Jump to content

WillM

Members
  • Content Count

    15
  • Joined

  • Last visited

About WillM

  • Rank
    Member

Previous Fields

  • System Specifications:
    Acer 5630 laptop, Vista HP & Fedora 7, Intel C2D T5500 1.66GHz, 2GB DDR2, 200GB HD, DVDRW-DL
  1. The other times I ran RSIT I was disconnected from the Internet, so it wasn't able to download and run HJT. And no, I'm not having anymore malware problems. Logfile of random's system information tool 1.04 (written by random/random) Run by Owner at 2008-11-16 19:01:37 Microsoft® Windows Vista™ Home Premium System drive C: has 45 GB (64%) free of 71 GB Total RAM: 2038 MB (54% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:01:48 PM, on 11/16/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16757) Boot mode: Normal Runn
  2. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:00:23 PM, on 11/16/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16757) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\COMODO\Firewa
  3. ComboFix 08-11-13.02 - Owner 2008-11-15 17:02:16.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1348 [GMT -8:00] Running from: c:\users\Owner\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\x64 . ((((((((((((((((((((((((( Files Created from 2008-10-16 to 2008-11-16 ))))))))))))))))))))))))))))))) . 2008-11-15 00:14 . 2008-11-15 00:14 <DIR> d-------- c:\users\Owner\AppData\Roaming\Malwarebytes 2008-11-15 00:14 . 2008-11-15 00:
  4. Logfile of random's system information tool 1.04 (written by random/random) Run by Owner at 2008-11-15 17:12:12 Microsoft® Windows Vista™ Home Premium System drive C: has 45 GB (64%) free of 71 GB Total RAM: 2038 MB (59% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curren
  5. Seems to be running normal now... Malwarebytes' Anti-Malware 1.30 Database version: 1399 Windows 6.0.6000 11/15/2008 00:29:19 mbam-log-2008-11-15 (00-29-19).txt Scan type: Quick Scan Objects scanned: 50028 Time elapsed: 4 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 11 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected)
  6. Renamed the old file and copied the new file as instructed but still no successful boot. This is the new error message I received:
  7. Sent the Qoobox folder and the COMCTL32.dll file. I couldn't find C:\QooBox\ComboFix-quarantined-files.txt though. Is the file path correct?
  8. Tried both by booting off the Vista disc and by using the recovery partition that came with the computer. With both methods Startup Repair reported no errors found. The sfc /scannow command didn't work for either method--via the Vista DVD I get the line "Windows Resource Protection could not perform the requested operation," and every time I tried the command in the recovery partition I get "There is a system repair pending which requires reboot to complete. Restart Windows and run sfc again".
  9. When I tried to boot normally, I got this error message:
  10. I just sent them both, one by one (after trying to send them both in one attachment, it notified me that delivery failed).
  11. There is no ...\erdnt\subs\ folder and there are no system and software files in ...\Hiv-backup However, in ...\System32\Config, system is 21.5MB and software is 34.5MB
  12. Logfile of random's system information tool 1.04 (written by random/random) Run by Owner at 2008-11-12 09:20:26 Microsoft® Windows Vista™ Home Premium System drive C: has 46 GB (65%) free of 71 GB Total RAM: 2038 MB (66% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MA
  13. Microsoft ® Windows ® Version 6.0 (Build 6000) 11 12 2008 09:07:50.375 Loaded driver \SystemRoot\system32\ntkrnlpa.exe Loaded driver \SystemRoot\system32\hal.dll Loaded driver \SystemRoot\system32\kdcom.dll Loaded driver \SystemRoot\system32\mcupdate_GenuineIntel.dll Loaded driver \SystemRoot\system32\PSHED.dll Loaded driver \SystemRoot\system32\BOOTVID.dll Loaded driver \SystemRoot\system32\CLFS.SYS Loaded driver \SystemRoot\system32\CI.dll Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
  14. Something has taken over my laptop and browser that is blocking access to several computer security/virusscan websites and redirecting me to bogus "antispyware" sites after clicking links in google searches. Right now I'm using my girlfriend's PC and a flash drive to get info, cleaning tools, etc. This started happening on Sunday after NOD32 caught and "quarantined" something called "Win32/Adware.UltimateDefender." A later NOD32 scan came up with nothing bad, but the problems didn't stop. I scanned with GMER and it notified me of TDSServ infection I would greatly appreciate any help as I
×
×
  • Create New...