wallmg

Member
  • Content Count

    72
  • Joined

  • Last visited

Community Reputation

0 Neutral

About wallmg

  • Rank
    Active Member
  1. This may or may not be related to an issue I reported here on 3/12/2012, but now when I get to the log in screen and type in my password, it doesn't recognize my password and won't let me log in. I tried as administrator as well, to no avail. I leave my computer on all the time, and sometimes I will come in to my office and find my computer at the log-in window, which means it had to have logged off on it's own. At the log-in screen, there will sometimes be two log-in options instead of the usual one: one option is as "Administrator," the other is my normal log-in as myself. When this happens, If I log in as Administrator, the desktop and icons look different than usual, and the files are not open that I had open originally. Sometimes when this happened in the past, it wouldn't let me log in as myself. But if I reboot the computer at this point, it usually takes me back to a normal log-in screen and let's me log in normally. This time, however, no matter what I do, it won't let me log in, either as administrator or myself. I've tried shorting the CMOS, and still no luck. Does this sound like some kind of virus, or some other problem? Any ideas for how to get back into my system? Thanks. Mark
  2. Your Java link pointed me to version 6, but I have version 7.2 installed. Are you saying I should install an older version? Is it more stable or something? Mark
  3. The only things I remember doing were running the MicrosoftFixit program in January, I think for networking problems, and then I had to update .NET Framework in an unconventional way, and I remember deleting a couple of entries in the registry that supposedly were leftover from an uninstalled program and were causing error message. Mark
  4. ComboFix log is attached. I meant to mention before that I've been experiencing some strange automatic log-offs on my computer system. This started happening before I noticed the SafeSurf/SurfGuard references. Sometimes I will come in to my office and find my computer at the log-in window, which means it had to have logged off on it's own. On this log-in screen, however, there sometimes two log-in options instead of the usual one: one option is as "Administrator," the other is my normal log-in as myself. It says something to the effect, that in order to keep the files I had open, I must log in as administrator. But when I log in as Administrator, the desktop and icons look different than usual, and the files are not open that I had open originally. And if I remember correctly, it won't let me log in as myself. I basically have to reboot the computer to get back to a normal log-in screen. Does this sound like some kind of malware doings, or some other problem? Thanks for your help! Mark
  5. Oops, sorry. I had skipped Step 4. Attached is the otl log. P.S. Why can't I see the log on my desktop? I have to hit save as when the log opens, and when I point to my desktop, it shows that it's already there, but I can't see it on my desktop unless I save it under a different name.
  6. Attached is the log that came up when the computer rebooted. It's not named otl.txt, so not sure if this is what you need. Couldn't find any other logs. Thanks. Mark
  7. Here is the url for the analysis results: https://www.virustotal.com/file/329b4c97ec3b558a31b5aee52c1a2b6edadca2a54212cc837865dd0f31e12f92/analysis/1331591848/ If this is legit, how did it get installed without my knowledge, and why isn't there a normal way to uninstall? Thanks. Mark
  8. First, I'm sorry for having to post again so soon since last time, but this install package just appeared on my desktop, and I never clicked it, but apparently it installed itself. I keep getting messages about Safesurf and Surfguard. I went to uninstall them but they didn't show up in Add/Remove Programs. But I found them under Processes in Task Manager and ended the processes. I'm sure they'll show up again when I restart my computer. I don't want them at all, but can't figure out how to uninstall them, so I'm assuming it's malware. Note: When I changed my Folder Options to Show Hidden Files and Folders, a folder titled "js" showed up on my C drive. In it are the safesurf.exe and surfguard.exe files, among some other files. There is also a SafeSurf ABUSE README.txt document that reads: ENGLISH VERSION BELOW Если вы обнаружили этот файл, на вашем копьютере установлена программа SafeSurf, предназначенная для просмотра сайтов пользователями системы JetSwap Если вы являетесь владельцем компьютера и программа была установлена без вашего согласия или ведома, перейдите по ссылке http://go.jetswap.co...4&authkey=98589 Пользователь будет заблокирован, а программа удалена с компьютера. Приносим Вам свои извинения за действия одного из наших пользователей, нарушающего правила системы. If you found this file on your computer installed SafeSurf, designed for browsing by users of the system JetSwap If you own a computer and the program was installed without your consent or knowledge, go to http://go.jetswap.co...4&authkey=98589 The user will be blocked and the program will be deleted from your computer. We apologize for the actions of one of our users who abuse the system. I don't know if I should trust it enough to go to that website to have it deleted from my computer???? I've attached the EEK and OTL reports. I couldn't find the OTL.txt or the Extras.txt documents anywhere, but when I tried to save to my desktop the OTL.txt report that opened when the scan finished, it asked me if I wanted to overwrite the existing file there, even though I could not find a file there. So I saved it as OTL2.txt instead of overwriting it. I'm sure the Extra.txt file is there somewhere hidden, but I can't find it or see it. Thanks. Mark
  9. Thank you so much for your time and assistance! Mark
  10. Regarding the above post: I meant to say things seem to be running OK now, except there are some errors that have been showing up in my Event Viewer, under System. Not sure if they are related to the virus/malware or not. EventIDs 7023, 7022, 7026, 7034, 7031 / Source: Service Control Manager. The latter two might have been one time events, but the first three seem to be happening more. Thanks. Mark