We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Virus. Pc keeps shutting down
Comments
-
One of the reasons I asked you to run Dr web was to remove a file that for some reason still never worked via combofix (I didnt want to tell you it failed again
)
So this file probably still needs removing ~
c:\windows\system32\drivers\kgpcpy.cfg
:idea:0 -
Thanks
c:\windows\system32\drivers\kgpcpy.cfg removed0 -
Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_superantispyware/
UPDATE and PERFORM COMPLETE SCAN
(Then goto console and LOGS and post the log it created then untick it from STARTING UP WITH WINDOWS)
Download SPYBOT (Make sure you click 'DOWNLOAD LATEST VERSION' ~ make sure TEA TIMER is UNTICKED on installation)
http://www.filehippo.com/download_spybot_search_destroy/
UPDATE and IMMUNISE (Make sure it reads ZERO unprotected) and SCAN:idea:0 -
I take it that the above 2 programs will not conflict with other things I have
Thanks0 -
No they wont:idea:0
-
Thanks
Have run Superantispyware and uncehcked run on start up
Here is log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/26/2010 at 07:36 AM
Application Version : 4.33.1000
Core Rules Database Version : 4517
Trace Rules Database Version: 2329
Scan type : Complete Scan
Total Scan Time : 00:16:05
Memory items scanned : 598
Memory threats detected : 0
Registry items scanned : 7890
Registry threats detected : 0
File items scanned : 18956
File threats detected : 41
Adware.Tracking Cookie
C:\Documents and Settings\Cookies\hills@ipcmedia.122.2o7[1].txt
C:\Documents and Settings\Cookies\hills@advertising[2].txt
C:\Documents and Settings\Cookies\hills@imrworldwide[2].txt
C:\Documents and Settings\Cookies\hills@122.2o7[1].txt
C:\Documents and Settings\Cookies\hills@tribalfusion[2].txt
C:\Documents and Settings\Cookies\hills@questionmarket[1].txt
C:\Documents and Settings\Cookies\hills@audience2media[1].txt
C:\Documents and Settings\Cookies\hills@atdmt[1].txt
C:\Documents and Settings\Cookies\hills@cdn5.specificclick[1].txt
C:\Documents and Settings\Cookies\hills@revsci[1].txt
C:\Documents and Settings\Cookies\hills@associatedcontent.112.2o7[1].txt
C:\Documents and Settings\Cookies\hills@2o7[1].txt
C:\Documents and Settings\Cookies\hills@content.yieldmanager[3].txt
C:\Documents and Settings\Cookies\hills@bs.serving-sys[1].txt
C:\Documents and Settings\Cookies\hills@stats.paypal[2].txt
C:\Documents and Settings\Cookies\hills@premiumtv.122.2o7[1].txt
C:\Documents and Settings\Cookies\hills@paypal.112.2o7[1].txt
C:\Documents and Settings\Cookies\hills@uk.sitestat[1].txt
C:\Documents and Settings\Cookies\hills@findarticles[2].txt
C:\Documents and Settings\Cookies\hills@www.windowsmedia[1].txt
C:\Documents and Settings\Cookies\hills@audience2media[3].txt
C:\Documents and Settings\Cookies\hills@www.googleadservices[1].txt
C:\Documents and Settings\Cookies\hills@invitemedia[1].txt
C:\Documents and Settings\Cookies\hills@ads.audience2media[1].txt
C:\Documents and Settings\Cookies\hills@click.condenastinteractive.co[2].txt
C:\Documents and Settings\Cookies\hills@tacoda[2].txt
C:\Documents and Settings\Cookies\hills@247realmedia[1].txt
C:\Documents and Settings\Cookies\hills@ads.associatedcontent[1].txt
C:\Documents and Settings\Cookies\hills@at.atwola[2].txt
C:\Documents and Settings\Cookies\hills@womanandhome.ipcmediasecure[1].txt
C:\Documents and Settings\Cookies\hills@specificclick[1].txt
C:\Documents and Settings\Cookies\hills@audience2media[2].txt
C:\Documents and Settings\Cookies\hills@ad.yieldmanager[2].txt
C:\Documents and Settings\Cookies\hills@serving-sys[2].txt
C:\Documents and Settings\Cookies\hills@adtech[2].txt
C:\Documents and Settings\Cookies\hills@content.yieldmanager[1].txt
C:\Documents and Settings\OEM Computer.OEM-F09D41D6F12\Cookies\oem_computer@atdmt[1].txt
C:\Documents and Settings\OEM Computer.OEM-F09D41D6F12\Cookies\oem_computer@msnaccountservices.112.2o7[1].txt
Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A1078022-4051-451E-99CB-AAA3C421A6DA}\RP5\A0002065.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{A1078022-4051-451E-99CB-AAA3C421A6DA}\RP8\A0003189.SYS
Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID0 -
I downloaded Spybot and made sure Tea Timer was unticked and also immunised.
Sacnned
I it said I was all clear0 -
Hows the computer now?:idea:0
-
It seems fine
I havn't had the 'timer count down to reboot' for a few days.
I presume I'll still get 'virus found' when I do scans as it all depends on what scanner you use and their idea of 'a virus' ?.
Do you think I'm ok ?
Many thanks for all the effort you have put into helping me.0 -
Update malwarebytes and run another FULL scan and post the results
Itll give me a much better idea of whats going on:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 349.9K Banking & Borrowing
- 252.6K Reduce Debt & Boost Income
- 453K Spending & Discounts
- 242.8K Work, Benefits & Business
- 619.6K Mortgages, Homes & Bills
- 176.4K Life & Family
- 255.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 15.1K Coronavirus Support Boards