.
When it's done scanning, click the Next button.
Make sure everything has a check next to it, then click the Next button.
It will remove all of the items found.
Click Session Log in the upper right corner, copy everything in that window.
Click the Summary tab and click Finish.
Paste the contents of the session log you copied into your next reply.
Install and run it. The windows tab should be opened in the upper left of the program. Click analyze and then click run cleaner. Just use the windows tab that is up front by default.
1.Uncheck "Cookies" under "Internet Explorer".
2.If you are running Firefox: ,then click on the "Applications" tab and uncheck "Cookies" under "Firefox".
spysweeper didn't detect anything. here is the log
********
11:11 PM: | Start of Session, Friday, November 04, 2005 |
11:11 PM: Spy Sweeper started
11:11 PM: Sweep initiated using definitions version 567
11:11 PM: Starting Memory Sweep
11:15 PM: Memory Sweep Complete, Elapsed Time: 00:03:16
11:15 PM: Starting Registry Sweep
11:15 PM: Registry Sweep Complete, Elapsed Time:00:00:35
11:15 PM: Starting Cookie Sweep
11:15 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
11:15 PM: Starting File Sweep
11:30 PM: File Sweep Complete, Elapsed Time: 00:14:47
11:30 PM: Full Sweep has completed. Elapsed time 00:18:51
11:30 PM: Traces Found: 0
********
11:09 PM: | Start of Session, Friday, November 04, 2005 |
11:09 PM: Spy Sweeper started
11:10 PM: Your spyware definitions have been updated.
11:11 PM: | End of Session, Friday, November 04, 2005 |
I ran ccleaner and it deleted 80mb worth of stuff including 817 IE temporary internet files.
the computer seems faster and a lot more stable now, although the java problem is still going on with the windows update page.
here is the new hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 1:44:04 AM, on 11/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
In internet explorer, if I click on "tools" then "windows update" I just get a blank page. nothing loads at all.
in firefox if I visit the windows update page, I actually get the display that says IE required.
I was having the same problem with those online virus scanners. I was never able to actually click the "start" button on the panda or bitdefender scans. I ended up having to use the trend micro scanner through firefox.
updated to the latest version of sun java, and still the same problems.
**EDIT**
If its of any use, prior to me posting this thread or even being able to connect that pc to the internet, I installed AVG, adaware, and spybot S&D and ran their scans.
AVG found 206 infections and they all were variants of I-worm/bagle
lots of .exe files in the c:\windows directory that were just random numbers like 54609384.exe, plus some other files like anti_firewall.exe
the adaware scan found about 40 objects including some vx2 files, one that I can remember was called belt.exe
the spybot S&D scan found something called "smitfraud-c" I think.
all of these scans were preformed in safe mode
All these infections were cleaned by the respective programs, but I'm wondering if their removal may have left some things corrupted on the system. Specifically something left that may be preventing me from accessing certain sites through IE.
the websites I've tried that do not display anything in Internet Explorer were
windowsupdate.microsoft.com
us.mcafee.com
The two online virus scanner pages you provided me with would display the page but the browser would not respond when I would click the start buttons to begin the scan. The same thing happened when I tried the trend micro online scan in IE.
hope that info helps a little. I think I have thoses logs on the computer unless ccleaner deleted them
do you think something is still leftover from these or am I just being paranoid?
That is a possibility some files were damaged by a virus alright.
Let's try this and see what happens.
This next to is a scanner called MWAV it finds things but doesn't remove anything.
Please download the free MWAV antivirus tool from here: ftp://ftp.microworldsystems.com/download/tools/mwav.exe
Save it to the desktop and run it. Follow the prompts to scan your system for viruses. Then please post for me the log of infected files from the BOTTOM panel of the scan window.
Be patient with the scanner it takes a long time to do but is very thorough. Thanks
If none found there do a search on your computer for them, reboot if something was removed. There should be folders in program files folder with those names attached, if you find some delete whole folder.
Then
Next,
Download the Intermute stand-alone version of CWShredder from here: cwshredder.net/bin/CWShredder.exe
Install it and check for updates then exit, we will use it later.
Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Run the Shredders, doesn't matter which one you run first, click FIX
reboot normal mode. How is your computer running now. We may have to send you to the XP help section on this forum cause this does not appear to be a virus related issue unless corrupted files by virus. They can help I'm sure.
just curious, why would the mwav scanner be showing that kodak software in its results?
I could not find anyting on the computer under those searches except for in the spybot S&D folders.
I ran the cw scans and the newer version fixed/removed
msconfig.exe
the computer is much faster now. after the cwshredder scans I tried the windows update page in internet explorer again and still no luck. problems with displaying javascript. I uninstalled and reinstalled sun java 5.0 and still not working.
after looking around for a while i found out that microsoft script engine 5.6 was removed at some point or another. Got it reinstalled and now the pages are working
