Search:

bcbarry · 2010-02-05, 02:25

Cannot browse internet unless in safemode

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:21:54 PM, on 2/4/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00...

bcbarry · 2008-12-09, 18:36

Hello,

Thank you very much for all your help. The files noted were not present. I will up date Java as suggested.

Take care and have a great Holiday Season.

best regards,

Barry

bcbarry · 2008-12-09, 01:41

ComboFix 08-12-07.04 - Jaime.Quezada 2008-12-08 16:23:00.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2710 [GMT -8:00]
Running from: c:\documents and...

bcbarry · 2008-12-09, 00:53

Sorry about previous post.

Hope that this is better.

Malwarebytes' Anti-Malware 1.31
Database version: 1463
Windows 5.1.2600 Service Pack 3

12/8/2008 3:25:13 PM
mbam-log-2008-12-08...

bcbarry · 2008-12-09, 00:50

Hello,Actually ran it last week and ran another today.Here is the latest log.Thanks for your help.Malwarebytes' Anti-Malware 1.31Database version: 1463Windows 5.1.2600 Service Pack 312/8/2008 3:25:13...

bcbarry · 2008-12-04, 23:27

Hello,

Seem to have another computer infected with Virtumonde

You've been great help in the past.

thanks in advance

Barry

bcbarry · 2007-10-18, 20:04

Good morning,

Thanks for all your help. I know I am being paranoid, but I ran the eset online scan one more time and it appears that it came up with 10 infected files...

log is attached, let...

bcbarry · 2007-10-17, 23:56

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2599 (20071017)...

bcbarry · 2007-10-17, 22:40

ComboFix 07-10-16.1 - Jasmine 2007-10-17 13:32:57.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.167 [GMT -7:00]
Running from: C:\Documents and...

bcbarry · 2007-10-17, 21:24

Okay, did everything but up-load the file.

thanks,

Barry

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:23 PM, on 10/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...

bcbarry · 2007-10-17, 21:02

I am sorry, but I cannot find ws2cpiec.sys on this computer. I ran Kapersky again overnight, did that mess things up?

thanks,

Barry

bcbarry · 2007-10-16, 23:41

ComboFix 07-10-16.1 - Jasmine 2007-10-16 14:30:52.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.111 [GMT -7:00]
Running from: C:\Documents and...

bcbarry · 2007-10-16, 22:40

Virtumonde again, but on a different pc. Thanks in advance... you guys are great!

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT...

bcbarry · 2007-09-27, 18:32

Everything seems to be just fine! Thank you so much for your help. If you are ever in California I'll buy you a drink!

Barry

bcbarry · 2007-09-25, 21:15

hello,

things are running much better and faster, however, Kapersky still shows infected files...

http://rapidshare.com/files/58223392/kapersky_report_2.25.txt.html

let me know

thanks,...

bcbarry · 2007-09-25, 17:55

Good morning...here's the link

thanks,

Barry

http://rapidshare.com/files/58183269/text_logs_2.24.txt.html

bcbarry · 2007-09-24, 20:58

Kapersky found infected files...log report is big! What is the easiest way to send them...they excede the limit?

thanks,

Barry

bcbarry · 2007-09-24, 19:59

Here you go!

ComboFix 07-09-21.2 - "Juan.Quezada" 2007-09-24 10:37:36.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.151 [GMT -7:00]
Command switches used :: ...

bcbarry · 2007-09-24, 19:38

I am an idiot...missed the first line.

Trying again.

bcbarry · 2007-09-24, 19:36

I thought I did...I'll try again

thanks,

Barry

bcbarry · 2007-09-24, 19:28

Hi,
did not re-boot..here are the logs
thanks,
Barry

ComboFix 07-09-21.2 - "Juan.Quezada" 2007-09-24 10:12:40.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.108 [GMT...

bcbarry · 2007-09-24, 17:57

Hey, sorry for the delay. I was away for the weekend.

I hope that this is complete.

regards,

Barry

ComboFix 07-09-21.2 - "Juan.Quezada" 2007-09-24 8:47:39.3 - NTFSx86
Microsoft...

bcbarry · 2007-09-21, 20:35

sorry... here's the combofix log and I submitted the file per your request

thanks again

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingA4551"=command...

bcbarry · 2007-09-21, 19:51

Vundofix came up with no files to fix????

Still getting hijacked though

thanks,

Barry

VundoFix V6.5.8

bcbarry · 2007-09-21, 18:59

here is a new log

thanks,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:50, on 2007-09-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00...

bcbarry · 2007-09-20, 21:50

Have done the following:

Ran Kaspersky
Ran SPy-bot (In Safe Mode) Could not completely remove Virtumonde (seems to be in c:\windows\system32\advnt5.dll)
Ran HiJack this.

I tried earlier...

Search:

Search: Search took 0.01 seconds.

Thread: slirsredirect

Thread: Virtumonde

Thread: Virtumonde

Thread: Virtumonde

Thread: Virtumonde

Thread: Virtumonde

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde - again!

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection

Thread: virtumonde infection