Jump to content

Change Mode

buckskinpass

Members
  • Content Count

    30
  • Joined

  • Last visited

About buckskinpass

  • Rank
    Member
  • Birthday 12/20/1957

Contact Methods

  • Website URL
    http://

Profile Information

  • Location
    Colorado Springs
  • Interests
    Computers<br />Computer games

Previous Fields

  • System Specifications:
    Pentium 4 EE Gallatin core 800FSB 3.2gig Gigabyte 81PE1000 Pro/ Intel 965 Chipset Aspire 500 watt power supply 2.5 gig PC3200 DDR CAS 2.5-3-3-6 timings Sound Blaster Audigy Platnum Maxtor 80 gig 7200 RPM SATA 8meg cache Maxtor 100 gig 7200 RPM SATA 8meg cache Pioneer DVD rom Liteonit 48-24-48 CD R/RW EVGA 6800 GT AGP 256 DDR3 Artic Cooling NV5 silencer Fan/sink Samsung 960 bf 19" LCD 4ms g to g
  • Teams:
    Nothing Selected
  1. TomK you’re awesome, a last thank you for taking the time to help not only me but so many others, you rock! All tools have been removed and I'll checkout the suggested links.
  2. Heres the new log. ComboFix 12-08-05.02 - Owner 08/05/2012 10:17:35.4.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2314 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-05 to 2012-08-05 )))))))))))
  3. Sorry, I didn't even think about that. Here it is with corrections made. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 04-08-2012 01 Ran by SYSTEM at 2012-08-05 05:24:51 Run:2 Running from H: ============================================== C:WindowsInstaller{b70132f5-c7d4-9ab7-8031-f216dba3380c} moved successfully. C:UsersOwnerAppDataLocal{b70132f5-c7d4-9ab7-8031-f216dba3380c} moved successfully. C:WindowsassemblyGAC_32Desktop.ini moved successfully. C:WindowsassemblyGAC_64Desktop.ini moved successfully. c:windowssystem32services.exe moved successfull
  4. well, here it is hope this worked. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 04-08-2012 01 Ran by SYSTEM at 2012-08-04 21:55:33 Run:1 Running from H: ============================================== C:WindowsInstaller{b70132f5-c7d4-9ab7-8031-f216dba3380c}C:UsersOwnerAppDataLocal{b70132f5-c7d4-9ab7-8031-f216dba3380c}C:WindowsassemblyGAC_32Desktop.iniC:WindowsassemblyGAC_64Desktop.iniReplace: c:windowswinsxsamd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8cservices.exe c:windowssystem32services.exe not found
  5. OK heres this log and thanks again for all the time and expertise Scan result of Farbar Recovery Scan Tool Version: 04-08-2012 01 Ran by SYSTEM at 04-08-2012 19:34:05 Running from H: Windows Vista Ultimate (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM...Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11860072 2011-06-08] (Realtek Semiconductor) HKLM-x32...Run: [JMB36X IDE Setup] C:WindowsRaidToolxInsIDE.exe [43608 2010-09-07] () HKLM-x32...Run: [Copperhead] "C:Pr
  6. TDSKiller ran and heres the log. I never got the three optiions for any malicious objects. 15:49:00.0572 3352 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 15:49:01.0056 3352 ============================================================ 15:49:01.0056 3352 Current date / time: 2012/08/04 15:49:01.0056 15:49:01.0056 3352 SystemInfo: 15:49:01.0056 3352 15:49:01.0056 3352 OS Version: 6.0.6002 ServicePack: 2.0 15:49:01.0056 3352 Product type: Workstation 15:49:01.0056 3352 ComputerName: OWNER-PC 15:49:01.0056 3352 UserName: Owner 15:49:01.0056 3352 Windows di
  7. Here it is, got my fingers crossed. ComboFix 12-08-04.02 - Owner 08/04/2012 4:56.3.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2412 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((
  8. Ok heres the log. Combofix still reports Norton360 being on and i've done everything I can to shut it down. ComboFix 12-08-04.02 - Owner 08/03/2012 21:59:47.2.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2052 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *D
  9. I just wanted to let you know, since running combofix i've not had a virus alert from norton360. Things seem to be back to normal
  10. Here is the combofix log w/o networking ComboFix 12-07-31.05 - Owner 08/03/2012 13:13:59.1.4 - x64 MINIMAL Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.3410 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((
  11. well I did the scan in safe mode, I didn't realize till after it had finished that you wanted safe w/networking. Something else that got my attention, before entering safe mode I disabled norton 360 but combofix showed a dialog that said it was still running, a little puzzling. Also, during the scan combofix said that a sys file was infected and it attempted to repair, I think it was windows win32 services.exe. Let me know if I need the networking option.
  12. Hi Tomk thanks for the help. After double clicking Combofix, it seemed to start doing somthing, then its progress bar got stuck about halfway through the next thing was for it to just disappear like it had been shut off. There is no combofix.txt in the c: directory.
  13. Hello I seem to be infected with these two virus and cant get rid of either. I do have Norton 360 running whenever the computer is on. If I run a scan it finds both the virus and says the problem is resolved only to find that they return almost as soon as the scan is finished. Any help would be greatly appreciated. Thanks for taking a look . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Owner at 20:37:52 on 2012-08-02 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.1904 [GMT -6:00] . A
  14. Just wanted to say, nice job on the front page.
  15. Thanks Dave, that’s just what I needed. You guys are just awesome.
×
×
  • Create New...