Search:

Type: Posts; User: GreenWithEnvy; Keyword(s):

Search: Search took 0.00 seconds.

  1. Replies
    68
    Views
    13,621

    Hello Jeff: My Outlook email is back to...

    Hello Jeff:

    My Outlook email is back to normal. The storage device had its hooks in it and I uninstalled all of the features I did not want, and that solved that one issue.

    Also, I just made a...
  2. Replies
    68
    Views
    13,621

    Hello Jeff: I am confirming that my PC is in...

    Hello Jeff:

    I am confirming that my PC is in good shape and you can close this thread.

    Thank you thank you thank you so much for assisting me in getting rid of this malware. Please post...
  3. Replies
    68
    Views
    13,621

    Hi Jeff. My system is running well. I mentioned...

    Hi Jeff. My system is running well. I mentioned some of these things before. These are things that don't seem right to me.

    When I send email, I get a pop-up window that someone is trying to...
  4. Replies
    68
    Views
    13,621

    ComboFix 12-04-17.01 - Mike Hoover 04/20/2012 ...

    ComboFix 12-04-17.01 - Mike Hoover 04/20/2012 8:18.7.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.284 [GMT -4:00]
    Running from: c:\temp\ComboFix.exe
    Command switches...
  5. Replies
    68
    Views
    13,621

    Adobe and Java were downloaded per instructions.

    Adobe and Java were downloaded per instructions.
  6. Replies
    68
    Views
    13,621

    This took a looooooooooooooong time to run: ...

    This took a looooooooooooooong time to run:

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    # version=7
    # iexplore.exe=7.00.6000.17109 (vista_gdr.120227-1644)
    #...
  7. Replies
    68
    Views
    13,621

    Here is the Malwarebytes log and it was a full...

    Here is the Malwarebytes log and it was a full scan, not a quick scan:

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.04.19.04

    Windows XP Service Pack 3...
  8. Replies
    68
    Views
    13,621

    It is behaving pretty well. The last two times I...

    It is behaving pretty well. The last two times I booted it this morning, it did not recognize my new external hard drive. I'm not sure what going on there. I had to unplug and replug the USB jack...
  9. Replies
    68
    Views
    13,621

    I rescanned, chose delete, and then rebooted. ...

    I rescanned, chose delete, and then rebooted. Then I ran the scan again. Here is the log:

    07:57:05.0140 2948 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
    07:57:05.0625...
  10. Replies
    68
    Views
    13,621

    Hi Jeff. Here is the log. The tool said it...

    Hi Jeff. Here is the log. The tool said it found a suspicious object, but not a malicious object, so I did not cure it as instructed.

    04:31:42.0625 2772 TDSS rootkit removing tool 2.7.29.0 Apr...
  11. Replies
    68
    Views
    13,621

    I posted the beginning of the log first. Then...

    I posted the beginning of the log first. Then the end of the log second, and then all of the stuff in the middle. It's all there.

    Mike
  12. Replies
    68
    Views
    13,621

    - 2003-09-03 00:25 . 2010-06-15 10:18 114688 ...

    - 2003-09-03 00:25 . 2010-06-15 10:18 114688 c:\windows\Installer\{91130409-6000-11D3-8CFE-0050048383C9}\outicon.exe
    + 2003-09-03 00:25 . 2012-04-14 14:49 114688 ...
  13. Replies
    68
    Views
    13,621

    + 2001-08-17 18:52 . 2001-08-17 18:52 179584 ...

    + 2001-08-17 18:52 . 2001-08-17 18:52 179584 c:\windows\SYSTEM32\DLLCACHE\dac2w2k.sys
    - 2001-08-23 10:00 . 2001-08-23 10:00 350208 c:\windows\SYSTEM32\DLLCACHE\d3drm.dll
    +...
  14. Replies
    68
    Views
    13,621

    - 2009-10-20 16:20 . 2009-10-20 16:20 265728 ...

    - 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\SYSTEM32\DLLCACHE\http.sys
    + 2004-08-04 05:41 . 2004-08-04 05:41 685056 c:\windows\SYSTEM32\DLLCACHE\hsfcxts2.sys
    +...
  15. Replies
    68
    Views
    13,621

    + 2002-08-29 10:00 . 2008-04-14 00:12 102400 ...

    + 2002-08-29 10:00 . 2008-04-14 00:12 102400 c:\windows\SYSTEM32\DLLCACHE\rcbdyctl.dll
    - 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\SYSTEM32\DLLCACHE\rastls.dll...
  16. Replies
    68
    Views
    13,621

    + 2002-08-29 10:00 . 2002-08-29 10:00 5632 ...

    + 2002-08-29 10:00 . 2002-08-29 10:00 5632 c:\windows\SYSTEM32\DLLCACHE\kbdblr.dll
    + 2008-07-21 00:29 . 2008-04-14 00:09 6144 c:\windows\SYSTEM32\DLLCACHE\kbdbhc.dll
    +...
  17. Replies
    68
    Views
    13,621

    + 2001-08-17 18:52 . 2001-08-17 18:52 12032 ...

    + 2001-08-17 18:52 . 2001-08-17 18:52 12032 c:\windows\SYSTEM32\DLLCACHE\amsint.sys
    + 2002-08-29 10:00 . 2008-04-13 18:31 37760 c:\windows\SYSTEM32\DLLCACHE\amdk7.sys
    +...
  18. Replies
    68
    Views
    13,621

    + 2002-08-29 10:00 . 2008-04-14 00:11 23552 ...

    + 2002-08-29 10:00 . 2008-04-14 00:11 23552 c:\windows\SYSTEM32\DLLCACHE\mciwave.dll
    + 2002-08-29 10:00 . 2002-08-29 10:00 25264 c:\windows\SYSTEM32\DLLCACHE\mciseq.drv
    -...
  19. Replies
    68
    Views
    13,621

    + 2012-04-15 12:08 . 2001-08-18 02:36 86097 ...

    + 2012-04-15 12:08 . 2001-08-18 02:36 86097 c:\windows\SYSTEM32\DLLCACHE\reslog32.dll
    + 2002-08-29 10:00 . 2002-08-29 10:00 12800 c:\windows\SYSTEM32\DLLCACHE\replace.exe...
  20. Replies
    68
    Views
    13,621

    ((((((((((((((((((((((((((((( ...

    ((((((((((((((((((((((((((((( SnapShot@2012-04-10_20.28.14 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-04-18 11:48 . 2012-04-18 11:48 16384 ...
  21. Replies
    68
    Views
    13,621

    . -- Snapshot reset to current date -- ....

    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default...
  22. Replies
    68
    Views
    13,621

    ComboFix 12-04-17.01 - Mike Hoover 04/18/2012 ...

    ComboFix 12-04-17.01 - Mike Hoover 04/18/2012 7:28.6.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.76 [GMT -4:00]
    Running from: c:\temp\ComboFix.exe
    Command switches...
  23. Replies
    68
    Views
    13,621

    Hello Jeff. I have not attempted to load...

    Hello Jeff. I have not attempted to load software or in any way alter the computer. I only ran Combofix as instructed. The site is telling me the text is too long. I cut it in half and it was...
  24. Replies
    68
    Views
    13,621

    I will follow your instructions tonight and post...

    I will follow your instructions tonight and post the Combofix log.

    I'm running the Microsoft Fixit Center downloader off my C drive, not off of a USB drive of any kind, so I'm not understanding...
  25. Replies
    68
    Views
    13,621

    I see that webroot is an antil-malware program. ...

    I see that webroot is an antil-malware program. No, I definitely never used that.

    I do have an issue where I cannot run Microsoft Fixit Center anymore. Or download and install the latest...
  26. Replies
    68
    Views
    13,621

    I don't know what webroot is, so the odds are...

    I don't know what webroot is, so the odds are that I didn't have it.
  27. Replies
    68
    Views
    13,621

    My firewall started up on reboot. I have a...

    My firewall started up on reboot.

    I have a number of suspicious processes/services and I'm going to list them. If you know if I can delete them with no ill affects, please let me know. None have...
  28. Replies
    68
    Views
    13,621

    Hi Jeff, I don't want you to think that I'm...

    Hi Jeff, I don't want you to think that I'm deathly afraid of Combofix, but I purchased an external harddrive and backed up my C drive before running it. So when you see Seagate and Memeo in the...
  29. Replies
    68
    Views
    13,621

    I did set a restore point this morning. ...

    I did set a restore point this morning. Truthfully, I'm not sure if that's the same as a complete back-up or not. I hope that it is.

    It does seem that the infection was neutralized. I don't see...
  30. Replies
    68
    Views
    13,621

    Well, trust me, it wasn't just resetting the...

    Well, trust me, it wasn't just resetting the modem, because I tried that a number of times. It was a combination of one of the other fixes I implemented and then resetting the modem that finally...
  31. Replies
    68
    Views
    13,621

    First of all, my internet access may be a bit...

    First of all, my internet access may be a bit shaky yet. Just now I had to renew my ip address again.

    I tried about 50 different things over the last day and half. And then I unplugged my modem...
  32. Replies
    68
    Views
    13,621

    Oh my god, I just got my Internet Access back. ...

    Oh my god, I just got my Internet Access back. This is momentous! I've been working on this for a day and a half.

    Awaiting further instructions.
  33. Replies
    68
    Views
    13,621

    Well, I worked on trying to restore the internet...

    Well, I worked on trying to restore the internet connection for about 11 hours straight. No luck. I've tried all kinds of things, including uninstalling and reinstalling the tcp/in driver. But I...
  34. Replies
    68
    Views
    13,621

    Here is FSS.txt: Windows Registry Editor...

    Here is FSS.txt:


    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\netbt]
    "Type"=dword:00000001
    "Start"=dword:00000001...
  35. Replies
    68
    Views
    13,621

    OK Jeff. I will do that. Just to let you...

    OK Jeff. I will do that.

    Just to let you know, even though I don't know what I'm doing, I have the PC now recognizing my two CD/DVD drives and I can run them. Also, I have my PC's audio back,...
  36. Replies
    68
    Views
    13,621

    I did as you instructed and it didn't help. The...

    I did as you instructed and it didn't help. The "local area connection" is connected but I cannot get the system to pull my ip address. I had tried the ipconfig /renew previously to see if that...
  37. Replies
    68
    Views
    13,621

    Here it is Jeff: Farbar Service Scanner...

    Here it is Jeff:

    Farbar Service Scanner Version: 01-03-2012
    Ran by Mike Hoover (administrator) on 13-04-2012 at 15:12:05
    Running from "C:\Temp"
    Microsoft Windows XP Home Edition Service Pack 3...
  38. Replies
    68
    Views
    13,621

    You asked me if I could access the Internet in...

    You asked me if I could access the Internet in safe mode. The answer is no. I tried safemode with networking and I still could not access the Internet. I looks like it's loading a bunch of drivers...
  39. Replies
    68
    Views
    13,621

    First, here is my Combofix log: ComboFix...

    First, here is my Combofix log:

    ComboFix 12-04-10.02 - Mike Hoover 04/13/2012 1:14.4.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.236 [GMT -4:00]
    Running from:...
  40. Replies
    68
    Views
    13,621

    Thank you Jeff. I have created the txt file on...

    Thank you Jeff. I have created the txt file on my thumbdrive and will transfer it to my home PC tonight as instructed. I will bring my work laptop home with me tonight and maybe I can get on the...
  41. Replies
    68
    Views
    13,621

    Hi Jeff. I didn't see your post about booting in...

    Hi Jeff. I didn't see your post about booting in safe mode until now. Below are the logs. I thought combofix would create a differently named log for each run, but it just overwrote the same log...
  42. Replies
    68
    Views
    13,621

    Tomorrow, I will post the logs that were...

    Tomorrow, I will post the logs that were requested and then wait for your next instructions. I'll put the logs on a thumb drive and then post them from my work PC. I had to run Combofix three...
  43. Replies
    68
    Views
    13,621

    Is it possible to use that recovery tool that...

    Is it possible to use that recovery tool that Combofix downloaded to get some of my system files back? I did try to do a system restore, but Windows doesn't make it through the process and says it...
  44. Replies
    68
    Views
    13,621

    Yikes

    Well, my PC is pretty much toast after running Combofix. I have no connection to the Internet and my PC doesn't recognize my CD ROM Drives so I can't reload my drivers. Basically, Combofix deleting...
  45. Replies
    1
    Views
    1,892

    Google redirect Malware

    Well, I started a thread this morning, subscribed to it and bookmarked it, and it has vanished off the website. So here it is again.

    Edit
    Previous topic is still open. :)

    Hi. I'm looking...
  46. Replies
    68
    Views
    13,621

    Malware redirects Google Search Results

    Hi. I'm looking for some assistance to remove some malware on my PC. I have SpyBot and Malwarebytes. Spy Doctor doesn't pick up a problem when I scan.
    Malwarebytes does and it always finds a dll...
Results 1 to 46 of 46