Search:

sorry to post twice but the scan produced 2 logs and I wasnt sure which one you needed

info.txt logfile of random's system information tool 1.06 2009-04-02 22:10:57

======Uninstall list======
...

wow that was really quick Ken....must have run all of 10 seconds.

log posted below:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Visitor at 2009-04-02...

Ken

I was running that last scan all day and it hadnt completed when I got a call from CA. Long story short this guy got it. The Virus was in a folder that looked legitimate.

He removed or...

GMER I have already...the CA guy downloaded it. Should I delete and install a fresh version?

That was the file that the CA tech sent there and deleted...

"Ken

Spent 1 1/2 hours on phone with CA malware specialist...the file you asked me to check was the one that he did exactly that...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/01/2009 at 09:34 PM

Application Version : 4.26.1000

Core Rules Database Version : 3816
Trace Rules Database Version:...

Ken

I ran the SUPERAntiSpyware as suggested. It turned up quite a lot. Most were tracking cookies, but there were 4 registry items 2 of which were unknown...I had to restart the computer as you...

Ken

I did answer them at the bottom of the post:

"Deleted C:\Program Files\SpyNoMore

c:\Program Files\MediaSystem was not on the system.


Computer still displays all the symptoms of...

Ken

Had to bite the bullet on this one and Re-install Operating System. Now just trying to put together missing parts!

Thanks for the help.

A friend who helped me do the sytem install had...

When I had Virus Total scan the file it said it had already been scanned....Maybe CA did it, but I scanned it again.


Tried twice, not sure if these are the results or if it is waiting to be...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:56:16 AM, on 4/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
...

same here Ken

03/31/09 18:10:12 [Info]: BlackLight Engine 2.2.1092 initialized
03/31/09 18:10:12 [Info]: OS: 5.1 build 2600 (Service Pack 3)
03/31/09 18:10:12 [Note]: 7019 4
03/31/09 18:10:12...

03/31/09 17:56:55 [Info]: BlackLight Engine 2.2.1092 initialized
03/31/09 17:56:55 [Info]: OS: 5.1 build 2600 (Service Pack 3)
03/31/09 17:56:55 [Note]: 7019 4
03/31/09 17:56:55 [Note]: 7005 0...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:17:49 PM, on 3/31/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
...

Sorry Ken the posts must have crossed. I did install a new version of MA anti-malware and did check for updates prior to doing the scan that came up negative.

Did as you said with ComboFix, but...

Ken

Spent 1 1/2 hours on phone with CA malware specialist...the file you asked me to check was the one that he did exactly that with and deleted it. He said that the malware was rootkit, and that...

cant run Combo fix on the pc even in safe mode with networking.

Ken

Did the MA Anti-malware scan in safe mode and it came back clean after only 3 minutes. (not sure I trust it) will post it when all done.

Combofix was already installed on computer, but when...

Ken

Did the ATF cleaner.

I already had MA anti-malware installed so tried to run that. receieved an error message that it had encountered a problem and needs to close. I deleted the old version...

Ken

I wasnt sure if your last post here related to this issue or the other thread.

I answered your request in the other thread, haven't done the above yet...I'll wait to hear back

Thanks for...

Ken

When I try to run the scan it hangs on C:\WINDOWS\system32\spoolsv.exe...

I opened the task manager and it shows two OTListIt2 programs....both not responding

This is the problem I've...

Thanks Ken, still waiting for the callback "within 24 hours"...I'll let you know. Thanks for the fix also I'll tell you how I get on with it.

Other pc useless and offline, did open a new thread,...

Ken

I spoke with CA because I wasnt sure which signature file to download, they suggested I wait and have one of their malware specialists talk me through removal, and I wasnt going to...

Thanks Ken

I ran the tool as suggested and it found 5 items: 4 tracking cookies and 1 Trojan (Trojan/Bifrost HKEY_CURRENT_USER Software\wget )

The tool would only search, you had to purchase...

Ken

I came accross this after last posting. This appears to be at least one of the infections that I had (have). I'm still experiencing the error messages as described in the ca article, and the...

Sorry Matt thought I was in malware removal forum....my bad

Computer seems to be infected. I was troubleshooting an infected pc and used a flash drive to transfer logs to the clean pc to upload to this forum. IE will run normally for about 5 minutes but then...

Sorry Ken I forgot. Here it is:

HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:45:27 AM, on 3/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer...

Computer seems to be infected. I was troubleshooting an infected pc and used a flash drive to transfer logs to the clean pc to upload to this forum. IE will run normally for about 5 minutes but then...

Good morning Ken

I've run old timer on the family pc, posted results and restarted pc. I still get constant error messages popping uo from the toolbar. Messages such as:

Warning!!!
Warning!...

========== FILES ==========
C:\WINDOWS\SYSTEM32\svcprs32.exe moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03302009_073856

Ken will restart pc andpost again in a...

Ken

Two things:

I ran the HJET scan immediately after the FixServices window closed, should I have given it more time?

Secondly, when I ran the Kaspersky scan yesterday, under settings the...

Combofix log from family pc....I left flash drive in and noticed E:Recycler\Desktop.ini during scan if that is relevant...did previously disinfect flash drive. Work pc unplugged.

ComboFix...

Tried to run Trendmicro House call on "work" pc scanned 4147 resources then froze as I tried to start a reply in spybot forum. Both programs frozen. CA reports encountered an error while downloading...

Turned off anti-virus and anti-spyware, but something is stopping Combofix from running. The loading bar comes up, completes, then nothing.

Ken

I appreciate the help. Right now my "work" computer is far more important than the family one, I just figured that since it was running fine and I havent used it for anything this weekend...

"work" pc is the one having trouble with spyware removal sites and IE and anti-malware not responding...will go to home pc and do as instructed....ESET hung with error message on "work" pc

just hung with error message....see other issues with same on web....is there a work around this or another comparible scanner?

geez now Thunder...running the ESET scanner in safemode, but it is stalling after I press the Start button. The screen reads ESET Online Scanner. Initialization of the ESET Online Scanner....

I'll give it a try now Ken thanks. I posted the Kaspersky log above....how does it look?...still getting those error messages on the family pc and the screen settings change after about 10...

Kaspersky scan log from infected pc:

KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, March 29, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online...

was hoping for a last game of paddle at Weed Beach, but it wasn't to be. IE still not responding after 5-10 minutes, and I think MA anti-malware giving false negatives as it stops abruptly with a pop...

I fully understand Ken, I didnt want to put too much more info out in a public forum that was all, unfortunately there is no IT dept just me!....deleted suggested items and posted HJT log here:
...

Just Googled Schlund NCC, couldnt get to the google links on my pc but it looks like some illegal gambling or something.

Not sure about the proxy override, but I dont recognise the company in Germany. I also tried to do an anti-malware scan and after 4 minutes it comes up negative then doesn't respond. The scan was...

Ken

On my "clean" computer I am able to access the internet for about 5-10 minutes before the page says "not responding" and I am unable to shut down or end program, I literally have to pull the...

HJT Log from "clean" pc:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:31:49 PM, on 3/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00...

Thanks Ken I appreciate it. I understand. I work for myself from home, so I'm only going to get myself in trouble! I had already downloaded installed and run MA Anti-malware. Did the scan selected...

Ken

Kaspersky scan still running. My previously "clean" computer is my work pc, so would really appreciate it if you would take a look at the Hijack this log while I'm running Kaspersky on the...

Kaspersky scan running. Still cant get the Flash Disinfector. I get page not found on firefox and page cannot be displayed on IE, sorry