Search:

so anyway, after replacing the processor that had glued itself to the heatsink with its own thermal paste :red: I shall post HJT logs...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at...

Well, my computer died (most probably the processor) and is getting fixed, so im posting from my dads computer, when i get it back up and running i shall post logs and i didnt find the 3 files in C:\...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:34:29 a.m., on 18/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
...

i figured that there is a certian time that you have to wait before posting another reply which was why the HJT logs werent comming through. anyway


ComboFix 08-01-18.1 - Joel Gibson 2008-01-18...

- 2007-07-11 03:09:32 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-10...

ehh? im sure i posted a second reply with the rest... basted computer. ahwell here it is again (the whole thing)

ComboFix 08-01-10.2 - Joel Gibson 2008-01-14 14:37:21.5 - FAT32x86
Microsoft...

C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-10...

ComboFix 08-01-10.2 - Joel Gibson 2008-01-14 14:37:21.5 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.666 [GMT 13:00]
Running from: C:\Documents and Settings\Joel...

Ran on Fri 11/01/2008 - 13:59:56.82

Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0



uhhh yeah....

well, the no-names no-files are back

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:50 p.m., on 10/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00...

Thanks a bunch for your help. I also got rid of Spirit (the STI programme files folder) since there was a newer version out anyway.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:32:53 a.m., on 9/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
...

heh, according to me, you posted at 00:45am New Zealand time, so not quite :D:


CF log

ComboFix 08-01-07.5 - Joel Gibson 2008-01-09 1:02:03.4 - FAT32x86
Microsoft Windows XP Home Edition ...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:03:19 a.m., on 8/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
...

ComboFix 08-01-04.1 - Joel Gibson 2008-01-07 23:40:12.3 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.668 [GMT 13:00]
Running from: C:\Documents and Settings\Joel...

System restore turned off, then on the created a restore point:Check

HJT log: Check

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:50:11 p.m., on 7/01/2008
Platform: Windows XP SP2...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/07/2008 at 11:56 AM

Application Version : 3.9.1008

Core Rules Database Version : 3259
Trace Rules Database Version:...

Morning, I spose 1am here in NZ can count as morning... :p:

however, Java is now updated (the online link promped me with a save location?!?!), ATF cleaner did what ever it was sposted to do, SAS...

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
...

darn that 20K character cap

ComboFix 08-01-06.4 - Joel Gibson 2008-01-06 11:45:17.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1137 [GMT 13:00]
Running from:...

C:\QooBox\Quarantine\C\VundoFix Backups\wyilrbiv.exe.bad.vir Win32/TrojanDownloader.Tiny.ID trojan 0C86132A8EE6A7B9056930A90396BBDF
C:\QooBox\Quarantine\C\VundoFix...

0\A0100923.dll Win32/Adware.Virtumonde application 47999C384644C3AC88A3F7FBACD0C527
C:\System Volume Information\_restore{EEB4F3AE-BAF9-41B0-86FD-73AF6AD6D142}\RP250\A0100924.exe Win32/Adware.Ezula...

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2766 (20080104)...

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 03:05 122,432 ----a-w C:\WINDOWS\system32\epgtmelk.dll
2007-11-26...

Attempting to delete C:\windows\system32\txdbbppg.dll
C:\windows\system32\txdbbppg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uexeygti.exe
C:\WINDOWS\system32\uexeygti.exe...

VundoFix V6.7.7

Checking Java version...

Scan started at 2:27:03 p.m. 5/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\aaknmvjq.dll
C:\WINDOWS\system32\adlsnobs.exe

alrighty then, here are the logs:

HJT (renamed safer):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:55:58 p.m., on 5/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...

Had this for a while now and is more of an annoyance than a problem. Anyway, from the procedure...

1) Kaspersky Online Scanner did not work with opera so I tried using IE like it said but then it...

since I cant post in the bugs thread I expect it will be moved there.....

anyway, when I use the "fix selected problems" (both in safe mode or normal) while trying to remove virtumonde; It then...

I have the same thing but it says some thing else instead like "key added" and then a whole lot or numbers and letters.