and attach.txt, if needed.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-09-29.01)
Microsoft Windows XP Home Edition
Type: Posts; User: CamaroJeff; Keyword(s):
and attach.txt, if needed.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-09-29.01)
Microsoft Windows XP Home Edition
heres the dds.txt
DDS (Ver_09-09-29.01) - NTFSx86
Run by Spiderman at 17:44:49.95 on Thu 10/08/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition ...
when i pasted the text file on combofix the first thing that happened was an update for combofix. it restarted after updating but i think it got the files, as theyre mentioned in the log. dds.txt log...
wow that scan took all night. heres the report, dosent look good...
Scan
----
Scanned: 490273
Detected: 22
Untreated: 22
Start time: 10/7/2009 5:54:13 PM
okay, i downloaded atf cleaner and successfully cleaned up the mentioned files. i get to the kaspersky online scan and i get this message:
Launch of the Java application is interrupted! Please...
alright, i figured the java update out once i found the correct link :red:
i will be finishing up the rest after i get home from work today.
i found and submitted the [4]-Submit zip file, it was right where you said it was.
im still not sure what to do with the offline installation for java though, i still dont find a link for it....
i ran a search for said file ([4]-Submit) through win rar and came up with zero results. are there any other methods to find this file if its present?
currently im attepmting to update java. i get...
heres the fresh combofix log after pasting the text file. will be doing the following steps shortly.
ComboFix 09-10-03.01 - Spiderman 10/04/2009 12:31.3.1 - NTFSx86
Microsoft Windows XP Home...
also, if needed, the attach.txt log that accompanies. computer is running faster already too.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS...
heres the dds log.
DDS (Ver_09-09-29.01) - NTFSx86
Run by Spiderman at 10:30:41.29 on Sun 10/04/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition ...
i know, utorrent can be a nasty program :red: i have deleted that program several times as it may have caused problems in the past. needless to say i havent used that program in a couple of years. i...
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs ...
wow, that took a lot longer than i thought. heres the results...
GMER 1.0.15.15087 - http://www.gmer.net
Rootkit scan 2009-10-03 12:54:54
Windows 5.1.2600 Service Pack 3
Running:...
alright, heres what attach.txt came up with. going to scan with GMER and post results momentarily
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
...
okay, i can unzip files, but im not sure how to go about zipping and attaching. it says in the text file:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT...
working on zipping attach.txt, says to zip the file and attach. might take me a few to do that...
okay, DDS came up with these.
DDS.txt
DDS (Ver_09-09-29.01) - NTFSx86
Run by Spiderman at 20:43:32.89 on Fri 10/02/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition ...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39:19 AM, on 9/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
...
Good to know its just leftover trash. Seems like the computer is running faster than it has in a long while.
I went ahead and took the steps, "O20 - Winlogon Notify: gebaxxv - C:\WINDOWS\" was...
HJT log from this morning. This is with ZoneAlarm, AVG, and TeaTimer enabled.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:23:54 AM, on 12/2/2007
Platform: Windows XP SP2 (WinNT...
Very well said people. These experts perform an invaluable service to complete strangers. I cannot express how much I appreciate pskelley's help, and everyone else who did the research on the methods...
Done and done! You da man!
Ill run another scan tomorrow just to be sure, and after reading those links Ive taken some preventative measures. Mostly guided by this forums suggestions, those of...
Does this log mean all the infected files are stashed away in System restore and I need to clear my System Restore points? After that Im in the clear?...
You got me, Im the only one who uses this computer, and I havent downloaded anything since all this has started. Let alone visited any sites that would be anything but safe. If I were doing anything...
Phooey. I really wish I could understand what this stuff means and know what to do with it :(
-------------------------------------------------------------------------------
KASPERSKY ONLINE...
Im going to go ahead and run the scan, Ive got the time today :) Ill post up results if anything shows up.
I cant express how much I appreciate your help, as stated in my first post you guys...
Well I got 6 of them deleted, going to have to search for the other 2. They are:
C:\Documents and Settings\Spiderman\My Documents\My Downloads\clickstart.exe ZIP: infected - 1 skipped
I found...
I certainly agree, 19 infected files is a whole lot better than 71 :)
Do I go about deleting those files by the method of "exploring the start folder"? I havent made any changes so the hidden...
:sad:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, December 01, 2007 12:20:30 PM
Operating System: Microsoft...
Okay, the first run of vundofix gave me two errors (Im sure it will show up in the report, listed below) but it did seem to remove the files.
Next I made the files and folders visible, downloaded...
Sorry, I missed the location part of the vundofix.txt...
Heres what it contains:
VundoFix V6.6.2
Checking Java version...
Scan started at 8:15:31 PM 11/30/2007
Hi again. I ran vundofix again last night after posting and got the same results. After reading your post I restarted the PC, ran vundofix again, and still got the same message. It says no infected...
Ok, Teatimer has been disabled (PC restarted after disabling per the instructions), I have read the instructions on Vundofix and installed it, ran the program and was left with a message saying...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:19 PM, on 11/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
...
ComboFix 07-11-19.4C - Spiderman 2007-11-29 22:10:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.148 [GMT -5:00]
Running from: C:\Documents and...
I am sorry, option 4 of FindAWF did run successfully. It was combofix that failed. This is all new to me and I will try to slow down and read more carefully. I would just like to get rid of these...
Here is the report from the first step:
Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully
The current date is: Thu 11/29/2007
The current time is:...
I cannot express how much I appreciate your help on this.
Heres the report:
Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully
The current date is:...
Here are the results...
Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully
The current date is: Thu 11/29/2007
The current time is: 18:10:33.31
Here is the FindAWF report
Find AWF report by noahdfear ©2006
Version 1.40
The current date is: Thu 11/29/2007
The current time is: 6:50:48.39
I do appreciate a response, although I figured the post being so close to Thanksgiving I would not press the time issue.
I am sorry I missed the UNcheck part of the "word wrap" option, I am re...
Kaspersky scan report...
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, November 22, 2007 8:29:46 PM
Operating...
First off Id like to say you guys are great. Spending the time and effort to help people out is an invaluable service.
Major :bigthumb: to you!
Now, down to the problem. Ive had this pc for...