G
Guest
I have a DELL Inspiron 6000 running Windows XP Home Edition SP2. I was
browsing the web searching for a medicine properties and I guess it was when
the virus entered my computer. It has been almost 2 weeks now. The virus was
(or is) a Trojan, it appeared as a yellow triangle with "!" sign in the
middle resembling windows alerts; alerting me of potential spyware action.
Minutes later a pop-up appeared and if I click on it (which I did by mistake,
was chatting and hit the enter key when it poped-up) it will re-direct me to
a home page which I never used. I also got my homepage changed (hijacked) to
google.
I had installed AVG anti-virus and it didn't detect the Trojan nor it
avoided its entrance. Now I have Avast.
I have tried many things to kill the virus and work normally but I have not
been successful. When I downloaded SPYWAREfighter (by that time I was aware
of the Trojan and its big power), I had to re-start my computer and then all
got worse.
First it started re-booting automatically, second, when I started in Safe
Mode, I was not able to see the Control Panel icon anymore.
I tried to uninstall the SPYWAREfighter but it didn't let me do it since I
was working in Safe Mode. Finally I bought the XoftSpySE package (including
RegCure) and run it. It found many undesirable files and removed them. Same
thing with RegCure, it found many problems and claimed it had solved them.
But it did not. The system was re-booting automatically when I tried to start
in Normal Mode and the Control Panel was no-where.
Just to check, I tried to Run--> regedit, but it says that it has been
disabled by my administrator. Also it has appeared a few times a popup
indicating that I have "restrictions" in this computer.
Checking the Manage Startup of RegCure, I found that a file (WinAvXXX.exe if
I can recall well) was in first place, I searched for it in the internet and
found a way to remove it and I think I did it, I used SmitfraudFix to do
this, and since then the yellow triangle and the pop up window dissapeared.
But again, when I started in Normal Mode the system rebooted automatically. I
had support from Pareto Systems (the creators of XoftSpy SE and RegCure) and
the Trojans that were continiously appearing everytime I run the scan,
disappeared. However I still can't run my computer in Normal Mode.
Today I decided to re-install Windows and when in the process a pop up
window appeared saying that (I am sorry I didn't copy the text) there were
restrictions in my computer and that a certain characteristic/process could
not be performed. And here I am, working on Safe Mode.
After re-installing Windows, I run XoftSpy SE and found two problems rated
low risk by that program (two cookies) which I removed; I also scanned the
computer with RegCure, this time the results were as follows: 265 Problems
Found
3 COM/ActiveX Entries
1 Application Paths
4 Help Files Information
4 Windows Startup Items
136 File/Path References
1 Program Shortcuts
116 Empty Registry Keys
The program claimed it solved all the problems.
Another "intersting" thing that I noticed was when I was re-starting the
computer in Safe Mode, I saw that the lines read Partition2, and this
computer (hard drive) is not partitioned.
Finally, when I have started in Normal Mode and the computer automatically
re-boot, the following legend has appeared (in a blue background):
"STOP: c000021a {Fatal System errpr}
The Windows subsystem system process terminated unexpectedly with a status
0xc0000005 (0x7c9106c3 0x0055f36c).
The system has been shut down.
Beginning dump of physical memory
Physical memory dump complete.
Contact your system administrator or technical support group for further
assistance"
And that is what I am doing, asking for HELP in this technical support
group. I think I have made the most before posting this here, so if anyone
with knoledge about this problem can help me, I will be very happy.
Thank you so much in advance.
Edgardo
browsing the web searching for a medicine properties and I guess it was when
the virus entered my computer. It has been almost 2 weeks now. The virus was
(or is) a Trojan, it appeared as a yellow triangle with "!" sign in the
middle resembling windows alerts; alerting me of potential spyware action.
Minutes later a pop-up appeared and if I click on it (which I did by mistake,
was chatting and hit the enter key when it poped-up) it will re-direct me to
a home page which I never used. I also got my homepage changed (hijacked) to
google.
I had installed AVG anti-virus and it didn't detect the Trojan nor it
avoided its entrance. Now I have Avast.
I have tried many things to kill the virus and work normally but I have not
been successful. When I downloaded SPYWAREfighter (by that time I was aware
of the Trojan and its big power), I had to re-start my computer and then all
got worse.
First it started re-booting automatically, second, when I started in Safe
Mode, I was not able to see the Control Panel icon anymore.
I tried to uninstall the SPYWAREfighter but it didn't let me do it since I
was working in Safe Mode. Finally I bought the XoftSpySE package (including
RegCure) and run it. It found many undesirable files and removed them. Same
thing with RegCure, it found many problems and claimed it had solved them.
But it did not. The system was re-booting automatically when I tried to start
in Normal Mode and the Control Panel was no-where.
Just to check, I tried to Run--> regedit, but it says that it has been
disabled by my administrator. Also it has appeared a few times a popup
indicating that I have "restrictions" in this computer.
Checking the Manage Startup of RegCure, I found that a file (WinAvXXX.exe if
I can recall well) was in first place, I searched for it in the internet and
found a way to remove it and I think I did it, I used SmitfraudFix to do
this, and since then the yellow triangle and the pop up window dissapeared.
But again, when I started in Normal Mode the system rebooted automatically. I
had support from Pareto Systems (the creators of XoftSpy SE and RegCure) and
the Trojans that were continiously appearing everytime I run the scan,
disappeared. However I still can't run my computer in Normal Mode.
Today I decided to re-install Windows and when in the process a pop up
window appeared saying that (I am sorry I didn't copy the text) there were
restrictions in my computer and that a certain characteristic/process could
not be performed. And here I am, working on Safe Mode.
After re-installing Windows, I run XoftSpy SE and found two problems rated
low risk by that program (two cookies) which I removed; I also scanned the
computer with RegCure, this time the results were as follows: 265 Problems
Found
3 COM/ActiveX Entries
1 Application Paths
4 Help Files Information
4 Windows Startup Items
136 File/Path References
1 Program Shortcuts
116 Empty Registry Keys
The program claimed it solved all the problems.
Another "intersting" thing that I noticed was when I was re-starting the
computer in Safe Mode, I saw that the lines read Partition2, and this
computer (hard drive) is not partitioned.
Finally, when I have started in Normal Mode and the computer automatically
re-boot, the following legend has appeared (in a blue background):
"STOP: c000021a {Fatal System errpr}
The Windows subsystem system process terminated unexpectedly with a status
0xc0000005 (0x7c9106c3 0x0055f36c).
The system has been shut down.
Beginning dump of physical memory
Physical memory dump complete.
Contact your system administrator or technical support group for further
assistance"
And that is what I am doing, asking for HELP in this technical support
group. I think I have made the most before posting this here, so if anyone
with knoledge about this problem can help me, I will be very happy.
Thank you so much in advance.
Edgardo