Hi pskelly,
I followed all of your instructions. I was not able to find the file with the _old ending (don't remember what it is called). Anyhow, I was successful in following all the rest of your...
Type: Posts; User: Garyrunningdude; Keyword(s):
Hi pskelly,
I followed all of your instructions. I was not able to find the file with the _old ending (don't remember what it is called). Anyhow, I was successful in following all the rest of your...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:23 AM, on 4/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...
AntiVir PersonalEdition Classic
Report file date: Sunday, April 13, 2008 12:03
Scanning for 1198942 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition...
Result of reboot and rescan of S&D today.
DoubleClick tracking cookie
FastClick tracking cookie
HitBox tracking cookie
HitsLink tracking cookie
MediaPlex tracking cookie...
Hi pskelly,
I reenabled teatimer and also changed my firewall from Norton to on-line armour. I changed my AV program from Norton to Avira. Also I added spyware guard and spyware blaster.
The...
Hi pskelly,
I updated to use the same version and date as the one you mention. How do I determine if it is a false positive?
Should I reenable teatimer?
My Norton Antivirus is again turned...
Hi,
I just ran a S&D search and it has detected smitfraud.c and microsoft.windowsSecurityCenter_disabled.
:mad:
Hi pskelley,
I have followed your instructions. Does this mean I am clean now?!?
Thanks,
Gary
KASPERSKY ONLINE SCANNER REPORT
Saturday, April 12, 2008 2:09:31 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0...
How do I uninstall combofix, do I just delete it and the quarantine folder? Also delete from recycle bin?
I have installed the recovery console.
I read on another thread that the reason there are so many malware programs and viruses is that the people that write them make money from this. Who pays...
ComboFix 08-04-11.5 - Gary 2008-04-12 12:30:48.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.584 [GMT -4:00]
Running from: C:\Documents and...
Hi, I noticed the troublesome file was removed by the combifix so thinking that things were fixed I ran a S&D scan and it found none of the previous problems but 3 tracking cookies which I had it fix...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:18 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...
Hi,
I was able to upload the file.
Here is the combofix text.
ComboFix 08-04-11.5 - Gary 2008-04-11 20:14:53.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.534...
Hi,
I tried to upload the file but couldn't. It told me to turn off the anti-virus on my computer and retry. Does this sound right to you? In any event I do not have rights on my work computer to...
Hi,
I noticed the log file contains two versions of vundofix, 7.0.0 and 7.0.3.
I actually found a version of 7.0.0 in a different folder which I didn't delete previously. I don't know if that...
VundoFix V7.0.3
Scan started at 3:03:18 AM 4/10/2008
Listing files found while scanning....
VundoFix V7.0.0
Scan started at 3:17:17 AM 4/10/2008
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:05 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
...
Vundofix didn't work. What do you want me to do and what information do you need from me?
Hi,
I have added the file and Vundofix said it could not delete it so it initiated a reboot and retry and after retry it still cannot delete it.
The HJT is in my last post above. It is the most recent.
VundoFix V7.0.3
Scan started at 3:03:18 AM 4/10/2008
Listing files found while scanning....
Hi,
Vundofix detected nothing detected.
New HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:47:13 PM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:...
Hi,
I tried Vundofix prior to requesting help from you guys and from what I recall, it took a long time (~1hr) to scan and it found nothing. If it doesn't find anything do you still want a new HJT...
Hi, I think it was an issue with my flash drive.
How long are you available to help me today and do you help on Saturdays and Sundays?
After a clean reboot here is the HJT log.
Logfile of Trend...
The message was the typical program not responding box you get when you try to close the computer down with a non-responsive program. The program that was not responding was spelt exactly as...
Hi,
Here is the result of the scan from last night. From this result I attempted to manually delete the affected files.
I deleted the Smitfraud folder since these aren't needed anymore
I was...
Hi,
The delete of the geBUUILE did not work. It comes up with the error that it is being used by another person or program.
Fix selected:
O4 - HKCU\..\Run: [sycjcuyz] C:\WINDOWS\system32\fodivmlq.exe
Result: Did not appear in my new HJT scan.
Delete this file:
C:\WINDOWS\system32\fodivmlq.exe <<< delete that file...
Hi,
The 404 thing did not reaapear. I was able to run a kapersky scan last night (it took 3 hrs). It found 4 infected files. I saved a log. Currently I am using my work computer to post but I have...
I tried cleaning with S&D. Originally had 35 problems, afterwards left with 6 problems. Cleaning with S&D says it removes them but on reboot they are back. Tea timer is constantly popping up making...
Hi,
I am not sure what happened but maybe not protected well enough. My spbot originally picked up 35 problems but after fixing the problems I am left with Virtumonde.dll, Virtumonde, and a couple...