peku006,
I will try to use it without the network cable and see if conficker continues to regenerate itself. I appreciate all your help. Have a great holiday season, God Jul!!!!!!
John in...
Type: Posts; User: dallak; Keyword(s):
peku006,
I will try to use it without the network cable and see if conficker continues to regenerate itself. I appreciate all your help. Have a great holiday season, God Jul!!!!!!
John in...
A guy at work gave me a licensed copy of Kaspersky Anti-Virus 2011. Would it help if I installed this at this time?
John
peku006,
You are not going to like this. I would really hate to format if I don't have to but you let me know when you run out of ideas.
I appreciate your help very much.
John
peku066,
Here is the log from Dr. Web Cureit. It took a very long time to scan. Let me know if this helped.
Thanks.
1763d7e9-4aa59439\vmain.class;C:\Documents and...
It still does not work, I tried it today after a re-boot. Haven't tried it in Safe mode lately but I doubt it will run.
John
peku006,
here is the log. Doesn't look like it found what you were looking for. But keep in mind, I re-booted after MBAM.
John
SystemLook 04.09.10 by jpshortstuff
Log created at 10:57...
peku006, here are the 2 logs. Yes, it was found again by MB after I ran OTM!!!!!!!!!!
========== REGISTRY ==========
Registry key...
peku006,
sorry for the delay. We had a long weekend here for Thanksgiving and I didn't get my computer out! I do not use a USB drive or removable media. I do charge my Blackberry via USB...
peku006,
I had previously installed the Microsoft patch and run BitDefender's removal tool as you asked. I ran BitDefender again just now and it found an incident of conficker and removed it. It...
here it is, probably got these results because I had run MBAM not too long ago. I feel like it will return though. Shall I continue with anything else?
Ok Loading BitDefender Engines
State...
peku006,
check out all of the instances now of conficker from Malwarebytes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5177
Windows 5.1.2600 Service Pack 3
[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Documents and Settings\john\Desktop\OTS.exe -> [2010/11/23 12:07:42 | 000,642,048 | ---- | C] (OldTimer Tools)
conremoval -> C:\conremoval...
Peku006, sorry for taking so long, I have been away from the office. Here is the OTS log. Had to splint into two posts. Let me know if you see anything unusual.
[code]
OTS logfile created on:...
I will do this first thing, Monday.
Thanks!
peku006,
This is very frustrating. Ran fixdownadup as you instructed (twice). Worm wouldn't let me navigate to symantec so I had to download it from another computer. It detected something, so...
tried both with Firefox and it says it can't locate the servers.
either conficker won't let me navigate to either site or both sites are down. Get the screen that IE cannot display the webpage for both sites.
I am working on the virus check. Here is systemlook log:
SystemLook 04.09.10 by jpshortstuff
Log created at 11:45 on 18/11/2010 by John
Administrator - Elevation successful
========== reg...
peku,
sorry for taking so long to reply, I was out of the office. I got a little farther with combofix. Got the blue screen, got the 3 lines of text where it tells you it could take 10 minutes...
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
peku, here it is, thanks! Please advise.
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)...
peku,
here is the log.
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
peku,
Here is the report. The scan only took about 5 minutes. Let me know if it shows anything.
Thanks,
John
peku,
How come everytime I re-boot my computer and then run Malwarbytes it finds a copy of conficker in C:\windows\system32??????
I have been disconnected from our network since Friday.
Is...
peku,
For some reason, RSIT is not generating an info.txt file when I run it.
John
Logfile of random's system information tool 1.08 (written by random/random)
Run by John at 2010-11-15 13:47:14
Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (13%) free...
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6266834ed7e40346839d2e7695571ca7
# end=finished
#...
peku066,
I have about had it with this computer. Kaspersky won't run either. Get this error when trying to download the database:
The program is starting. Please wait...
Updates source is...
peku006,
I left my computer at work this weekend. I will run this first thing Monday morning. For fun, I ran Malwarebytes again and it found one instance of Conficker. Don't remember where, I...
forgot this I was able to get the newest version from kaspersky finally.
2010/11/12 14:51:49.0507 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/12...
ran it; no threats found.
John
I found 2.4.1.0 on Softpedia.com. I will use that.
peku006, can you navigate to
http://support.kaspersky.com/downloads/utils/tdsskiller.zip ?
kaspersky website must be down. I will try again later. anywhere else I can get it?
peku,
MB found 2 infections of conficker. Neither were in C:\System Volume Information. I had them removed, re-started the computer. Is it possible that I could keep getting re-infected with...
peku,
Thank you for your patience! I downloaded exactly as you instructed and tried to run it in both regular and safe mode. Same results as before; computer locks up after the disclaimer...
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-11 10:19:40
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 HTS541040G9SA00 rev.MB2OC60R
Running:...
peku,
Sorry to say but even in safe mode combofix locks up my computer. I even downloaded combofix again and ran it in safe mode and it still froze up.
I am really worried, I really prefer not...
peku,
sorry again, but my computer locks up tight every time I try to run combofix. I get to the disclaimer screen, click 'yes' and then no blue box, just nothing. Have to power off my computer....
Logfile of random's system information tool 1.08 (written by random/random)
Run by john at 2010-11-09 13:50:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (6%) free...
info.txt logfile of random's system information tool 1.08 2010-11-09 13:51:09
======Uninstall list======
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}...
peku,
Too much text to cut and paste so I made each into a pdf file that I have attached. Hope that works.
Thanks, again!
Peku,
thanks for your help. I am running XP. I have had new developments just today with my computer.
Everything I try to run locks up my hard drive I can't even open Task Manager. My only...
when I double click on dds.scr on my desktop this is part of what I get: Any suggestions?
MZ @ !L!This program cannot be run...
I know you do not work on corporate computers. This is my personal laptop that I use sometimes at work.
Could I keep getting infected from our network here at work?
Can someone help with a worm problem? I have attached two screen shots that I get from my McAffee when it detects this worm. Have tried combofix, sopho, kk; no success!
I am working through the updates; I had 78 critial updates! I had my automatic updates turned off. I also had Windows firewall turnied off, I have now turned them both back on. Will run Secunia...
Obviously, the malware didn't go away on it's own. It seems to be gone. Which step that we took would have fixed my problem? Combofix??? I would like to know your thoughts.
Thanks.
Attached is my Kaspersky log. No threats found. Any further steps you would like me to follow? Thanks.