I wouldn't know where to find a live technician on a sunday that wont tell me to reformat (more embarrassing: I used to work as a computer technician :-( and am usually the one helping people out...
Type: Posts; User: gotkwah; Keyword(s):
I wouldn't know where to find a live technician on a sunday that wont tell me to reformat (more embarrassing: I used to work as a computer technician :-( and am usually the one helping people out...
This is my personal computer but I use it A LOT and can't be without it.
Edit: http://forums.spybot.info/showthread.php?p=406683#post406683
I got infected with "Windows 7 Recovery". I tried following this guide but was not successful. I was able to use rkill and then...
My computer has been infected with "Windows 7 Recovery" and i need help to clean it up NOW.
I tried this and didnt get very far.
I know i can post in the forum for help, but I dont have the...
Thanks in advance!!
HJT log:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 2:26:39 AM, on 3/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00...
i already left the computer. it was not perfect, but in much better shape then when we started so...thank you.
i wish we could have finished it, but time did not allow.
Thanks again for all...
Will be leaving this computer for good in less than 12 hours, so this will probably be my last log post. Give me as much info as you can on what to do this time.
Also, the AOL spyware protection...
forgot the Malwarebytes log:
Malwarebytes' Anti-Malware 1.39
Database version: 2438
Windows 5.1.2600 Service Pack 3
7/16/2009 3:36:58 AM
mbam-log-2009-07-16 (03-36-58).txt
Scan type: Full...
Logs are attached and pasted below.
In the future, do you want logs attached or pasted in?
Thanks so much, I will be leaving the computer in less 24 hours and wont be back anymore, so the next...
Thank you!
Attached and posted. (wasnt sure what you wanted)
DDS (Ver_09-06-26.01) - NTFSx86
Run by Eli Kohananoo at 23:42:25.07 on Tue 07/14/2009
Internet Explorer: 8.0.6001.18702
...
I am vising relatives and of course they asked me to fix their computer while I am here. It was loaded with virus and malware, and I got most of it off, but there must be some left, because Windows...
i re-enabled tea timer while i was waiting for a response. i know it needs to be disabled once we start fixes.
here is the new log with it disabled:
Logfile of Trend Micro HijackThis v2.0.2
Scan...
This is my personal laptop which i use at my college, and we need to add the domain to access certain things within the school. this is not a school computer.
I have not done anything since...
I have a laptop that started getting many popups and fake virus wanings. I ran spybot and roguefix, cleaned a lot off (including several smitfrauds and virtumonde) but still have the popup issue....
Above is the new Kaspersky Log and here is the new HJT log. In Spybot there was one thing i didnt clean, it was called couponBar. I dont know if this is connected with coupon printing software that...
New Kaspersky Log
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, February 08, 2008 9:33:40 AM
Operating System:...
Thanks in advance for the help.
I ran Spybot in regular and safe-mode, the only thing i didnt remove was an entry called couponbar, because i have some coupon printer software from coupons.com...
i have these 3 files on c:\ that i think were created when i got infected.
delrb.bat
delrb.txt
delrb1.reg
im not sure what they are and i dont want to post the contents of the file here w/o...
everything seems to be fine
I ran an etrust scan at it came back clean.
Trend Micro again reported the SPYWARE_KEYL_ASTLOG (Tools.Nirsoft (PestPatrol)), but it wont give any details on the...
Finally managed to delete the damn folder, using killbox and a variety of other tricks...
here is a new HJT log, I will run a bunch of the other scans later tonight and post logs as well, i hope i...
It didn't delete the folder or its contents...
any other suggestions?
Combofix log:
ComboFix 07-07-30.2 - "Levi E. Afrah" 2007-08-02 18:33:54.2 [GMT -4:00] - NTFS
Microsoft Windows XP...
Yes, that is a file used to find the key to xp i know it is there...
also, is there any evidence of a keylogger other than the trendmicro log? because it could not point to a file that it claimed...
Here is my Kaspersky log.
As i aid before there are alot of firefox temp files/folders in that "New Folder", i tried to delete it in safe mode, and some deleted but some didnt, any other...
kaspersky log: (toom long to pot because i had a ton of the following:
C:\4ae3656fb8f67588ac3442\New Folder\NeroDemo11597\Cab\79320352.cab Object is locked skipped
The "new folder" is...
Smitfraudfix:
SmitFraudFix v2.207
Scan done at 17:34:52.01, Fri 07/27/2007
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix...
Here are the logs you requested.
At this time I do not see anything outwardly affecting the computer.
I ran Spybot S&D, Smitfraudfix and Roguefix in safe mode, Spybot and Roguefix were clean
...
My symantec Corp AV found the infection and cleaned it this morning. no more flashing icon...but...
i ran the TrendMicro online AV scan
the only thing that comes up is SPYWARE_KEYL_ASTLOG...
No infections found using the online etrust AV scan.
I have a flashing icon by my clock that keeps giving me messages saying i have spyware.
I also ran Roguefix2.43 and it cleaned whatever it...
here is a new HJT log:
online AV is almost done, will post then...
(Also, this is not the same comp as posted before)
Logfile of HijackThis v1.99.1
Scan saved at 4:37:10 PM, on 7/24/2007...
I let someone borrow my computer for 5 min and he managed to dl an fake syware alert message that appears in my tray, it also messed with IE by adding a toolbar and it makes ie display a dialog box...
here is the hijack this log.
I have run spybot a couple times already, but there is still stuff infecting it.
THANKS!!
Logfile of HijackThis v1.99.1
Scan saved at 02:01:38 PM, on...
Incident Status Location ...
steam
i wasnt able to find the pippdll.exe file anywhere.
im going to do another pandascan now, maybe you can help me with this though:
My fiance's brother installed IE7 on thier computer at...
Avg reported nothing found in safe mode... i did a complete system scan...
whats next?
"Stan" - 07-01-23 22:54:34 Service Pack 2
ComboFix 07-01-23.2 - Running from: "C:\Documents and Settings\Stan\Desktop"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions ...
hey,
sorry it has taken so long, the computer is my fiance's so i only have access to it when im at her place.
Anyway,
1) i could not find C:\WINDOWS\khltsvc.exe
i looked 3 times, and i...
Spybot found nothing in safe mode.
I started a scan using AVG, and left the house, when i got back someone had restarted the computer. so i will try again later...
here is the new HJT log
...
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Stan\Application Data\Business...
here is the panda scan log after i fixed the 4 things u mentioned in HJT
going now to run spybot in safemode....
Incident ...
I have run several anti spyware/adware programs in the last few days, yet symantec keeps showing me Trojan.Adclicker in C:\windows, the file is called pippdll.exe. It says it deletes it but it keeps...