Results 1 to 10 of 81

Thread: BraveSentry removed? - problems remain

Hybrid View

  1. 07-21-2007, 12:50 AM #1
    pkraft
    pkraft is offline Member
    Join Date
    Jul 2007
    Posts
    39

    New Problem

    Quote Originally Posted by jholland1964 View Post
    Ok, Kaspersky did note some items...some are likely back-ups of Killbox and SmitfraudFix.

    C:\!KillBox\ud.dll

    C:\Documents and Settings\Administrator\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix

    Get rid of both of those programs. If you need them again they can always be downloaded.

    Some viruses were also noted in your Outlook Express so you need to go in there and delete all old mail it really is NOT a good idea to keep emails this long. This one is dated October 26, 2005.
    I am going to PM you the location. It does contain an email address and it isn't a good idea to post the address on an open forum. Since the Kaspersky log also contains this address I am going to remove it from the log also and then see if I can re-attach the altered log. I will assume that you also still have the original and I will also keep a copy of the full original until we are certain it is not needed anymore.

    Norton Quarentine needs to be emptied.
    You also need to go in and empty;
    C:\RECYCLER\
    Also, if you are running Norton SystemWorks, it also has a Norton Protected Recycle Bin.. Make sure you clean that..

    I would also like you to run another online scan...this time do the Panda Scan, it will often times offer you the chance to clean, if so then please do so.
    Judy, was working along thru these. Got about 3 -4 minutes into the Panda Scan & a System Shutdown box came up with a countdown timer - tried to get as much of it written down as I could. This is what I got:

    NT Authority Sym???? windows/system32/sass.exe

    The pc locked up. Couldn't do anything. Had to hit reset to restart it & I get through the windows login to the blue screen - then nothing. No desktop. No icons. Just the blank screen. Tried Safe Mode - same thing.

    pk
    Reply With Quote Reply With Quote
  2. 07-21-2007, 08:03 AM #2
    pkraft
    pkraft is offline Member
    Join Date
    Jul 2007
    Posts
    39
    Quote Originally Posted by pkraft View Post
    NT Authority Sym???? windows/system32/sass.exe
    pk
    I mistyped the file name - it was lsass.exe

    pk
    Reply With Quote Reply With Quote
  3. 07-21-2007, 09:30 AM #3
    jholland1964's Avatar
    jholland1964
    jholland1964 is offline Administrator
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    80
    Posts
    4,079
    Disconnect the computer from the internet again. Go back to the usable computer and your usb device
    Download ComboFix.exe
    Try again to boot the infected computer...fingers and toes crossed again.
    Hopefully you will be able to run this on the infected computer...
    Double click combofix.exe & follow the prompts.
    When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window while its running. That may cause it to stall
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules