Jump to content

Change Mode

Geiger

Members
  • Content Count

    132
  • Joined

  • Last visited

About Geiger

  • Rank
    Member
  • Birthday 07/09/1980

Contact Methods

  • AIM
    Geiger006
  • Website URL
    http://
  • ICQ
    0
  • Yahoo
    TheFockinPikey

Profile Information

  • Location
    Inver Grove Heights, MN

Previous Fields

  • Teams:
    Nothing Selected
  1. No worries. Thanks again for all the help.
  2. Thanks for the tips. I'll forward them to him when I give him his paperweight back.
  3. Nevermind, it looks like I was able to find the drivers on the internet. Didn't think I would be able to since it's an Insignia computer but they have them on there, and there's only one possible computer choice on the list so that has to be the one. Was just curious if I could get them off the machine in case he buys a new copy of windows and wouldn't be able to find them. Thanks again for all your help.
  4. Should I just treat it like a shunned amish person or can I possibly get the drivers safely off to do a fresh install? I'm dubious about backing up any of the files now.
  5. That's what I thought. At least I did what I could to try n fix it. And as it is an update to SP3 won't even run because of the services.exe error. If he had the restore disks I would have just reformatted from the start, but I wanted to make sure there was nothing I could do to clean it up. I'll give him the news, a bill, and an earful of how it could have been avoided if he kept it updated. And hey at least I can stop pulling my hair out over it. Thanks alot for your help, Juliet. I really appreciate the time and effort. Matt
  6. And finally the new HJT log. Looks like some of the checkmarked fixes didn't take... I should just shoot this computer with a shotgun. New HJT log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:58:48 PM, on 4/2/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\s
  7. KScan log: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Thursday, April 2, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 1 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, April 03, 2009 01:08:00 Records in database: 2002414 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Compu
  8. New ComboFix log: ComboFix 09-04-01.01 - Kevin Hautala 2009-04-02 17:55:19.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.503.305 [GMT -6:00] Running from: c:\documents and settings\Kevin Hautala\Desktop\Combo-Fix.exe Command switches used :: c:\documents and settings\Kevin Hautala\Desktop\CFScript.txt * Created a new restore point FILE :: c:\windows\system32\drivers\f199502e.sys c:\windows\system32\drivers\tro1352.sys c:\windows\system32\eppgepp.dll c:\windows\system32\tejk.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))
  9. svchost.exe results Antivirus Version Last Update Result a-squared 4.0.0.101 2009.04.02 Trojan.Win32.Patched!IK AhnLab-V3 5.0.0.2 2009.04.02 Win32/Liger AntiVir 7.9.0.129 2009.04.02 HEUR/Malware Antiy-AVL 2.0.3.1 2009.04.02 - Authentium 5.1.2.4 2009.04.03 W32/Patched.D.gen!Eldorado Avast 4.8.1335.0 2009.04.02 Win32:Patched-CK AVG 8.5.0.285 2009.04.02 Win32/PEPatch.AO BitDefender 7.2 2009.04.03 Trojan.Patched.U CAT-QuickHeal 10.00 2009.04.01 Trojan.Patched.AA ClamAV 0.94.1 2009.04.02 Trojan.Agent-5069 Comodo 1096 2009.04.02 - DrWeb 4.44.0.09170 2009.04.03 Trojan.S
  10. Services.exe results Antivirus Version Last Update Result a-squared 4.0.0.101 2009.04.02 Virus.Win32.Virut.q!IK AhnLab-V3 5.0.0.2 2009.04.02 Win32/Liger AntiVir 7.9.0.129 2009.04.02 HEUR/Malware Antiy-AVL 2.0.3.1 2009.04.02 - Authentium 5.1.2.4 2009.04.03 W32/Patched.D.gen!Eldorado Avast 4.8.1335.0 2009.04.02 Win32:Patched-CK AVG 8.5.0.285 2009.04.02 Win32/PEPatch.AO BitDefender 7.2 2009.04.03 Trojan.Patched.U CAT-QuickHeal 10.00 2009.04.01 Trojan.Patched.AA ClamAV 0.94.1 2009.04.02 Trojan.Agent-5069 Comodo 1096 2009.04.02 - DrWeb 4.44.0.09170 2009.04.03 Trojan.S
  11. Winlogon.exe results Antivirus Version Last Update Result a-squared 4.0.0.101 2009.04.02 Trojan.Win32.Patched!IK AhnLab-V3 5.0.0.2 2009.04.02 Win32/Liger AntiVir 7.9.0.129 2009.04.02 TR/Patched.AA.130 Antiy-AVL 2.0.3.1 2009.04.02 - Authentium 5.1.2.4 2009.04.02 W32/Patched.D.gen!Eldorado Avast 4.8.1335.0 2009.04.02 Win32:Patched-CK AVG 8.5.0.285 2009.04.02 Win32/PEPatch.AO BitDefender 7.2 2009.04.03 Trojan.Patched.U CAT-QuickHeal 10.00 2009.04.01 Trojan.Patched.AA ClamAV 0.94.1 2009.04.02 Trojan.Agent-5069 Comodo 1096 2009.04.02 - DrWeb 4.44.0.09170 2009.04.03 Tr
  12. Alright, this is gonna be long so I'm going to include one report in each reply. I got the VirusTotal to work. Gonna start with those results first... lsass.exe results: Antivirus Version Last Update Result a-squared 4.0.0.101 2009.04.02 Trojan.Win32.Patched!IK AhnLab-V3 5.0.0.2 2009.04.02 Win32/Liger AntiVir 7.9.0.129 2009.04.02 - Antiy-AVL 2.0.3.1 2009.04.02 - Authentium 5.1.2.4 2009.04.02 W32/Patched.D.gen!Eldorado Avast 4.8.1335.0 2009.04.02 Win32:Patched-CK AVG 8.5.0.285 2009.04.02 Win32/PEPatch.AO BitDefender 7.2 2009.04.03 Trojan.Patched.U CAT-QuickHeal 10
  13. Yeah I kinda figured it could have been busy with the Conficker nonsense yesterday. I'll give it another try tonight and I'll try the new sites if it looks like it's not going to work again. I told my friend to start digging for his recovery disks if he has them. I don't think he does though.
  14. I gave scanning those individual files a go last night and it didn't seem to do anything. I let it sit for over an hour with the "Uploading File" window and it didn't do anything. I tried it in Safe Mode as well with the same effect. Will probably try the email client out tonight when I get home as I'm at work at the moment. Hopefully we can get this dang thing running properly! Thanks for the help by the way, I appreciate it.
  15. Wicked, thanks for the response. I had downloaded combofix before but didn't realize I needed to rename it. Stupid smart viruses and their stupid smart programming... Here's the combofix log (some stuff on there doesn't look too good I think)... ComboFix 09-04-01.01 - Kevin Hautala 2009-04-01 18:58:10.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.503.253 [GMT -6:00] Running from: c:\documents and settings\Kevin Hautala\Desktop\Combo-Fix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))
×
×
  • Create New...