Search:

Type: Posts; User: jpfof7; Keyword(s):

Page 1 of 2 1 2

Search: Search took 0.19 seconds.

  1. Replies
    4
    Views
    6,077

    Still need help

    Still need help
  2. Replies
    4
    Views
    6,077

    Possible rootkit infection Acer Aspire One

    Acer Aspire One computer will freeze or lock up. Similar to previous experience where a rootkit was found and removed.

    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Julia Pezzini at 22:20:44.03 on...
  3. Replies
    23
    Views
    14,413

    All Clear now, thanks

    Everything is working normally. Thank you.

    One comment is the defogger tool didn't automatically reboot the machine. Once the enable process was finished it just sat there. I rebooted manually....
  4. Replies
    23
    Views
    14,413

    Kapersky log, much better now

    Thanks. Things are much better now. I have used the machine for 4 hours and no locking or freezing.

    --------------------------------------------------------------------------------
    KASPERSKY...
  5. Replies
    23
    Views
    14,413

    wants to run fixmbr from Windows Recovery Console

    I remember now. It said to use the "fixmbr" command available from the Windows Recovery Console.
  6. Replies
    23
    Views
    14,413

    Log after mbr.exe -f

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    user & kernel MBR OK
    copy...
  7. Replies
    23
    Views
    14,413

    gmer mbr log results

    tealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    kernel: MBR read successfully
    detected MBR rootkit hooks:...
  8. Replies
    23
    Views
    14,413

    Combofix log

    ComboFix 10-03-07.02 - Pezzini 03/07/2010 18:36:44.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1012.545 [GMT -8:00]
    Running from: c:\documents and...
  9. Replies
    23
    Views
    14,413

    Malware Bytes Log

    Malwarebytes' Anti-Malware 1.44
    Database version: 3834
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    3/7/2010 5:43:43 PM
    mbam-log-2010-03-07 (17-43-43).txt

    Scan type:...
  10. Replies
    23
    Views
    14,413

    Don't do anything about defogger yet

    Thanks for the help.

    I will run the Malbytes and Combofix scans. Want to make sure I don't need to do anything about Defogger just yet?
  11. Replies
    23
    Views
    14,413

    GMER log

    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-03-07 13:11:44
    Windows 5.1.2600 Service Pack 3
    Running: gmer.exe; Driver: C:\DOCUME~1\Pezzini\LOCALS~1\Temp\uxxcraob.sys


    ---- System...
  12. Replies
    23
    Views
    14,413

    GMER has run successfully

    Thank you for your help and patience.

    I was able to run GMER and save the log file. When I went to open IE to post the log on this forum I got a blue screen with the following message:

    STOP:...
  13. Replies
    23
    Views
    14,413

    Defogger didn't ask to reboot

    Defogger didn't ask to reboot the machine. The laptop then froze after I waited for that message for 10 minutes. I didn't receive an error message but am copying the log file nonetheless. I had to...
  14. Replies
    23
    Views
    14,413

    GMER can't be used successfully

    I have tried all day to run GMER successfully. It took 7 hours to complete. Is there other settings I could try to run it in less time? It appears to read every file on the hard drive. Although...
  15. Replies
    23
    Views
    14,413

    GMER log hard to get finished

    I have had trouble with the GMER log. The laptop keeps locking up before the scan can complete. I gave up last night and will try again today.
  16. Replies
    23
    Views
    14,413

    Results of RSIT

    info.txt logfile of random's system information tool 1.06 2010-03-04 21:24:51

    ======Uninstall list======

    -->C:\Program Files\InstallShield Installation...
  17. Replies
    23
    Views
    14,413

    Acer Aspire One locking up (Resolved)

    I have an Acer Aspire One running Windows XP. The computer will freeze or lock up forcing only a manual shutdown usin the power button. I don't see obvious virus behaviour such as browser...
  18. Replies
    34
    Views
    5,020

    I think we can close this thread

    Things are ok now. I installed the suggested protection programs and Firefox. I will move on to the windows forum for assistance in cleaning up my computer after too many years of installing and...
  19. Replies
    34
    Views
    5,020

    Thanks for your help, are we done

    Thanks, a link to a Windows forum would be good.

    Are we finished? Do I need to create a new restore point?
  20. Replies
    34
    Views
    5,020

    Seems ok

    So far it seems to be fine. I will have to reboot a few times to see if the McAfee Systemguard gets turned off again.

    I still get the error message if I try to use msconfig and unclick something...
  21. Replies
    34
    Views
    5,020

    Comb Fix Log and HJT results from 2/4/10

    ComboFix 10-02-03.07 - Owner 02/04/2010 7:30.3.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.604 [GMT -8:00]
    Running from: c:\documents and...
  22. Replies
    34
    Views
    5,020

    HJT log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:03:02 PM, on 2/3/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16981)
    Boot mode: Normal
    ...
  23. Replies
    34
    Views
    5,020

    Combo-Fix log results

    Sorry, I was out of town for a few days.

    Ran Combofix:

    ComboFix 10-02-03.04 - Owner 02/03/2010 22:16:40.2.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.592 [GMT...
  24. Replies
    34
    Views
    5,020

    Results of GMER Part 2

    Bytes JMP 00A30040
    .text C:\WINDOWS\system32\svchost.exe[1176] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00A300BA
    .text ...
  25. Replies
    34
    Views
    5,020

    Results of GMER Part 1

    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-02-01 22:45:07
    Windows 5.1.2600 Service Pack 3
    Running: 0jgcfd9r.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\pxtiaaob.sys


    ----...
  26. Replies
    34
    Views
    5,020

    screen resolution won't show the save button

    GMER won't display the save button on my monitor in safe mode. The screen resolution is too big. I can just barely get to the scan button. It took a few hours to run and I am trying to figure out...
  27. Replies
    34
    Views
    5,020

    Does GMER take hours to run

    I ran it in safemode. Running in in normal caused a reboot. It is running for hours now apparently scanning every file. Is this how it should run?
  28. Replies
    34
    Views
    5,020

    Created new restore point

    I created a new restore point. I am still experiencing unusual things when I reboot. Sometime part of McAfee isn't active, sometimes it boots with limited configuration but it isn't consistent. I...
  29. Replies
    34
    Views
    5,020

    Still getting msconfig error

    Before I create a new restore point I wanted to note one last strange behavior. Upon boot I am getting a message that my System Admin or msconfig settings are not allowing complete startup. When I...
  30. Replies
    34
    Views
    5,020

    I ran HJT and deleted the line 020 referenced...

    I ran HJT and deleted the line 020 referenced above. After that I couldn't find the file referenced so I hope you meant the fix in HJT was actually the delete.

    Here is the latest HJT log:
    ...
  31. Replies
    34
    Views
    5,020

    I ran a full scan instead of the quick scan. ...

    I ran a full scan instead of the quick scan.

    I am getting the msconfig opening up and no changes are allowed because it tells me to use an administrator's user. I only have one user set up and...
  32. Replies
    34
    Views
    5,020

    Browser running fine, no more hijacks

    Things appear to be under control.

    Thanks,

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:44:53 PM, on 1/26/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer...
  33. Replies
    34
    Views
    5,020

    From California

    Not even close, the computer is in California
  34. Replies
    34
    Views
    5,020

    Results of Combofix and HJT

    Here are the logs from combofix and HJT.

    One point to mention is the first time I ran combofix it rebooted my machine. After signing back in nothing happened. I may have not been patient enough....
  35. Replies
    24
    Views
    14,486

    Final Steps completed

    I completed the final steps.

    Thank you very much.

    You can close the thread.

    Now it is on to my other infected computer.
  36. Replies
    24
    Views
    14,486

    Will do the last steps, question on Spybot

    Thank you.

    I will get to these steps asap.

    What is your opinion of McAfee? It seems the forum recommends not installing multiple virus applications at once. Also, I don't see Spybot in your...
  37. Replies
    24
    Views
    14,486

    Ready for final instructions

    Yes, ready for final instructions
  38. Replies
    34
    Views
    5,020

    Explorer & Google redirects

    I have a Dell running Windows XP. IE and Google are constantly redirected to shopping sites, fake virus tools and now a phished Symantec site.

    I have tried Spybot and Malwarebytes but neither can...
  39. Replies
    24
    Views
    14,486

    Spybot is clear, Thank you

    I reran Spybot and it didn't find the issues so it would appear things are ok. Thank you very much.
  40. Replies
    24
    Views
    14,486

    Advising I have another infected computer

    Per the FAQ and Tashi's reference I have another infected computer. I had opened a separate thread. I am informing you of the additional computer. The first computer, the Acer Aspire One, was...
  41. Replies
    3
    Views
    2,587

    Different computer

    No, it is a different computer
  42. Replies
    3
    Views
    2,587

    Google hijacked, TDL3 potential, can't clean

    I have a computer whose browser is constantly hijacked. Google searches are redirected. I appears I have the TDL3 rootkit.

    Here are some logs. I have tired Spybot, Malware, McAfee but the...
  43. Replies
    24
    Views
    14,486

    Result of running ATF and OTM

    ========== FILES ==========
    C:\WINDOWS\system32\drivers\etc\hosts.20091229-201439.backup moved successfully.
    C:\WINDOWS\system32\drivers\etc\hosts.20091229-204056.backup moved successfully....
  44. Replies
    24
    Views
    14,486

    Post Kapersky and HJT

    Here is the Kapersky results:

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7.0: scan report
    Sunday, January 17, 2010
    Operating...
  45. Replies
    24
    Views
    14,486

    reposting HJT log after closing OTMoveIT

    Sorry, I didn't close OTMoveIT before running the last HJT.

    Here is the latest log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:16:38 PM, on 1/16/2010
    Platform: Windows XP SP3...
  46. Replies
    24
    Views
    14,486

    results of otmoveit

    ========== FILES ==========
    c:\windows\system32\drivers\etc\hosts moved successfully.

    OTM by OldTimer - Version 3.1.6.0 log created on 01162010_141133



    HJT:

    Logfile of Trend Micro...
  47. Replies
    24
    Views
    14,486

    results of dds

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-12-01.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install...
  48. Replies
    24
    Views
    14,486

    HostsXpert can't create file

    HostsXpert 4.3 doesn't provide a make hosts writeable option.

    Also, I get the following message when trying to restore original hosts file:

    ERROR: Cannot create file...
  49. Replies
    24
    Views
    14,486

    Installed virus software, reran tools, new HJT log

    I installed virus software and ran scans. I have used Avira antivirus, Malbytes Malware, and Spybot. I still have the Windows.RedirectHosts and ProtectionSuite issues. Spybot continues to note as...
  50. Replies
    24
    Views
    14,486

    Will add anti-virus and redo HJT

    Thank you for the reply. The computer is back at school so it will take a few days to complete this next step. I guess Spybot isn't considered anti-virus? Also, McAfee was loaded but the...
Results 1 to 50 of 51
Page 1 of 2 1 2