not that i know of i think my system is all clean. Thanks so much i really appreciate this - there is no way i could have accomplished anything without this community and especially your willingness...
Type: Posts; User: saibot*18; Keyword(s):
not that i know of i think my system is all clean. Thanks so much i really appreciate this - there is no way i could have accomplished anything without this community and especially your willingness...
sorry if i did something wrong :oops:
anyways here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...
thanks
here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running...
umm thats pretty much what i did... after you helped me i uninstalled norton and installed antivir and then i also installed zonealarm. I havent had any more reports of random viruses on my machine...
i followed all the steps you told me and after i ran a scan with spybot search and destroy i found nothing. My subscription was up for my antivirus so i downloaded a free one recommended on this...
not that i know of... heh i dont really know what im looking for but it seems fine to me now... should i scan with some spyware removal program?
btw i really appreciate this dude i know you...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
my system seems clean and alot less laggy. I havent had any popups or anything in a while so i dont think any problems
C:\WINDOWS\SYSTEM32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped...
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume...
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073616.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume...
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071354.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume...
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP182\A0062497.exe Infected: Trojan-Downloader.Win32.Delf.ctz skipped
C:\System Volume...
kaspersky:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
2008-01-25 05:57
Operating System: Microsoft Windows XP Home...
continued:
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec...
continued:
Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}...
i went to delete those files but couldnt find the following:
C:\Temp\Ryuan1
C:\WINDOWS\SYSTEM32\RCX315.tmp
C:\WINDOWS\mrofinu572.exe.tmp
I deleted the rest though.
Here is extra.txt
...
i went back to the system restore right before the first deletion you had me do today and proceeded to do it again with the same results. It scanned and then said it was deleting those files/folders....
ugh sorry no it didnt... and my time is still what combofix changed it to. It just scans everything then after the 38th it goes down a couple lines and starts spitting out like directories so fast i...
ugh... it just started saying stuff real fast after the scan then closed and no log opened or anything.... it didnt freeze but the time isnt reset either (its changed to the way combofix changes it)...
it says it cannot find it should i run it again?
i dont know what to do my combofix ran and deleted a bunch of .dlls then finished but my windows didnt reboot so i waited about 15 mins and looked for those processes or any weird ones but didnt see...
and then the hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:02:18 PM, on 1/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2...
it froze the first time but i ran it again and it worked but took a really long time to delete all the files.... i just shortened the log up by taking out the endless amounts of pos***.tmp files. If...
sorry it takes a while to get into those folders cause of all the crap on my comp so i was just renaming the desktop... anyways i hope i did it right this time:
Logfile of Trend Micro HijackThis...
I guess i didnt do what you said sorry anyways heres the proper one:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:53 AM, on 1/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)...
thanks for replying! i think it is pretty bad as my kaspersky report said i have 22 viruses :oops:. anyways i did what you said and heres my log:
Logfile of Trend Micro HijackThis v2.0.2
Scan...
I got infected with what i believe was virtumondo a few nights back and have been trying to get rid of it with spyware doctor to no avail. I then downloaded vundofix which found files and deleted...