"c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"= 11:08đ80269 -a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe Updates from HP.lnk - c:\program files\Updates from HP\309731\Program\Updates from HP.exe HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe "MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" Ĭ:\documents and settings\All Users\Start Menu\Programs\Startup\ "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" "VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\qttask.exe"
"capfupgrade"="c:\program files\CA\Security Suite\CA Personal Firewall\capfupgrade.exe" "capfasem"="c:\program files\CA\Security Suite\CA Personal Firewall\capfasem.exe" "Recguard"="c:\windows\SMINST\RECGUARD.EXE" Running from: c:\documents and settings\HP_Owner\Desktop\ComboFix.exeĪV: avast! Antivirus *Disabled/Updated* \hphupd06.exe"
Microsoft Windows XP Home Edition 5.1.2.18.447.222 I won't log in until someone can help me before I screw it up even more. So it rebooted (this was yesterday) and my comp seemed to boot ok and went to the login screen for my username like it normally does but I haven't logged in yet. I'm not sure if other messages from the CF window popped up before that since I wasn't by my comp the whole time. Finally around 22 hours after it started, I was checking it and the scan said "do not maunally reboot" and said "it will automatically reboot when it completes". I was checking periodically to see if it would finish. I also brought up the task manager with ctrl+alt+delete but I didn't change or close any processes or programs. During the scan, I did click in the CF window and scrolled up and down and also right clicked. Also it said deleting folders and had some that said like documents and settings\admin\windows and system32\config\systemprofile\windows. Next it went through the 50 stages and it said deleting files. Access is denied." The desktop had also disappeared. At this point in the scan, it already said Scanning for infected files.this usually doesn't take more than 10 minutes etc. So when I realized the antivirus went back on I disabled it permanently this time. When my antivirus came back on, CF already set up a new restore point and backed up the registry. I also forgot to shutdown the windows firewall. Before I started scanning I disabled my antivirus Avast 5 but I didn't permanently disable it and it came back on after 10 minutes. The scan went on for around 22 hours, so I must've caused it to stall. I should've come here first before using it.
So I was looking for software that could remove it and read about ComboFix being thorough and the best to remove the virus. I started noticing Friday that when I clicked on links when doing a search, some of them would redirect to other websites.