Help + Log Check

Status
Not open for further replies.

JBROX

Posts: 8   +0
I caught a virus or worm 2 days ago, it was W32.Kaxela.A (possibly from USB). So i followed the 8-step process, but my computer got rebooted in the middle and after it was rebooted the IE-7 couldn't work anymore. (Don't have firefox at the time) Then I restored my computer to a point 2 days ago....but the virus was still detected after restoring, tho IE-7 started working again. I ran the 8-step process and seemed like everything was fine.

I also installed the latest version of Firefox 3, but after installation it says
"Failed to Connect
Firefox can't establish a connection to the server at en-us.start2.mozilla.com."
I checked my firewall it's not blocked. I also checked the internet options comparing it to IE - no difference (not that i know of). It also says "no proxy" from the Advanced connection setting for Firefox.
I have symantec antivirus -- dunno if this is causing the problem. I am using Vista 64. I also use AntiVir, Malwarebytes....from the 8-step removal process.

Then this morning after i turned on my computer, the IE wasn't working agian after some windows update which rebooted my computer.....so I restored my computer again to the point before windows update....
It's been very bothering, both the disability to connect firefox and whatever the system or virus is doing to my IE.
Could anyone please help resolve the problems?

I saw some trojan files just now from the backup items in Symantec antivirus so i deleted all of them (hope i didn't make a mistake there)...
And I ran the 8 step remmoval process again....here are the attached files.

Please help!!! It'd be greatly appreciated!!! Thank you very much!
 
Hello JBROX :)

It looks like you have 3 active antivirus programs running ?
(Avira, Ca Internet Security, and Norton/Symantec)
"If the resident scanners of three different AV programs are used simultaneously, conflicts can result. The computer may run very, very slowly, it may become difficult to access files or the computer may crash altogether.”

I´ll therefore suggest you remove 2 of them from Programs and Features in controlpanel.

Reboot, attach new hijackthis log and tell how things are running now ?
 
Hi touch,

I have uninstalled both CA and the anitivir. (Firefox is still not working....)

And before all these my computer rebooted again after a "Windows update" which made me unable to use IE-7 again.....so i restored my computer....again....
Could the "Windows update" thing be some kind of virus? I scanned my computer with Antivir, b4 i deleted it, got 7 warnings but no detection of virus. But it seems to me that the "windows update" thing is causin my problem using IE everytime. (I didn't get a chance to see what exactly Windows was trying to update unfortunately..)

Here are the AntiVir scan log and the hijackThis log

Thanks so much for helping!!
 
Ok, let´s dig deeper, and check if you have any hidden infections ->

Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe

And save to the desktop.

Close all other browser windows.

Please connect all your external hard drive/flash drive before running Combofix, if you have any


Double-click on the combofix icon found on your desktop.

Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When finished, it will produce a logfile located at C:\combofix.txt.
please attach it to your next post
 
HI,
I haven't successfully installed ComboFix....It says that it's private blah blah blah should I click "Yes"?
On the other hand, I checked the Windows Update in control panel and i changed the setting to "check for update but let me choose whether to download and install them", also i think it's the "security update for windows vista" that's causing the problem for IE-7 each time. Now i have 10 important updates but i have no idea whether to update them.....what should i do?
 
Although I advise always to do Windows Security Updates
It may be best to continue with touch's support in cleaning out all infections first ;)

The last thing he asked for was a ComboFix log :)
 
Hi,

Here's the ComboFix Log

Please let me know what's wrong with my computer

It'll be greatly appreciated!

p.s. I have no idea why there's Chinese in it....(I downloaded the ComboFix directly from touch's link.....) Let me know if it matters and let me know what I need to do ....thanks
 

Attachments

  • ComboFix.txt
    18 KB · Views: 6
I live in NA and am using an English version of Vista but I did set the computer to read Chinese (dunno if that's why). Should I try dl an English version (if i can) and run ComboFix again?

The c:\windows\system32\drivers\kmxzone.u2k7 result is
File kmxzone.u2k0 received on 04.02.2009 22:42:30 (CET)
Current status: finished

Result: 0/40 (0.00%)

or

File: kmxzone.u2k7
Status: OK
MD5: 1cd0eecfe733e704401e3316e80a8ffa
Packers detected: -
(it says "found nothing" for all the listing below this)
 
No need to download an English version, as I can see what I need to see in combofix log ;)

Open notepad and copy/paste the text in the codebox below into it:
Name the file as CFScript
and Save it on the desktop

Code:
Killall::
Snapshot::
Folder::
k:\resycled
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9579350d-8d99-11dd-b52a-001e9033966e}]

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post


Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
 
Hi
Here's the new comboFix log
I have some question...
My firefox is still not working...(does it have to do with something else?)
LIke I said, I reset the "windows update" should i change it back to "install updates itself without asking me?"
 
I think you should change it to change it to "Notify me when updates are available"

Please tell (again) what happens excactly when try to use firefox ?
 
I changed it to "download update and let me choose whether to install them" (i dunno if it's bcs i'm using vista, i don't see an option as "notify me when updates are available" )
The firefox keeps on saying "fail to connect" -- "Firefox can't establish a connection to the server at en-us.start2.mozilla.com." is it bcs of some kinda antiviral sys? (i think i've made sure that the firewall is not blocking the program)
 
Ok.

Try running the following from a command line (CMD):

IPCONFIG /FLUSHDNS

then:

NETSH INT IP RESET RESET.LOG

and reboot.
 
Status
Not open for further replies.
Back