Jump to content

cwalker21

Members
  • Content Count

    6
  • Joined

  • Last visited

About cwalker21

  • Rank
    Newbie
  1. I found an Autorun entry Ffuzevad run from oquyijike.dll at Startup C:\Windows. Deselecting in sysinternals Autoruns doesn't stop it, it's there when I go back in. No search engine I have tried yields any results for either term. Suggestions?
  2. We are back to the log on-instant log off routine. The only way in is XP Recovery Console. Ran chkdsk, got message 'The volume appears to be in good condition and was not checked.' Should I run chkdsk/p?
  3. Seth--Got it, thanks for the clarification. I hope you and the other helpers may be around Saturday; she thinks the ugly thing is back. I wonder if the rogue may be in a song she downloaded from who knows where. Does that make any sense? If so, how might I determine that? I plan to back off her key data (90% music & pictures, 10% school related docs) to a desktop unit, get rid of current restore points, delete her current user and create a new one without administrator rights for every day use. During the infestation, malwarebytes would not work. Should I use that in conjunction with SAS, and should I uninstall/reinstall MWB first? Any suggestions on the plan of attack would be appreciated. Thanks. Regards, Chris
  4. Seth--She was running AVG Free 9.0. I switched to Avira Free after the incident. Please explain what chkdsk does that might address the rogue infestation. Thanks. Chris
  5. Never mind, I guess. Somehow I had forgotten the XP boot from cd thing where Recovery Console really isn't the place to go for repairs. You have to go to Install and select Repair. Makes you wonder about the way the brains at Microsoft work. Anyway, ran the Repair Installation thingy, and the the old machine booted without logging off instantaneously. Of course it's never easy to exit the Windows Wilderness, so Firefox couldn't connect to anything even though the wireless connection looked fine. Shockingly, IE, which I never use, fixed it with Tools/Diagnose Connection Problems. It is always good to have one's assumptions challenged, humility is under-experienced these days. I have to say I think I like the SAS product, but I am still wondering if I should have said yes to the restart message after removing the evildoers. Chris
  6. College daughter's Dell Latitude D620 laptop infected with rogue Antivirus Live (smss32.exe). SAS found and removed. I got a message to reboot to complete removal and did so. Now when logging on, desktop background shows briefly, then it logs off ('Saving your settings...Logging off'). This happens with all users and all Safe Mode options. I can enter Recovery Console with boot from XP cd, and confirmed existence of userinit.exe in the System32 folder. Any suggestions would be most welcome. Chris
×
×
  • Create New...