After following instructions - problem still exists...

Status
Not open for further replies.
That`s looking much better now.

However, we still have some things to do in order to clean your system.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.


Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

cmd.exe

Close task manager.

Run HJT with no other programmes open(except notepad).Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKCU\..\Run: [Udqphi] C:\DOCUME~1\Oisin\MYDOCU~1\YMBOLS~1\cmd.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\DOCUME~1\Oisin\MYDOCU~1\YMBOLS~1\cmd.exe

Reboot into normal mode and turn system restore back on.

Post a fresh HJT and let us know how your system is running.

Regards Howard :)
 
Your HJT log is now clean.

It appears you`re not running any firewall software.

This is a huge security risk.

You should consider installing a firewall, such as the free Zonalarm or the free Kerio firewall.

You can get them HERE and HERE.

If you have any further spyware/virus problems, please post in this thread.

Regards Howard :)
 
ok since the problem has been fixed... my computer is way slower and crashes a lot when I try to open control panel.
Also, I cant get it to switch back to the usual "show welcome screen" version of logging on or switching accounts.
And I cant get the User Accounts window to show in classic view so I can find the advanced tab to check things out in there.
Also occasionally AVG pops up and tells me it blocked a Trojan.
I dont know if all this could be involved in the problem I was having before.
I'll post a new HJT log just in case you need one.
Another weird thing is that when I downloaded ZoneAlarm it told me to turn off Google Desktop. Could this be because my version of Google Desktop isn't real?

thanks
 
Your HJT log is clean.

However, you should delete this file.

C:\Documents and Settings\Oisin\Desktop\zlsSetup_65_731_000_en.exe

This is because for whatever reason the zlsSetup_65_731_000_en.exe file is still running and it shouldn`t be. This may be responsible for slowing your system down.

I don`t think your Google desktop if fake, but maybe it`s conflicting with the Zonealarm installation.

Turn off the Google desktop and reninstall Zonealarm, then turn your Google desktop back on.

Can you give me the filepath to the trojan that AVG is reporting?

Regards Howard :)
 
I deleted the virus vault accidentally when opening it...... oops..
If it comes again I will post it here.

Any theory on why I cant get my login screen back to the usual welcome screen instead of the window popping up?
 
Any theory on why I cant get my login screen back to the usual welcome screen instead of the window popping up?
Click to expand...

Go to your control panel and double click user accounts. Click change the way users log on or off. Make sure the use the welcome screen option is checked, click apply options. Reboot your computer and see if that helps.

Regards Howard :)
 
tried it with just the welcome screen option and with both welcome screen option and fast user switching...

neither works.
 
Mmm that`s a strange one.

I must admit I`m not really sure what would cause that, other than some corrupt OS files.

Try clicking start/run and type sfc /scannow into the run box and hit the enter key. You will need your Windows cd handy. This will check your system files and replace any that are corrupt or missing. Note the space between the sfc and the forward slash.

If that doesn`t help, maybe you should open a new thread in the Windows OS forum.

Regards Howard :)
 
Having never used Google Earth, I have no idea if that website is legit or not.

I have clicked on your link, but got the following message. Firefox can't establish a connection to the server at 127.0.0.1:4664.

Regards Howard :)
 
Status
Not open for further replies.

Similar threads

A
Solved My computer was hit by unknown malware
2
Replies
30
Views
11K
Broni
Broni
midian182
Researcher fights back against tech scammers, tricks group into installing ransomware
Replies
4
Views
1K
Axiarus
Axiarus
Cal Jeffrey
E3 2018 preview: what to expect from the big video game event
Replies
2
Views
1K
R00sT3R
R00sT3R

Latest posts

Back