Search:

Hi pskelly,

I followed all of your instructions. I was not able to find the file with the _old ending (don't remember what it is called). Anyhow, I was successful in following all the rest of your...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:23 AM, on 4/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...

AntiVir PersonalEdition Classic
Report file date: Sunday, April 13, 2008 12:03

Scanning for 1198942 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition...

Result of reboot and rescan of S&D today.

DoubleClick tracking cookie
FastClick tracking cookie
HitBox tracking cookie
HitsLink tracking cookie
MediaPlex tracking cookie...

Hi pskelly,

I reenabled teatimer and also changed my firewall from Norton to on-line armour. I changed my AV program from Norton to Avira. Also I added spyware guard and spyware blaster.

The...

Hi pskelly,

I updated to use the same version and date as the one you mention. How do I determine if it is a false positive?

Should I reenable teatimer?

My Norton Antivirus is again turned...

Hi,

I just ran a S&D search and it has detected smitfraud.c and microsoft.windowsSecurityCenter_disabled.

:mad:

Hi pskelley,

I have followed your instructions. Does this mean I am clean now?!?

Thanks,
Gary

KASPERSKY ONLINE SCANNER REPORT
Saturday, April 12, 2008 2:09:31 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0...

How do I uninstall combofix, do I just delete it and the quarantine folder? Also delete from recycle bin?

I have installed the recovery console.

I read on another thread that the reason there are so many malware programs and viruses is that the people that write them make money from this. Who pays...

ComboFix 08-04-11.5 - Gary 2008-04-12 12:30:48.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.584 [GMT -4:00]
Running from: C:\Documents and...

Hi, I noticed the troublesome file was removed by the combifix so thinking that things were fixed I ran a S&D scan and it found none of the previous problems but 3 tracking cookies which I had it fix...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:18 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...

Hi,

I was able to upload the file.

Here is the combofix text.

ComboFix 08-04-11.5 - Gary 2008-04-11 20:14:53.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.534...

Hi,

I tried to upload the file but couldn't. It told me to turn off the anti-virus on my computer and retry. Does this sound right to you? In any event I do not have rights on my work computer to...

Hi,

I noticed the log file contains two versions of vundofix, 7.0.0 and 7.0.3.

I actually found a version of 7.0.0 in a different folder which I didn't delete previously. I don't know if that...

VundoFix V7.0.3

Scan started at 3:03:18 AM 4/10/2008

Listing files found while scanning....


VundoFix V7.0.0

Scan started at 3:17:17 AM 4/10/2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:05 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...

Vundofix didn't work. What do you want me to do and what information do you need from me?

Hi,

I have added the file and Vundofix said it could not delete it so it initiated a reboot and retry and after retry it still cannot delete it.

The HJT is in my last post above. It is the most recent.


VundoFix V7.0.3

Scan started at 3:03:18 AM 4/10/2008

Listing files found while scanning....

Hi,

Vundofix detected nothing detected.

New HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:47:13 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...

Hi,

I tried Vundofix prior to requesting help from you guys and from what I recall, it took a long time (~1hr) to scan and it found nothing. If it doesn't find anything do you still want a new HJT...

Hi, I think it was an issue with my flash drive.
How long are you available to help me today and do you help on Saturdays and Sundays?
After a clean reboot here is the HJT log.

Logfile of Trend...

The message was the typical program not responding box you get when you try to close the computer down with a non-responsive program. The program that was not responding was spelt exactly as...

Hi,

Here is the result of the scan from last night. From this result I attempted to manually delete the affected files.

I deleted the Smitfraud folder since these aren't needed anymore
I was...

Hi,

The delete of the geBUUILE did not work. It comes up with the error that it is being used by another person or program.

Fix selected:
O4 - HKCU\..\Run: [sycjcuyz] C:\WINDOWS\system32\fodivmlq.exe
Result: Did not appear in my new HJT scan.

Delete this file:
C:\WINDOWS\system32\fodivmlq.exe <<< delete that file...

Hi,

The 404 thing did not reaapear. I was able to run a kapersky scan last night (it took 3 hrs). It found 4 infected files. I saved a log. Currently I am using my work computer to post but I have...

I tried cleaning with S&D. Originally had 35 problems, afterwards left with 6 problems. Cleaning with S&D says it removes them but on reboot they are back. Tea timer is constantly popping up making...

Hi,

I am not sure what happened but maybe not protected well enough. My spbot originally picked up 35 problems but after fixing the problems I am left with Virtumonde.dll, Virtumonde, and a couple...