[Michelle]

I'm going to have to go back and read to try to refresh my memory as to what I was planning on doing...I've slept and done many logs since you last posted I know you said she can't run scans even online ones, but I want her to try to download this program and run it (It needs to be run in Safe Mode):

Please download ewido security suite

• Install ewido security suite
• Launch ewido, there should be a big E icon on your desktop, double-click it.
• The program will prompt you to update click the OK button
• The program will now go to the main screen

You will need to update ewido to the latest definition files.

• On the left hand side of the main screen click update
• Click on Start

The update will start and a progress bar will show the updates being installed.

Once the updates are installed do the following:

• Reboot into Safe Mode, you can do this by restarting your computer, then contiunally tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Then, run Ewido.
• Click on scanner
• Make sure the following boxes are checked before scanning:
  • Binder
  • Crypter
  • Archives
• Click on Start Scan
• Let the program scan the machine

While the scan is in progress you will be prompted to clean files, click OK

Once the scan has completed, there will be a button located on the bottom of the screen named Save report

• Click Save report
• Save the report to your desktop

Reboot into normal mode.

Post the log from Ewido and new HiJackThis log.

Edited by bananafanafo, 22 May 2005 - 08:51 PM.

[Advertisements]

Hey Banana,

Well, I finally killed this thing off, yay

As you know I couldn't get most scanners and tools to work because of the virus, but I kept downloading different ones and trying them out. I came across one called A-Squared which didn't work either, but it had a feature called Hijackfree which is sort of a like HijackThis but displays things differently. After spending a lot of time combing through it I found some suspicious entries including what I think was probably the real "buddy" file.

I trashed it and various other files and and registy entries and rebooted, and the thing was finally gone from memory. Then I was able to run all the usual stuff no problem and found tons more viruses and spyware and got rid of those too. Norton was damaged and wouldn't uninstall but I found a utility on their site that did it a different way, so that's working again.

So, all is well again and I appreciate all your time and effort. I will be sending you a little something via PayPay as a token of my appreciation. By the way, I looked at your profile and you are pretty cute! What are you doing working on viruses late into the night?

Thanks again and hopefully we won't be talking again soon
Take care,
Jad

[Jad]

Hey Banana,

Well, I finally killed this thing off, yay

As you know I couldn't get most scanners and tools to work because of the virus, but I kept downloading different ones and trying them out. I came across one called A-Squared which didn't work either, but it had a feature called Hijackfree which is sort of a like HijackThis but displays things differently. After spending a lot of time combing through it I found some suspicious entries including what I think was probably the real "buddy" file.

I trashed it and various other files and and registy entries and rebooted, and the thing was finally gone from memory. Then I was able to run all the usual stuff no problem and found tons more viruses and spyware and got rid of those too. Norton was damaged and wouldn't uninstall but I found a utility on their site that did it a different way, so that's working again.

So, all is well again and I appreciate all your time and effort. I will be sending you a little something via PayPay as a token of my appreciation. By the way, I looked at your profile and you are pretty cute! What are you doing working on viruses late into the night?

Thanks again and hopefully we won't be talking again soon
Take care,
Jad

[Michelle]

Ohh I am so glad to hear you were able to figure out your problem and get rid of it! That is awesome!

Well that is very sweet of you to do (and say )

What are you doing working on viruses late into the night?

Because I'm a Geek and I love helping people

Thank you very much!
Michelle