I think I have solved this - but I still would love to know...
was my personal info ever at risk? Is this just basically a pop up hoax to get you to buy software or was it someone actually trying to tap into my personal info.
I do all my banking online. Or is there a way to know this?
And should I reinstall Norton? I have seen posts where people have to reinstall.
I have Norton 360 (inc firewall), and Spyware Dr through Google pack, I use firefox and also have a desktop link to yahoo to access my husbands remote access to his office network. Am I safe?
I want to post this because it may help someone else and I would love an expert opinon. I posted a hijack log a while back and I never got a response, I know how busy you guys are. And I appreciate what your doing. In fact, I already had a computer tech come to my house 2 weeks ago and spent $140. The about 2 days later I had something new, I figured I could figure it out on my own (after watching him) and with the help of BC.
So, after running Adaware I found a trojan, and deleted it and then found 2 rootkit with Spybot that kept returning (until I killed them with AVG rootkit killer). Then I was finding NOTHING through Combofix, Spybot, etc.. I must have ran 10 different spy, mal and ad and virus programs. And nothing was coming up,
BUT, I still had the pop ups. So finally I was just looking at files in C:/WIN/System32/ and looked under details and date, and found something that was saved around the date the problems started. I clicked on it and my message with the countdown immediatly popped up and computer turned off. So, I figured it was corrupt, I scanned it with http://virusscan.jotti.org/
(what a Godsend)! Only one if the many scanners found malware with this file! It was AVIR, of course one that I had not run.
The file resisted deletion, so I downloaded Unlocker and was able to delete. And YEAH! no more pop ups
SORRY TO BE SO WORDY, I just want to help someone else going through this. I think whatever the original problem was, was fixed with the tech. But somehow, something else came back and I killed it with the various programs. And the remaining file was creating pop ups. BTW, it was linked to IE and win log on.
Here are the pop ups:
A balloon pops up from the tray attached to the yellow emblem w/the exclamation point advising:
Your computer might be at risk
*Latest software updates not installed
*Incorrect files association
*System appears to hang
*Firewall has errors
Click balloon to fix the problem
Then another balloon from the tray attached to the red emblem with the x on it will pop up advising:
Tracking process is activated
Can’t deactivate spyware program.
Click baloon to fix the problem
And finally the third balloon from the tray emblem with the four colors (red, green, blue, yellow) advising:
Explicit content is detected:
Further, I receive grey window pop ups :
Your system is unstable.
A problem has been detected and Windows has been shutdown buggy application to prevent damage to your computer, Kernel32x.SYS – Address 0xA73C20AE, error code Co2100, DateStamp 56b836A3, Kernel Debugger on port: COM3 (Port 0x19f, Baud rate 9201)
If I click on any of the emblems, a web browser attempts to open and when I close it, the emblems disappear. I also receive this windows prompt:
You have chosen to open setup_sbd_en.exe
Which is a: application
Would you like to save file?
Once I click on cancel, the prompt disappears and once I close the web browser, the emblem warning of a critical even disappears.
In addition, I’ve noticed the following when I have an open browser:
Iexplore.exe – application error
The instruction at “0x66fe1082” referenced memory at “0x0672d80”. The memory could not be “read”. Click ok to terminate the program.
As well as this one:
SysFader: IE7EXPLORER.EXE – Application Fatal Error
The instruction at 0x01cf34739 referenced memory at 0x02df2e50. The memory could not be read.
and then I would get a a count down and my computer would shut down.
Thanks to anyone in advance that read through this and has any advice!