Personal log - star date 7-11-niner.3014
Dec. 17th, 2008 05:14 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
vicarzStill working on it:
though I found something about it on the avg.com website, downloaded its
http://www.avg.com/virus-removal.ndi-67751
tool was run, but it either died or found nothing - it ran in safe mode and seemed to work, I never saw it found anything but it shut itself down when it was done (or it crashed) when I was in the other room.
(edit - re-ran and while it shuts on exit, when it scanned c it found nothing, i caught it while it was still scanning d)
This is the message I get when I run avg from safe mode (when I run it in regular mode it finds nothing wrong at all):
AVG 8.0 Anti-Virus command line scanner
Copyright (c) 1992 - 2008 AVG Technologies
Program version 8.0.145, engine 8.0.0
Virus Database: Version 270.9.19/1853 2008-12-17
C:\Boot\BCD.LOG Locked file. Not tested.
C:\Boot\BCD Locked file. Not tested.
C:\Documents and Settings\ Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\ProgramData\Desktop\ Locked file. Not tested.
C:\ProgramData\Documents\ Locked file. Not tested.
C:\ProgramData\Favorites\ Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\abba24fc1771c6fd975f89f26b344bf6_67ba6c58-a5f5-4dae-b7ce-2664c0d71d7b Locked file. Not tested.
C:\ProgramData\Templates\ Locked file. Not tested.
C:\System Volume Information\ Locked file. Not tested.
C:\Users\Abuser 1\AppData\Local\History\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Music\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Videos\ Locked file. Not tested.
C:\Users\Abuser 1\NetHood\ Locked file. Not tested.
C:\Users\Abuser 1\PrintHood\ Locked file. Not tested.
C:\Users\Abuser 1\Templates\ Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\History\ Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Music\ Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Videos\ Locked file. Not tested.
C:\Users\Abuser 2\NetHood\ Locked file. Not tested.
C:\Users\Abuser 2\NTUSER.DAT Locked file. Not tested.
C:\Users\Abuser 2\ntuser.dat.LOG1 Locked file. Not tested.
C:\Users\Abuser 2\ntuser.dat.LOG2 Locked file. Not tested.
C:\Users\Abuser 2\PrintHood\ Locked file. Not tested.
C:\Users\Abuser 2\Templates\ Locked file. Not tested.
C:\Users\Default\AppData\Local\History\ Locked file. Not tested.
C:\Users\Default\AppData\Local\Temporary Internet Files\ Locked file. Not tested.
C:\Users\Default\Cookies\ Locked file. Not tested.
C:\Users\Default\Documents\My Music\ Locked file. Not tested.
C:\Users\Default\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Default\Documents\My Videos\ Locked file. Not tested.
C:\Users\Default\NetHood\ Locked file. Not tested.
C:\Users\Default\PrintHood\ Locked file. Not tested.
C:\Users\Default\Recent\ Locked file. Not tested.
C:\Users\Default\Templates\ Locked file. Not tested.
C:\Users\Public\Documents\My Music\ Locked file. Not tested.
C:\Users\Public\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Public\Documents\My Videos\ Locked file. Not tested.
Virus that was logged was JS/Downloader.Agent, said it caught and moved it to quarantine or something. Computer seems to act normally.
Under that name I find solutions, but from sites I don't recognize or have reason to trust (or distrust)
http://www.precisesecurity.com/threats/jsdownloaderagent/
Did clear the java files as described here
Lots of sites say it is just a java script, which would make sense as I didn't download or allow any software to load etc. I cleared my java cache (or tried to).
http://answers.yahoo.com/question/index?qid=20080120003802AAAUEw9 says just run mcafree online, which I thik I will do while out because...
Liked the idea of a system restore from safe mode, but I can't find any such function in safe mode. Going to try from regular...or not, it's about time to say fuck this mess and go drink.
though I found something about it on the avg.com website, downloaded its
http://www.avg.com/virus-removal.ndi-67751
tool was run, but it either died or found nothing - it ran in safe mode and seemed to work, I never saw it found anything but it shut itself down when it was done (or it crashed) when I was in the other room.
(edit - re-ran and while it shuts on exit, when it scanned c it found nothing, i caught it while it was still scanning d)
This is the message I get when I run avg from safe mode (when I run it in regular mode it finds nothing wrong at all):
AVG 8.0 Anti-Virus command line scanner
Copyright (c) 1992 - 2008 AVG Technologies
Program version 8.0.145, engine 8.0.0
Virus Database: Version 270.9.19/1853 2008-12-17
C:\Boot\BCD.LOG Locked file. Not tested.
C:\Boot\BCD Locked file. Not tested.
C:\Documents and Settings\ Locked file. Not tested.
C:\pagefile.sys Locked file. Not tested.
C:\ProgramData\Desktop\ Locked file. Not tested.
C:\ProgramData\Documents\ Locked file. Not tested.
C:\ProgramData\Favorites\ Locked file. Not tested.
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\abba24fc1771c6fd975f89f26b344bf6_67ba6c58-a5f5-4dae-b7ce-2664c0d71d7b Locked file. Not tested.
C:\ProgramData\Templates\ Locked file. Not tested.
C:\System Volume Information\ Locked file. Not tested.
C:\Users\Abuser 1\AppData\Local\History\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Music\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Abuser 1\Documents\My Videos\ Locked file. Not tested.
C:\Users\Abuser 1\NetHood\ Locked file. Not tested.
C:\Users\Abuser 1\PrintHood\ Locked file. Not tested.
C:\Users\Abuser 1\Templates\ Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\History\ Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not tested.
C:\Users\Abuser 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Music\ Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Abuser 2\Documents\My Videos\ Locked file. Not tested.
C:\Users\Abuser 2\NetHood\ Locked file. Not tested.
C:\Users\Abuser 2\NTUSER.DAT Locked file. Not tested.
C:\Users\Abuser 2\ntuser.dat.LOG1 Locked file. Not tested.
C:\Users\Abuser 2\ntuser.dat.LOG2 Locked file. Not tested.
C:\Users\Abuser 2\PrintHood\ Locked file. Not tested.
C:\Users\Abuser 2\Templates\ Locked file. Not tested.
C:\Users\Default\AppData\Local\History\ Locked file. Not tested.
C:\Users\Default\AppData\Local\Temporary Internet Files\ Locked file. Not tested.
C:\Users\Default\Cookies\ Locked file. Not tested.
C:\Users\Default\Documents\My Music\ Locked file. Not tested.
C:\Users\Default\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Default\Documents\My Videos\ Locked file. Not tested.
C:\Users\Default\NetHood\ Locked file. Not tested.
C:\Users\Default\PrintHood\ Locked file. Not tested.
C:\Users\Default\Recent\ Locked file. Not tested.
C:\Users\Default\Templates\ Locked file. Not tested.
C:\Users\Public\Documents\My Music\ Locked file. Not tested.
C:\Users\Public\Documents\My Pictures\ Locked file. Not tested.
C:\Users\Public\Documents\My Videos\ Locked file. Not tested.
Virus that was logged was JS/Downloader.Agent, said it caught and moved it to quarantine or something. Computer seems to act normally.
Under that name I find solutions, but from sites I don't recognize or have reason to trust (or distrust)
http://www.precisesecurity.com/threats/jsdownloaderagent/
Did clear the java files as described here
Lots of sites say it is just a java script, which would make sense as I didn't download or allow any software to load etc. I cleared my java cache (or tried to).
http://answers.yahoo.com/question/index?qid=20080120003802AAAUEw9 says just run mcafree online, which I thik I will do while out because...
Liked the idea of a system restore from safe mode, but I can't find any such function in safe mode. Going to try from regular...or not, it's about time to say fuck this mess and go drink.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2008-12-18 12:00 am (UTC)no subject
Date: 2008-12-18 02:07 am (UTC)no subject
Date: 2008-12-18 02:12 am (UTC)Microsoft also released a patch today, several weeks ahead of their usual schedule. If you haven't already headed over to their site for the download, I'd also recommend that.
http://www.microsoft.com/protect/computer/updates/bulletins/200812_oob.mspx
no subject
Date: 2008-12-18 02:34 am (UTC)Yeesh!
no subject
Date: 2008-12-18 12:00 am (UTC)Also, Start -> Run -> type RSTRUI and press Enter will also get you System Restore.
no subject
Date: 2008-12-18 12:05 am (UTC)I use the Smitfraudfix rather often and it won't hurt your system to use it (whether or not you're infected with the kind of crap it can remove). If you feel like giving it a whirl, download the latest Smitfraudfix from here (http://siri.geekstogo.com/SmitfraudFix.php), and run it in Safe Mode.
no subject
Date: 2008-12-18 02:36 am (UTC)Also thanks, and thanks for restore instructions. May try that next or tomorrow as this is eating time and I sleeps soon.
no subject
Date: 2008-12-19 12:42 am (UTC):(
no subject
Date: 2008-12-19 12:49 am (UTC)