tallywacker

Hi 'srtools1980y' I did go through the contents if the link you posted and some of this has helped to speed things up a little. Thanks for the reply to my post..

Hi Guys, Thanks for the advice, I have done several thing including the instructions from yardbird (thanks) deafragmented the CDrive and used the built in XP disc cleanup. It is now running a little faster but appears to take an age to the internet browser (i am using mozilla) Any ideas. Thanks Martin

Hi Yardbird. Please could you let me know how to carry out your instructions above. I am running windows Xp and AVG antivirus. Please explain what you mean by 'Is your AV still ESET?' Thanks

Hi, I have used this forum previouly to remove a Malware infection from my computer. Since the removal my computer has been a little on the slow side, particularly on start up and when on the net. Can anyone suggest a cure for this? I have ran a scan and I have no Malware infections and other than the computer being (frustratingly) slow it is running fine. Please help. Thanks

Hi, My computer is again runing perfectly thanks to your help and advice. The experience of removing the virus (something i thought would never be possible with taking the computer to an expert) was good for me as a novice. It is great that there are forums like this to help others and I feel you do a great job. Once again thanks for all your help. It's Appreciated. Martin.

Hi Negster, I have downloaded and performed the scans as instructed. According to the logs the computer should be clear? Would you let me know what you think? I have pasted the logs below. Now I have downloaded MBAM, i have previously also been running Ad-Aware. Can these 2 run alongside each other or should I uninstall Ad-Aware? Do I aslo need to delete the CCleaner now that the scan has been done? Thanks . Malwarebytes' Anti-Malware 1.37 Database version: 2290 Windows 5.1.2600 Service Pack 2 16/06/2009 22:35:35 mbam-log-2009-06-16 (22-35-35).txt Scan type: Quick Scan Objects scanned: 84419 Time elapsed: 12 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) ................................................................................ ............................................................................... GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-06-16 21:50:17 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF762987E] SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7629BFE] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) ---- EOF - GMER 1.0.15 ----

Hi I have installed and carried out the scan using ESET. No infections were found during this scan. However, I could not get this to open in the START>RUN section. I have located the log on the c:drive and have copied and pasted below. Please let me know if this is the correct log file. My computer appears to be running very slowly, especially when using the internet. Yesterday whilst using the net it became impossibly slow to the point where I could not use it? I have aslo found that the email appears to have stopped sending and receiving and bring up an error message whilst trying to do so? Thank-you for your continued support. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=6 # iexplore.exe=6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) # OnlineScanner.ocx=1.0.0.5863 # api_version=3.0.2 # EOSSerial=6c21721de1278b4486f94a5d219035ab # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2009-06-14 07:25:03 # local_time=2009-06-14 08:25:03 (+0000, GMT Standard Time) # country="United Kingdom" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=1026 37 83 100 1705636094016 # compatibility_mode=5889 61 66 100 823859474700000 # scanned=32183 # found=0 # cleaned=0 # scan_time=3301

Hi. Appreciate your help and advise. I have ran combo fix and attached the log to this reply. I have also since ran Ad Aware and it has only picked up some cookies which I have removed. My computer however, does seem very slow. Please advise. Thanks . combox_fix_log_100609.txt combox_fix_log_100609.txt

Please help.. I have a Malware infection which I beleive is a trojan. I have scan the computer with Ad aware and it detects the infection but will not remove it. Spybot and Malware-bytes will not open when downloaded. I have read some of the post who appear to be experiencing the same problem. I have downloaded root Repeal and I have scanned and saved the log. Please could I ask someone to advise me on the attached log file. I believe I need to remove the rootkit but need an expert to tell me which file to wipe. Thanks. ROOTREPEAL © AD, 2007-2009 ================================================== Scan Time: 2009/06/11 20:53 Program Version: Version 1.3.0.0 Windows Version: Windows XP SP2 ================================================== Hidden/Locked Files ------------------- Path: C:\hiberfil.sys Status: Locked to the Windows API! Path: C:\WINDOWS\system32\UACafmytblhymcihin.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACbutofyqxwprriqh.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACcwfldkmwoqhgsby.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UAChxudpuxdtmrbewn.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\uacinit.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACjcfgrmdcdxjpnrg.db Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACkcponxwixnywxol.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACkeietrnswemxoeo.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACkwchgltbdguyece.log Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\uactmp.db Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACtwkduimjewtkila.dat Status: Invisible to the Windows API! Path: c:\windows\temp\8c2b4a6c-363a-488c-9794-33bd998c528d.tmp Status: Allocation size mismatch (API: 327680, Raw: 0) Path: C:\WINDOWS\Temp\UAC38ab.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\Temp\UAC3cd0.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\drivers\UACptkyfqxuxovphxw.sys Status: Invisible to the Windows API! Path: c:\documents and settings\administrator\local settings\temp\etilqs_1cjmjlfzmfbqazjuwpvd Status: Allocation size mismatch (API: 32768, Raw: 0) Path: C:\Documents and Settings\Administrator\Local Settings\Temp\UAC14c9.tmp Status: Invisible to the Windows API! Path: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\UO2VOASO\ac[25].htm Status: Visible to the Windows API, but not on disk. Path: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Quarantine\uacafmytblhymcihin.dll.8f64756049a5187f0355adf45677239.aawqff Status: Invisible to the Windows API! root_files.txt root_files.txt