Search:

Ken,

Thanks so much for all your help, I really appreciate it!

Greg

Hi Ken,
I havent gotten any replys on the other site. should I just uninstall and reinstall using microsoft tutorial. If I save files to a flash driven wont they be infected as well?
Thanks,...

Hi Ken,

Yes, I have the original Windows CD. I cannot access the internet, can you direct me to a site on how to uninstall and reinstall Windows, I can use my laptop to access internet. Thanks...

Hi Ken,

life has gotten in the way of working on my desktop. Correct, I can no longer connect to the internet., Im trying to download combofix to a flash drive so I can run it on safe mode on my...

Ken,

I can no longer connect to the internet with my desktop. Ive checked all connections to no avail. I was able to download fresh Combo fix's however when I run it 2 specific things happen...

I had no idea not to post last file, I couldnt zip it. Do it contain personal info. Greg

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2...

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Greg at 16:55:29 on 2011-10-07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2217 [GMT -4:00]
....

aswMBR will not run...please attach link for DDS. I seem to have lost it.

Thanks Greg

Ken, it restarted. Please advise on next move. I have to shut down for the night. Thank you. Greg

When I rebooted I've gotten a blue screen, A problem has been detected and windows was shut down to prevent damage. PAGE_FAULT_IN_NONPAGED_AREA appears. Also

Technical information:
...

You have the patients of a saint....


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 133):

I'm sorry I dont know what a standard boot code is:red:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel...

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel...

Well I tried downloading malwarebytes and I cannot. Everything is gone from my desktop and folders except IE and my recycle bin. i still have plenty of audio pop ups....:hair:

Hi Ken,

I have to download Malware to my desktop, but now my AVG has been disabled, can I still go online without risking further damage. Im using my laptop now, thinking I would follow your...

Ken, I forgot to mention that I have a program on my desktop named "Open cloud AV" that I never down loaded. When I boot computer it prompt me that I have various serious virus threat and need to...

Hi Ken,

I reinstalled Firefox, but im afraid my computer is running very slowly, the audio pop ups still persist and AVG keeps blocking something called "Blackhole Exploit Kit (type 2055). The...

Ken,

Heres the latest Combofix log..Thanks


ComboFix 11-09-30.05 - Greg 10/01/2011 10:52:40.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2397 [GMT -4:00]...

Hi Ken, just to keep you up to date I removed Firefox successfully, but could not run aswMBR it would not start. I also had to update IE to version 8, im not sure if this will effect anything ...just...

Ken, I followed your instructions, however aswMBR will not run a scan? Greg

Ken, the first audio was last night, it was very strange kind of like a radio station with ads, but I could hear what sounded like teenagers say how they knew all aspects of someone life and could do...

Ken, redirects have stopped on IE, but persist on Firefox, in fact I now have some type of audio cookie where im getting pharmaceutical ads,petsmart and such. For the life of me I cannot find where...

Still redirecting.:confused:

Hi Ken,

Heres the log from the latest OTL fix you had me run. Just want to thank you for your patients with this fix. Greg

All processes killed
========== PROCESSES ==========
==========...

Ken,
I apologize for my absence. The computer is still redirecting on searches, to get around that I cut and paste addresses and go directly to sites.

OTL logfile created on: 9/27/2011...

Hi Ken,

Below is the latest OTL scan, Thank you. Greg




User: Greg
->Temp folder emptied: 685496 bytes
->Temporary Internet Files folder emptied: 4193493 bytes

Hello Ken,

Here is the latest OTL scan file after running fix. Thank you.

OTL logfile created on: 9/23/2011 10:59:14 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and...

Ken, the only way to fit this file was to zip it, hope it helps. Greg

OTL logfile created on: 9/21/2011 4:43:50 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and...

Hi Ken, here are the Extras and OTL files...Greg

Sorry for not being able to post. Here is the Combo Fix log from today. I will wait to hear from you before I run OTL.
Thanks, Greg

ComboFix 11-09-21.03 - Greg 09/21/2011 13:50:04.6.2 - x86...

Hi Ken,

Followed your instructions, computer is still redirecting when I do a search in Google.

Thanks Greg

.ru4.com [ C:\DOCUMENTS AND SETTINGS\KIDDIES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0VWCKJTW.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\KIDDIES\APPLICATION...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/14/2011 at 08:07 PM

Application Version : 5.0.1118

Core Rules Database Version : 7691
Trace Rules Database Version:...

Ken,

When I try to upload log using "manage attachments" option it keeps telling me its and invalid file??

Thanks, Greg

8547


Hope this helps.

Ken, foeum say the log is 62,100 characters too long to post.

Greg

Malwarebytes' Anti-Malware 1.34
Database version: 1849
Windows 5.1.2600 Service Pack 3

9/14/2011 6:32:48 PM
mbam-log-2011-09-14 (18-32-48).txt

Scan type: Full Scan (C:\|)
Objects scanned:...

Ken,

Am I administering these programs correctly? Could it be something i'm doing wrong!!

Ken,

ran GMER here is log

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-14 14:39:18
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver:...

Say I do a search on Google, i'll get the results and click on one and I get redirected to sites such as " yellowbook.com, funbrain,gimmieanswers, find fast answers, catty etc.etc

But now its only...

Hi Ken,

Ran eset again, it did not create a log, the scanning window only stated "no threats found". and gave file totals and time scan took.

Greg

Ken,

Its redirecting again....ugh

Ken'

I ran the scan which found 2 infected files, however I didnt save the text and lost it. If need be i'll run again, I'm certainly not making your job any easier.

Greg

Hi Ken,

It seems as if the problem has been solved, computer on longer redirects. Should I dispose of all tools and texts that we downloaded during this process. I really appreciate you time...

Gooredfix log

GooredFix by jpshortstuff (03.07.10.1)
Log created at 14:50 on 12/09/2011 (Greg)
Firefox version 6.0.2 (en-US)

========== GooredScan ==========


========== GooredLog...

Ken, That is the only log I get, I get a "press any key to continue" prompt which I do, then nothing. However when I do this my computer seems to sound as if its running very loud, could be safe mode...

exeHelper by Raktor
Build 20100414
Run at 21:15:27 on 09/09/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking...

exeHelper by Raktor
Build 20100414
Run at 21:15:27 on 09/09/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking...