Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Think Point Virus  (Read 19656 times)

0 Members and 1 Guest are viewing this topic.

darts44

    Topic Starter


    Beginner

    Thanked: 1
    Re: Think Point Virus
    « Reply #15 on: November 04, 2010, 01:01:04 PM »
    Hi! Dave, Here is what i did:
    downloaded the ComboFix from BleepingComputer.com and renamed it and saved on my desktop.
    Disebled my AntiVirus from ZoneAlarm
    Typed in START   "%userprofile%\desktop\commy.exe"/stepdel and hit ENTER
    then i got the message: C:\Users\Yves\desktop\commy.exe is not a valid Win32 application
     :'( Regards, Yves
    darts44
    The ignorant person does not know enough to know that he does not know.
    He that knows not and knows not that he knows not, he is a fool, shum him.
    He that knows not and knows that he knows not, he is teachable, teach him.
    He that knows and knows that he knows, he is wise, follow him.

    darts44

      Topic Starter


      Beginner

      Thanked: 1
      Re: Think Point Virus
      « Reply #16 on: November 04, 2010, 01:11:32 PM »
      Hi! Dave, after i hit the enter an windows opened , see additional options and clicked on RUN and then got the message.
      I am on Wndows 7 prenium.Regards, Yves
      darts44
      The ignorant person does not know enough to know that he does not know.
      He that knows not and knows not that he knows not, he is a fool, shum him.
      He that knows not and knows that he knows not, he is teachable, teach him.
      He that knows and knows that he knows, he is wise, follow him.

      darts44

        Topic Starter


        Beginner

        Thanked: 1
        Re: Think Point Virus
        « Reply #17 on: November 04, 2010, 01:13:07 PM »
        Here the additional

        [recovering disk space - old attachment deleted by admin]
        darts44
        The ignorant person does not know enough to know that he does not know.
        He that knows not and knows not that he knows not, he is a fool, shum him.
        He that knows not and knows that he knows not, he is teachable, teach him.
        He that knows and knows that he knows, he is wise, follow him.

        SuperDave

        • Malware Removal Specialist
        • Moderator


        • Genius
        • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: Think Point Virus
        « Reply #18 on: November 04, 2010, 01:14:24 PM »
        Ok. Delete ComboFix. Let's try this to see what's happening on your computer.

        Download OTL  to your Desktop
        • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
        • Under the Custom Scan box paste this in
        netsvcs
        msconfig
        safebootminimal
        safebootnetwork
        activex
        drivers32
        %SYSTEMDRIVE%\*.exe
        %systemroot%\*. /mp /s
        c:\$recycle.bin\*.* /s
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
        /md5start
        eventlog.dll
        scecli.dll
        netlogon.dll
        cngaudit.dll
        sceclt.dll
        ntelogon.dll
        logevent.dll
        iaStor.sys
        nvstor.sys
        nvstor32.sys
        atapi.sys
        IdeChnDr.sys
        viasraid.sys
        AGP440.sys
        vaxscsi.sys
        nvatabus.sys
        viamraid.sys
        nvata.sys
        nvgts.sys
        iastorv.sys
        ViPrt.sys
        eNetHook.dll
        explorer.exe
        svchost.exe
        userinit.exe
        qmgr.dll
        ws2_32.dll
        proquota.exe
        imm32.dll
        kernel32.dll
        ndis.sys
        autochk.exe
        spoolsv.exe
        xmlprov.dll
        ntmssvc.dll
        mswsock.dll
        Beep.SYS
        ntfs.sys
        termsrv.dll
        sfcfiles.dll
        st3shark.sys
        ahcix86.sys
        srsvc.dll
        nvrd32.sys
        /md5stop
        %systemroot%\system32\*.dll /lockedfiles
        %systemroot%\Tasks\*.job /lockedfiles

        • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
          • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
          • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time
        Windows 8 and Windows 10 dual boot with two SSD's

        darts44

          Topic Starter


          Beginner

          Thanked: 1
          Re: Think Point Virus
          « Reply #19 on: November 04, 2010, 01:44:14 PM »
          Hi! Dave, did it, but the same. Got a windows with RUN and then the message:
          C:\Users\Yves\Desktop\OTL.exe is not a valit Win 32 application.
          Regards, Yves  :'(
          darts44
          The ignorant person does not know enough to know that he does not know.
          He that knows not and knows not that he knows not, he is a fool, shum him.
          He that knows not and knows that he knows not, he is teachable, teach him.
          He that knows and knows that he knows, he is wise, follow him.

          darts44

            Topic Starter


            Beginner

            Thanked: 1
            Re: Think Point Virus
            « Reply #20 on: November 04, 2010, 02:01:08 PM »
            Hi! Dave, This may help?See additional. Regards, Yves

            [recovering disk space - old attachment deleted by admin]
            darts44
            The ignorant person does not know enough to know that he does not know.
            He that knows not and knows not that he knows not, he is a fool, shum him.
            He that knows not and knows that he knows not, he is teachable, teach him.
            He that knows and knows that he knows, he is wise, follow him.

            darts44

              Topic Starter


              Beginner

              Thanked: 1
              Re: Think Point Virus
              « Reply #21 on: November 04, 2010, 02:05:57 PM »
              Here the real name :
              csrss.exe
              dwm.exe
              hotfix.exe
              taskhost.exe
              taskmgr.exe
              Winlogon.exe
              there was also somewhere , but i can't remember:
              (waiting for) Form2
              darts44
              The ignorant person does not know enough to know that he does not know.
              He that knows not and knows not that he knows not, he is a fool, shum him.
              He that knows not and knows that he knows not, he is teachable, teach him.
              He that knows and knows that he knows, he is wise, follow him.

              darts44

                Topic Starter


                Beginner

                Thanked: 1
                Re: Think Point Virus
                « Reply #22 on: November 04, 2010, 02:22:56 PM »
                Hi! Dave, This may help too. See additional. Regards, Yves

                [recovering disk space - old attachment deleted by admin]
                darts44
                The ignorant person does not know enough to know that he does not know.
                He that knows not and knows not that he knows not, he is a fool, shum him.
                He that knows not and knows that he knows not, he is teachable, teach him.
                He that knows and knows that he knows, he is wise, follow him.

                SuperDave

                • Malware Removal Specialist
                • Moderator


                • Genius
                • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: Think Point Virus
                « Reply #23 on: November 04, 2010, 04:32:33 PM »
                Deleting legitimate Windows files certainly doesn't help me and it certainly doesn't help your computer. I specifically asked you at the start not to do anything on your own. Please run this to see if any damage was done to the computer.

                Do you have your OS  CD/DVD?

                If so,

                1/ Click the Start button.

                2/ From the Start Menu, Click All programs followed by Accessories.

                3/ In the Accessories menu, Right Click on the Command Prompt option.

                4/ From the drop down menu that appears, Click on the Run as administrator option.

                5/ If you have the User Account Control (UAC) enabled you will be asked for authorisation prior to the command prompt opening. You may simply need to press the Continue button if you are the administrator or insert the administrator password etc.

                6/ In the Command Prompt window, type: sfc /scannow and then press Enter.

                7/ A message will appear stating that the system scan will begin.

                8/ Be patient because the scan may take some time.

                9/ If any files require replacing SFC will replace them. You may be asked to insert your Vista DVD for this process to continue.

                10/ If everything is okay you should, after the scan, see the following message Windows resource protection did not find any integrity violations.

                11/ After the scan has completed, Close the command prompt window.
                Windows 8 and Windows 10 dual boot with two SSD's

                darts44

                  Topic Starter


                  Beginner

                  Thanked: 1
                  Re: Think Point Virus
                  « Reply #24 on: November 04, 2010, 04:48:16 PM »
                  Hi! Dave, That was before i asked your help, since then i followed your instructions to the letter.
                  OK , i soon as the scan is finish , i let you know. Regards, Yves
                  darts44
                  The ignorant person does not know enough to know that he does not know.
                  He that knows not and knows not that he knows not, he is a fool, shum him.
                  He that knows not and knows that he knows not, he is teachable, teach him.
                  He that knows and knows that he knows, he is wise, follow him.

                  darts44

                    Topic Starter


                    Beginner

                    Thanked: 1
                    Re: Think Point Virus
                    « Reply #25 on: November 04, 2010, 05:04:45 PM »
                    HI1 Dave, I am not on Vista, but on Windows 7 prenium. Regards, Yves
                    darts44
                    The ignorant person does not know enough to know that he does not know.
                    He that knows not and knows not that he knows not, he is a fool, shum him.
                    He that knows not and knows that he knows not, he is teachable, teach him.
                    He that knows and knows that he knows, he is wise, follow him.

                    darts44

                      Topic Starter


                      Beginner

                      Thanked: 1
                      Re: Think Point Virus
                      « Reply #26 on: November 04, 2010, 05:12:43 PM »
                      Hi! Dave,
                      In the Windows Command Prompt, there is :
                      C:\Windows\system32>_
                      Should i complete the sentence like this:  C:\Windows\system32>sfc/scannow
                      or
                      to start a new one with just:  sfc/scannow   
                      Regards, Yves
                      darts44
                      The ignorant person does not know enough to know that he does not know.
                      He that knows not and knows not that he knows not, he is a fool, shum him.
                      He that knows not and knows that he knows not, he is teachable, teach him.
                      He that knows and knows that he knows, he is wise, follow him.

                      darts44

                        Topic Starter


                        Beginner

                        Thanked: 1
                        Re: Think Point Virus
                        « Reply #27 on: November 04, 2010, 06:00:52 PM »
                        Hi! Dave,
                        I worked the solution to my preview reply myself and did the scan.
                        I am very happy to report: Windows resource protection did not find any integrity violations.
                        Regards ,Yves  ;D
                        darts44
                        The ignorant person does not know enough to know that he does not know.
                        He that knows not and knows not that he knows not, he is a fool, shum him.
                        He that knows not and knows that he knows not, he is teachable, teach him.
                        He that knows and knows that he knows, he is wise, follow him.

                        SuperDave

                        • Malware Removal Specialist
                        • Moderator


                        • Genius
                        • Thanked: 1020
                        • Certifications: List
                        • Experience: Expert
                        • OS: Windows 10
                        Re: Think Point Virus
                        « Reply #28 on: November 05, 2010, 12:18:35 PM »
                        Ok. Please run OTL as suggested in Reply # 18 and post the logs.
                        Windows 8 and Windows 10 dual boot with two SSD's

                        darts44

                          Topic Starter


                          Beginner

                          Thanked: 1
                          Re: Think Point Virus
                          « Reply #29 on: November 05, 2010, 03:22:54 PM »
                          Hi! Dave,
                          Downloaded the OTL twice, the reason and explanation for that is in the additionals.
                          There is no byte in the dowloaded file, see additional.
                          Then , when i run it , i got the message, see additional.
                          I am not sure, but could it be possible something is preventing the complete download?
                          Regards, Yves

                          [recovering disk space - old attachment deleted by admin]
                          darts44
                          The ignorant person does not know enough to know that he does not know.
                          He that knows not and knows not that he knows not, he is a fool, shum him.
                          He that knows not and knows that he knows not, he is teachable, teach him.
                          He that knows and knows that he knows, he is wise, follow him.