Just as I was about to write a note saying things look much better since the last weekend when I started seeking help, something has struck and it is now worse than it ever was!
Here is the sequence of events:
I donwloaded Dialafix and ran it as you advised. It took much shorter time than I anticipated and finished the permission task. I re-booted and attempted to install AVG again. It again failed though I got some other error this time.
I then wanted to check if the issue was with AVG or any anti-virus software. So, I tried to install Avira this time. It worked! It got installed and after a re-boot it looked to be all set. It came up beautifully on boot and if I remember right, it even did a system scan once.
Now since the download has not been happening due to the "Security Zone" error message, I have been using a USB stick back and forth from another laptop to transfer files. I have been trying to be very careful and have kept scanning this USB stick with MAMB, AVG and Dr. Web.
However when I put the USB stick the next time on the laptop of interest which now had Avira running, it threw up some dialog boxes about a Trojan threat and I chose the default option which was DENY ACCESS. ( I recollect that the USB stick was plugged but am not absolutely sure if the error was with the system after a re-boot coinciding with the USB being plugged) It threw couple of other options which came very fast and were probably related to it. The next thing I knew --- the screen went blank with the blue background colour ( not the death-screen blue). I waited for a while but nothing changed. I hard re-booted with the power switch and again it started with the Windows screen and the welcome screen after which the blank blue screen remained. I tried re-booting in SAFE mode : after the user login choice, the screen goes black and blank except for "SAFE MODE" on the four corners of the screen and the OS/hardware details on the top as it always comes.
I tried to re-boot several times in NORMAL or SAFE mode but there was no difference.
Once after a couple of hours in NORMAL mode the same error message was thrown though this time the USB stick was not plugged in. I took a quick picture of the message on my camera phone before it disappeared but that picture did not come very clear.
Later tinkering around I found that I could get into the command prompt mode while booting using F8 though I could still not get into SAFE mode. Navigating directories, I launched Dr Web from the command prompt, and it ran well and returned without an detection on Express Scan. Next I launched Avira from the same mode and found find the references to the following which co-incide with the recollections I had of the last detection when it last booted in NORMAL mode.
It mentioned the following:
- TR/Crypt.CFI.Gen Trojan (source visicon.exe)
- TR/CryptXPACK.Gen Trojan (source pj11icon.exe)
- TR/CryptXPACK Gen Trojan (source misc.exe)
It also had references to four instances of containing " HEUR/Malware suspicious code of which three were in C:\WINDOWS\Explorer.EXE and one in GSimReaderApp.exe which is probably an application I have loaded long time back to take backup of SIMs.
I am attaching a picture of one of the last AVIRA messages I got when it booted last in NORMAL mode to show how it looked. I message relates to some Trojan and I can see that it refers to something probably in C:\Windows\Installer\....something.
So, that's where it is. The laptop is now not even booting though I was able to install Avira. The hope : I have command prompt access!
Update : I have launched AVIRA scan and it is still running with over 1375 detections though a few hundred were from one of the old AVZ4 folders from the quarantine or some similar location. Will update the results once the scan is over.
Edited by Michelle1123, 08 August 2009 - 06:59 AM.
This topic is locked
Sign In
Create Account
