Jump to content

Steve

Members
  • Content Count

    187
  • Joined

  • Last visited

About Steve

  • Rank
    Member

Previous Fields

  • System Specifications:
    hp p4 1.6 512 ram
  1. Sorry so long getting back. First it's a no on Jacee's bank site. I ran a scan with Super antispyware and Malwarebytes - found nothing. I went to Kaspersky and virus scanner is down so I ran just the file through the scanner and it said it was clean. So I guess it was a false Positive. Thanks.
  2. Yes TX, I just upgraded to avg 2011 and it was the first scan I ran. Little concerned when I saw "Potentially dangerous object". Is it just a false positive--no concern file? Thanks Again Steve
  3. "";"C:\Windows\SMINST\xerces-depdom_2_7.dll";"Corrupted executable file";"Potentially dangerous object" What is this and what should I do? Thanks Steve
  4. Thanks again. You've been a huge help.
  5. The computer is doing pretty good now. Thanks for all of your help in cleaning up all the infections. Here is the latest hijack this log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:03:28 PM, on 10/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Pr
  6. Any idea why I can't install Adobe Reader on this machine? Here is the log of the error message I got: ----------------- Adobe has detected a corrupt file (checksum error). The program has been closed without installing. Info ID: 6800.338.14.2.20024 Please send the Info ID to http://www.adobe.com/misc/bugreport.html
  7. New Hijack This Log for 10-10-09: ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:43:10 PM, on 10/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\Appl
  8. User accounts are fixed. I had to change the settings to Automatically detect LAN settings. I ran the Panda ActiveScan and the log is below. It said it disinfected one file (Rootkit....) ----------------------------------------- ;*********************************************************************************************************************************************************************************** ANALYSIS: 2009-10-10 16:41:24 PROTECTIONS: 1 MALWARE: 15 SUSPECTS: 0 ;*********************************************************************************************
  9. I am posting the CF log again but I think it is the same as before. As far as I know, I only opened it in Notepad, Selected All, and copied. If I moved something, I was not aware of it. But here it is again. Should I continue with the instructions you gave me before using Inherit and Panda ActiveScan? ----------------- vation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0
  10. I was able to do the first part of your last instructions and I'm attaching the combofix log but I was not able to download the Kaspersky Online Scanner because of the neighbor's satellite broadband connection. We downloaded for over 2 hours and the database was still only about 50% downloaded so we stopped. Is there something else I can use instead? Some of the user accounts still cannot use IE, Firefox, and Safari. One account is OK it seems. I wonder if we should delete the other 4 accounts? Three of them are not used very often anyway since they were for her teenagers who now ha
  11. Juliet, Thank you for your continued help. Steve
  12. Hijack This Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:23:56 PM, on 9/26/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\
  13. Combo-Fix Log: ComboFix 09-09-25.01 - Emily 09/26/2009 21:57.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.143 [GMT -4:00] Running from: E:\Combo-Fix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Janice\My Documents\ZbThumbnail.info c:\windows\kb913800.exe c:\windows\Microsoft.NET\wcvms.bak1 c:\windows\system32\bszip.dll c:\windows\system32\cd
  14. Last but not least... As I mentioned, there are 5 user accounts on this Win XP machine. There are 3 browsers installed: IE, Firefox, and Safari. There is only 1 account where all 3 browsers work. For the other 4 accounts, the user might be able to use IE but not Firefox or Safari or might be able to use Safari and IE but not Firefox, etc. There are actually 5 different combinations of what works/doesn't work. None are the same. If this is related, could you help me fix this as well? The Internet connection is satellite.
  15. The new log for HijackThis is below: --------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:14:08 PM, on 9/20/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
×
×
  • Create New...