Jump to content

Change Mode

buckskinpass

Members
  • Content Count

    30
  • Joined

  • Last visited

Everything posted by buckskinpass

  1. TomK you’re awesome, a last thank you for taking the time to help not only me but so many others, you rock! All tools have been removed and I'll checkout the suggested links.
  2. Heres the new log. ComboFix 12-08-05.02 - Owner 08/05/2012 10:17:35.4.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2314 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-05 to 2012-08-05 )))))))))))
  3. Sorry, I didn't even think about that. Here it is with corrections made. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 04-08-2012 01 Ran by SYSTEM at 2012-08-05 05:24:51 Run:2 Running from H: ============================================== C:WindowsInstaller{b70132f5-c7d4-9ab7-8031-f216dba3380c} moved successfully. C:UsersOwnerAppDataLocal{b70132f5-c7d4-9ab7-8031-f216dba3380c} moved successfully. C:WindowsassemblyGAC_32Desktop.ini moved successfully. C:WindowsassemblyGAC_64Desktop.ini moved successfully. c:windowssystem32services.exe moved successfull
  4. well, here it is hope this worked. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 04-08-2012 01 Ran by SYSTEM at 2012-08-04 21:55:33 Run:1 Running from H: ============================================== C:WindowsInstaller{b70132f5-c7d4-9ab7-8031-f216dba3380c}C:UsersOwnerAppDataLocal{b70132f5-c7d4-9ab7-8031-f216dba3380c}C:WindowsassemblyGAC_32Desktop.iniC:WindowsassemblyGAC_64Desktop.iniReplace: c:windowswinsxsamd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8cservices.exe c:windowssystem32services.exe not found
  5. OK heres this log and thanks again for all the time and expertise Scan result of Farbar Recovery Scan Tool Version: 04-08-2012 01 Ran by SYSTEM at 04-08-2012 19:34:05 Running from H: Windows Vista Ultimate (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM...Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11860072 2011-06-08] (Realtek Semiconductor) HKLM-x32...Run: [JMB36X IDE Setup] C:WindowsRaidToolxInsIDE.exe [43608 2010-09-07] () HKLM-x32...Run: [Copperhead] "C:Pr
  6. TDSKiller ran and heres the log. I never got the three optiions for any malicious objects. 15:49:00.0572 3352 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 15:49:01.0056 3352 ============================================================ 15:49:01.0056 3352 Current date / time: 2012/08/04 15:49:01.0056 15:49:01.0056 3352 SystemInfo: 15:49:01.0056 3352 15:49:01.0056 3352 OS Version: 6.0.6002 ServicePack: 2.0 15:49:01.0056 3352 Product type: Workstation 15:49:01.0056 3352 ComputerName: OWNER-PC 15:49:01.0056 3352 UserName: Owner 15:49:01.0056 3352 Windows di
  7. Here it is, got my fingers crossed. ComboFix 12-08-04.02 - Owner 08/04/2012 4:56.3.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2412 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((
  8. Ok heres the log. Combofix still reports Norton360 being on and i've done everything I can to shut it down. ComboFix 12-08-04.02 - Owner 08/03/2012 21:59:47.2.4 - x64 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.2052 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe Command switches used :: c:usersOwnerDesktopCFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *D
  9. I just wanted to let you know, since running combofix i've not had a virus alert from norton360. Things seem to be back to normal
  10. Here is the combofix log w/o networking ComboFix 12-07-31.05 - Owner 08/03/2012 13:13:59.1.4 - x64 MINIMAL Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.3410 [GMT -6:00] Running from: c:usersOwnerDesktopComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((
  11. well I did the scan in safe mode, I didn't realize till after it had finished that you wanted safe w/networking. Something else that got my attention, before entering safe mode I disabled norton 360 but combofix showed a dialog that said it was still running, a little puzzling. Also, during the scan combofix said that a sys file was infected and it attempted to repair, I think it was windows win32 services.exe. Let me know if I need the networking option.
  12. Hi Tomk thanks for the help. After double clicking Combofix, it seemed to start doing somthing, then its progress bar got stuck about halfway through the next thing was for it to just disappear like it had been shut off. There is no combofix.txt in the c: directory.
  13. Hello I seem to be infected with these two virus and cant get rid of either. I do have Norton 360 running whenever the computer is on. If I run a scan it finds both the virus and says the problem is resolved only to find that they return almost as soon as the scan is finished. Any help would be greatly appreciated. Thanks for taking a look . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Owner at 20:37:52 on 2012-08-02 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4087.1904 [GMT -6:00] . A
  14. Just wanted to say, nice job on the front page.
  15. Thanks Dave, that’s just what I needed. You guys are just awesome.
  16. Most of the leftovers were part of Symantec Live Update, I was able to uninstall that using add and remove. Funny how it all installs in 1 process and how it takes 2 or 3 steps to uninstall everything. There were 2 services that wouldn’t uninstall, Symantec core and Symantec lic net connect. For the time being I just disabled them. It is fishy why they aren’t included in the in the uninstall processes.
  17. Parts of the program are showing up but not all. No antivirus or spyware which are in the same module. http://www.pcpitstop.com/techexpress.asp?id=GRCNSWPLF4GSEKUG
  18. In my own feeble mind, I was thinking along those lines... I decided to install the 32 bit version on my 32 bit XP partition and ran a test, surprisingly it doesn't show up either. I'll post a tech link once I reboot into XP.
  19. Here you go. http://www.pcpitstop.com/techexpress.asp?id=HPV8TWPLF4GS8MRG Man I hope I did that right!
  20. It also comes down to the default amount of drive space used for restore points in a vista machine, which is 15% of the total drive. Just think if you had a full tarabyte hard drive. I should also say that there is no real easy way for the average user to lower that amount, like in XP. I guess you could open a command line to change it...if you were so inclined.
  21. I tried that. The Problem is, it doesen't show up on the list as even running.
  22. I've run the online test and it reports that I don't have any antivirus Installed on my computer. I do have (Trend Micro Internet Security 2008) installed and running, Its a suite that has an antivirus module. Just an FYI.
×
×
  • Create New...