It's very random. It was completely restarting, but, now that message is showing up once in a while. The restarts started shortly after I got the virus. The restarts stopped about the time we got...
Type: Posts; User: hondasptbk; Keyword(s):
It's very random. It was completely restarting, but, now that message is showing up once in a while. The restarts started shortly after I got the virus. The restarts stopped about the time we got...
DDS (Ver_10-03-17.01) - NTFSx86
Run by DJ at 15:17:49.50 on Wed 04/07/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition ...
Well...for the most part, all seems to be well. However, my system is still ocassionally restarting. The most recent thing that has started is a popup that says "Unable to launch Restart.exe",...
Blade,
Thanks for all your help in cleaning up my computer...this was a tough one! I think everything is running fine now. All of my scans are coming back clean, and my banking web pages seem...
It seems to be running great, other than the fact that it keeps restarting. I've played with a couple of things to see if that helps, and can monitor that for a couple of days to see if it keeps...
The Qoobox files are posted and DDS ran successfully.
DDS (Ver_10-03-17.01) - NTFSx86
Run by DJ at 10:07:11.50 on Mon 03/29/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion:...
Everything seemed to run great...logs attached.
GREAT NEWS! Running MBAM and going into safemode w/cmd prompt on restart did allow me to follow your instructions and run a full Combofix script!
Unfortunately, after everything restarted, I ran...
The renamed DDS script still does not run. It shows up as between 7 and 15 colons on the screen, then it does a hard return and the cursor just sits there and flashes. I usually end task at about 1...
I am attaching my malwarebytes logs, however, I'm still not able to get past phase 8 of ComboFix. it usually gets stuck around 6a.
Malwarebytes' Anti-Malware 1.44
Database version: 3902
Windows...
I am still unable to get through the Combofix process. it usually stalls around 6a, however, it did make it as far as stage 8 once or twice.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-20 11:33:16
Windows 5.1.2600 Service Pack 3
Running: t5d7kh4w.exe; Driver: C:\DOCUME~1\DJ\LOCALS~1\Temp\fwliiaow.sys
---- Registry...
********************************
Microsoft Signature Verification
Log file generated on 3/15/2010 at 9:45 AM
OS Platform: Windows 2000 (x86), Version: 5.1, Build: 2600, CSDVersion: Service...
OTL logfile created on: 3/9/2010 10:34:42 AM - Run 3
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\DJ\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600)...
I have fully uninstalled AVG using their avgremoval tool, yet the furthest I as able to get ComboFix was phase 6a.
Got it to 8. Once it hangs, though, the PEV process is not available.
Kapersky:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, March 5, 2010
Operating system: Microsoft Windows...
I have let MBAM remove it's findings, and I do have my antivirus disabled.
I am still not able to get combofix to move past stage 3 (it did get to stage 4 once, but, still failed to proceed). I...
Malwarebytes' Anti-Malware 1.44
Database version: 3823
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3/3/2010 3:10:42 PM
mbam-log-2010-03-03 (15-10-37).txt
Scan type:...
Extras:
OTL Extras logfile created on: 3/3/2010 1:41:23 PM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\DJ\Desktop
Windows XP Home Edition Service Pack 3...
OTL:
OTL logfile created on: 3/3/2010 1:41:23 PM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\DJ\Desktop
Windows XP Home Edition Service Pack 3 (Version =...
Well...at first, Combofix did not appear to be working properly. I basically is getting to stage 3, then completely hanging. The computer hard drives shut down, and the whole pc will sit there...
RSIT log (the two together were too long for one post):
Logfile of random's system information tool 1.06 (written by random/random)
Run by DJ at 2010-02-27 08:50:28
Microsoft Windows XP Home...
Here are the RSIT logs...I'm still working on GMER. It's not going as smooth as i'd hope.
Info:
info.txt logfile of random's system information tool 1.06 2010-02-27 08:50:37
======Uninstall...
I do still need help...sorry for the delayed response, but, I went on a business trip and did not have access to this machine.
I have disabled my anti-virus and tried running dds in safe mode,...
Blade,
Can you give me some examples of script blockers that might be preventing me from running DDS? I have been trying to run this for a couple of days, but to no avail. The script prompt...
Hello,
I have had some strange activity happening on my PC the last few days. Many of the websites that I have tried to authenticate in to have presented a stop over message when I enter my user...
Thank you so much for your help...it was GREATLY appreciated. This is a great service that you and your team does for the internet community.
As for a firewall, I am using an external hardware...
Sorry for the delay...yes please!
Here is the new hjt log. Also, I check marked everything you mentioned, except for O4 - HKLM\..\Run: [rulepanir] Rundll32.exe "c:\windows\system32\yonevena.dll",a. I could not find that item in the...
Everything appears to be in working order now...thanks so much for your help!
Spybot still shows Virtumonde.prx and Virtumonde.sdn when I run "check for problems."
I'm running another Kaspersky scan now to see what it comes up with.
Anything else I should run?
Kapersky report:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, November 1, 2009
Operating system:...
Here is the new Combofix log:
ComboFix 09-10-30.01 - DJ 11/01/2009 9:35.4.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1424 [GMT -8:00]
Running from:...
Here is the combofix log.
ComboFix 09-10-30.01 - DJ 10/31/2009 15:22.3.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1547 [GMT -7:00]
Running from: c:\documents...
Here is the new HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:16 AM, on 10/31/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00...
Ableton Live v7.0.1
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Illustrator 10
Adobe Photoshop 7.0
Adobe Reader 7.0
Adobe SVG Viewer 3.0
AI Gear
Alesis Multimix Firewire...
I'm very new to this forum, but and old user of Spybot S&D. I'm hoping that someone can help me remove Virtumonde from my PC. Following a couple of threads on the web, I've already attempted to use...
Thank you, Tashi...I'm on it!
I'm very new to this forum, but and old user of Spybot S&D. I'm hoping that someone can help me remove Virtumonde from my PC. Following a couple of threads on the web, I've already attempted to use...