Thanks Tashi, I really appreciate the help! :)
Type: Posts; User: ascom2010; Keyword(s):
Thanks Tashi, I really appreciate the help! :)
Hello everyone,
I ran Rootalyzer and was wondering if these results below are fine? The computer is running fine, but I just wanted to run it to verify and wasn't sure if these were ok or not (I...
All done, OCD!!!
Thank you so much for the help, I really really appreciated it! You guys are the best here!!! I'll definitely follow all of the advice listed on the previous page, thanks a lot...
Hey OCD, I have but it's still the same. When I look at Programs installed, I've got:
Java 7 Update 6 (64 bit)
Java 7 Update 21
Java SE Dev Kit 7 Update 6 (64 bit)
Should I take down the...
Thanks for those responses, OCD!
Just one more thing, when I get to Disable Java through the Java Control Panel - On the control panel, I clicked on the security tab, but all I see is "Use...
That did the trick! Thanks a lot, OCD! So the trojan is gone for good? (I don't have to run another malwarebytes scan/ESET?)
Also, my last questions before you finish up:
1. Concerning the...
Hey OCD, maybe it's related to MSN Explorer - since it showed up on the desktop after I closed this browser a few days back. Usually when MSN Explorer is up, MSN Messenger would also sign in (but now...
Here you go, OCD:
ComboFix
ComboFix 13-05-18.02 - owner 05/19/2013 22:34:42.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2302 [GMT -4:00]
Running from:...
Thanks for that! Here you go, OCD:
ESET
C:\Users\owner\AppData\Local\{E1050E93-6938-4366-A579-B6D158F217A8}\{CCD09158-668C-4603-BC43-4F83586F794E}\sabhw.dll Win32/TrojanDownloader.Tracur.V...
Thanks OCD! Before I start on Step 1:
1. Delete a File/Folder
Using Windows Explorer (Windows Key + E), locate the following files/folders, and DELETE them (if still present):
...
(I once again forgot to include in my other post: 2 desktop.ini files showed up on the desktop after the reboot - the shortcuts are clear/see-through - that's all!)
OTL.txt Scan ran after reboot (I wasn't sure if the rKill part applied here, but I did not run it after reboot - just the OTL as mentioned)
OTL logfile created on: 5/18/2013 10:53:32 PM -...
Thanks for the reply, OCD! Here's the rKill text from earlier:
kill 2.4.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More...
Forgot to put this in the other post - but I can shut off my computer at the end of the day still right? Just wanted to make sure after running rKill earlier today! Thanks again, OCD.
Here you go, OCD! I kept the rKill text too in case you need it:
MBAM Log
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Thanks again, OCD.
COMBOFIX
ComboFix 13-05-18.02 - owner 05/18/2013 9:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3758.2273 [GMT -4:00]
Running from:...
(TDS CONTINUED)
09:20:39.0173 4396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:20:39.0173 4396 nsiproxy - ok
09:20:39.0251 4396 [...
Hey OCD, here's the latest:
TDSSKiller
09:20:21.0967 4172 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:20:21.0982 4172 ...
And finally Extras.txt
(Concerning symptoms - I've seen 2, 3 iexplorer.exe running when I'm not even running IE (they start at start-up too, when I haven't included them in my startups either. I...
OTL.TXT - PART 2
========== Files - Modified Within 30 Days ==========
[2013/05/18 00:27:09 | 000,001,320 | -H-- | M] () -- C:\Users\owner\msndata.dat
[2013/05/18 00:23:16 |...
OTL.TXT - PART 1
OTL logfile created on: 5/18/2013 12:27:15 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- Home Premium Edition Service Pack 1...
Thanks for the reply, OCD!
Here you go:
checkup.txt
Results of screen317's Security Check version 0.99.63
Hello, I ran MBAM after being redirected from several pages and it picked up both Trojan.Zbot.RS and Exploit.Drop.9 (and I currently have them quarantined as well as logged in case you need it). I...
Ok I just restored them! (So I'm good now right?)
Thanks for all your help Blade, I really appreciate it!!!!!
Here you go! :
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.21.13
Windows 7 Service Pack 1 x64 NTFS
Hey Blade: 0 infected files.
I forgot to mention: After the MBAM scan (mentioned above in my first post), I had the file quarantined and deleted - but I kept the log in case you were interested...
Hello, I ran a full scan using Malwarebytes earlier and Trojan.Vilsel was found. Ran Spybot afterwards, but nothing was detected there. Thanks in advance:
DDS
DDS (Ver_2012-11-20.01) -...
Thanks for all the help, Ken! :bigthumb: I really appreciate it :police:
I deleted all the past restore points and created a new one as a test like on the tutorial so I'm all set! Have a good day!
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
#...
No problems so far! Just a question: Does it matter if I download the Windows x64 or x86 version? How do I find out which one is mine? Thanks in advance!
(From here: ...
It all makes sense now, Spybot works wonders! It's interesting to see that it managed to change the numbers in the hosts file to my computer in order to prevent more redirects. Thanks for the...
OTL logfile created on: 8/22/2011 12:57:27 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\alle\Desktop
Windows XP Home Edition Service Pack 3 (Version =...
Ah ok, thanks for the clear up! Teatimer was already disabled, but I went through the steps just to make sure and it was already unchecked. Here's the OTL fix before I run OTL again:
All...
Good morning Ken, I encountered a small problem while running the OTL fix - an error message popped up saying:
"Cannot create file C:\Windows\System32\drivers\etc\hosts"
This was during the...
OTL Extras logfile created on: 8/21/2011 6:09:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\alle\Desktop
Windows XP Home Edition Service Pack 3 (Version =...
Ok, no problem!
OTL logfile created on: 8/21/2011 6:09:28 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\alle\Desktop
Windows XP Home Edition Service...
(I pressed submit on accident a minute ago, no bumping intended)
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7523
Windows 5.1.2600 Service Pack 3
Thanks for the response Ken, here are the logs:
GooredFix by jpshortstuff (03.07.10.1)
Log created at 21:38 on 20/08/2011 (alle)
Firefox version 5.0 (en-US)
========== GooredScan ==========...
Hello, I've been getting several redirects to Fast Find Answers everytime I use Firefox. I noticed a few similar threads on this so I figured I'd post my problem as well. Any help would be greatly...
Hello, I know I may come across as one of those people who check their task manager every now and then to see if something's fishy, but I did some research on these two online after having never seen...
Alright, thanks for the help though.
All I saw in Options was:
Personal
Layout
Sign In
Messages
Alerts
Sounds
File Transfer
Phone
Privacy
This isn't a bump attempt as the thread is still near the top, but you might be surprised to hear that I actually found strange sharing folders from other users in "My Sharing Folder" (you know the...
You're a money saver, PSKelley :bigthumb: - thanks for stopping me from wasting a 100 bucks on getting Norton's virus squad to do it for me, that money deserves to be used on better.
Once again,...
MBAM found the Security Center disable thing I told you about yesterday so I fixed that. As for Norton, it found the usual Tracking Cookie and that was also fixed.
As for my computer, it's running...
Sorry I'm posting again but I have not completed the System Restore part yet since I was wondering - do you want me to restart the computer then un-check the system restore? I just wanted to make...
Security Center: All three (Firewall, Automatic Updates, Antivirus) are green and 'ON'. I never got the balloons though, oh well.
Java: I now have Java 6 Update 12.
For the Service Pack #3: I...
The Malwarebytes' download you wanted me to go for was the free version I hope? That's what I used. I have also updated my Adobe Flash Player ActiveX, Adobe Reader, and have taken out the Viewpoint...
Thank you for the quick reply!
Alright, I ran combofix without problem:
Combo Fix Log
ComboFix 09-03-22.01 - alle 2009-03-22 19:07:13.1 - NTFSx86
Microsoft Windows XP Home Edition ...
I'd like to thank the creators of Spybot S&D, I wouldn't have discovered the problem without the program. Alright, I'll start with the HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2...