I'll have to get back to you about this. My computer's screen crapped out on me so I have it in pieces right now while I wait for a new inverter to come. Hopefully that will take care of this...
Type: Posts; User: psywzrd; Keyword(s):
I'll have to get back to you about this. My computer's screen crapped out on me so I have it in pieces right now while I wait for a new inverter to come. Hopefully that will take care of this...
My computer is still running slowly but if you say I'm all clear, there must be something else that is causing it. I'll try to troubleshoot that problem on my own. Thanks again.
Nope - it only finds HitBox, Statcounter and WebTrends live. And I just finished a Kaspersky online scan and that came up totally clean too. Does that mean I'm ok? I got worried when I saw...
31.12.2007 18:09:23 - ##### check started #####
31.12.2007 18:09:23 - ### Version: 1.5
31.12.2007 18:09:23 - ### Date: 12/31/2007 6:09:23 PM
31.12.2007 18:09:27 - ##### checking bots #####...
Where are the Spybot reports located? I'd like to include a report on the scan that found Virtumonde.
Wow - amazing work! Sorry about the confusion I caused in the beginning. Hopefully, this type of thing won't happen to me again. If it does though, at least I know the proper way to go about...
Thanks for that. Based on that article you linked me to, it looks like autoplay shoud be disable for my external drive by default - I should be ok to reattach it and format it then. I guess all...
I'm still getting pop-up alerts from Kaspersky AV but I assume those will disappear once you tell me how to get rid of that stuff in system restore. The other thing I'm concerned with is how I can...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:09:01 PM, on 12/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1030\A0105353.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1023\A0105137.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1018\A0103957.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1011\A0103627.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1001\A0101427.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1000\A0100330.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1000\A0100169.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, December 29, 2007 6:08:29 PM
Operating System: Microsoft Windows XP...
I actually just disabled Kaspersky and that seemed to work ok. I just need to finish up with the other stuff. I guess I won't hear from you until tomorrow now though since Kaspersky online scan...
It's actually ok - it didn't uninstall my Touchpad completely so it's still working. I'm having some problems emptying the C:\qoobox\Quarantine folder though. When I try to delete the last couple...
Can I just iunnstall it and then immediately reinstall it? Otherwise, how am I supposed to effectively navigate around to do everything?
If I uninstall TOSHIBA Touch and Launch, won't it disable my Touchpad?
Scan process completed.
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP997\A0099983.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1027\A0105222.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1018\A0103969.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1004\A0101741.rbf Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped
C:\System Volume...
C:\System Volume Information\_restore{145A78D9-30F3-4441-A76F-9F54405CDEA6}\RP1000\A0100321.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.clc skipped
C:\System Volume...
C:\qoobox\Quarantine\C\WINDOWS\system32\rqrpp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.cli skipped...
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, December 29, 2007 1:05:52 PM
Operating System: Microsoft Windows XP...
Just to be clear, you want me to edit out lines that shows that the object is both locked AND skipped?
Kaspersky still seems to be finding a lot of problems - hopefully there's an easy way to clean those up without messing anything up. The Kapsersky log is way too long to post (almost 93000...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:07:08 PM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
ComboFix 07-12-21.4 - **** 2007-12-28 14:52:50.10 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.219 [GMT -5:00]
Running from: C:\Documents and...
Ran on Fri 12/28/2007 - 14:35:35.43
----a-w 132,496 2007-12-28 19:30:23 C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
Entries: 1 (1)
Directories: 0...
ComboFix 07-12-21.4 - **** 2007-12-28 14:18:47.9 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.206 [GMT -5:00]
Running from: C:\Documents and...
Does it matter what order I run these in? I was planning on running ComboFix first, then RenV, then HJT. Is that ok?
Ran on Fri 12/28/2007 - 13:49:21.17
----a-w 1,077,301 2007-12-28 18:43:33 C:\Program Files\TOSHIBA\Touch and Launch\PadExe .exe
----a-w 122,939 2007-12-28 18:43:26 ...
continued from above
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-28 18:37 --------- d-----w C:\Program...
ComboFix 07-12-21.4 - **** 2007-12-28 13:29:57.8 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.207 [GMT -5:00]
Running from: C:\Documents and...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:07:46 PM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
ComboFix 07-12-21.4 - **** 2007-12-28 12:40:48.7 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.215 [GMT -5:00]
Running from: C:\Documents and Settings\****...
Ok - here are the requested logs. I keep getting all sorts of pop-ups from Kaspersky AV and I have no idea what to do with them so I just keep hitting "skip" or "allow". Please let me know if I...
Ran on Fri 12/28/2007 - 12:19:30.40
----a-w 1,205,248 2007-12-27 19:49:38 C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
----a-w 1,205,248 2007-12-27...
Here it is.
I did install the free 30-day trial of Kaspersky but I haven't run a scan with it yet because I'm not quite sure how to do it (I'm scared that it's going to delete files I need or something and I...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:14 AM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
ComboFix 07-12-21.4 - **** 2007-12-28 10:34:24.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.159 [GMT -5:00]
Running from: C:\Documents and...
I apologize for that. I got completely confused and thought that the two sites were the same sites but under different names (I noticed similar user names on both sites too) - now I understand that...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:48:22 PM, on 12/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...