Jump to content

Change Mode

dvsguy

Members
  • Content Count

    32
  • Joined

  • Last visited

About dvsguy

  • Rank
    Member

Profile Information

  • Gender
    Male
  • Location
    new zealand

Previous Fields

  • System Specifications:
    pentium 4,2.8 ghz,1 gb ram,windows xp sp3,pioneer dvd writer,80 gig HD
  • Teams:
    Nothing Selected
  1. hi,here is combofix log,i now have this Control Center malware??i cant get rid of now too ComboFix 10-02-09.01 - Administrator 02/10/2010 10:12:37.1.2 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.529 [GMT 13:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Adm
  2. Need help,symantec detected a trojan dropper other day which was deleted now when im on mozilla or internet explorer browser redirects to shesearch.com or monster marketplace.com also broadband is running slower? and cant download anything,have run malwarebytes and posted log of after i ran it and also hijack log,any help much appreciated,thanks Malwarebytes' Anti-Malware 1.44 Database version: 3654 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 1/29/2010 11:24:54 AM mbam-log-2010-01-29 (11-24-54).txt Scan type: Quick Scan Objects scanned: 115715 Time elapse
  3. Ok well doesnt sound good,symantec rekons it has deleted the virus and another scan has come up clean??the symantec website rekons has a removal tool but i cannot boot my comp in safe mode??dont really wanna do a reinstall but seems the only way to be sure? thanks
  4. Have recently done a symantec complete scan an was told i had the W32.Virut.CF virus,these items were quarentined an deleted but i wanted to use the symantec removal tool as reading the virus report sounds like quite a nasty virus but i cannot reboot in safe mode,if i try the cursor keys dont work any help please??? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:51:43 a.m., on 13/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon
  5. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:07:24 a.m., on 4/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common
  6. Hello again,Here is a log of OTMoveIt3 amd hijackthis after i performed the operation,thanks again for your help,computer seems to be a lot better,i take it it was a mess??? ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\Documents and Settings\All Users\Application Data\SecTaskMan\d3dx10_3432.dll.q_Quarantine_8043002_q moved successfully. C:\Documents and Settings\All Users\Application Data\SecTaskMan\d3dx10_3432.dll.q_Quarantine_8043002_q.old moved successfully. ========== COMMANDS ========== User's Temp folde
  7. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:42:38 p.m., on 3/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common F
  8. Kasperspy log Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ Scan statistics: Files scanned: 62974 Threat name: 2 Infected objects: 11 Suspicious objects: 0 Duration of the scan: 01:49:26 File name / Threat name / Threats count C:\Documents and Settings\All Users\Application Data\SecTaskMan\d3dx10_3432.dll.q_Quarantine_8043002_q Infected: P2P-Worm.Win32.Nugg.bc 1 C:\Documents and Settings\All Users\Application Data\SecTaskMan\d3dx10_3432.dl
  9. Ok i have done everything you said and here are the logs combofix kscan hijack this thanks ComboFix 09-06-01.03 - Scott 03/06/2009 16:32.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.519 [GMT 12:00] Running from: c:\documents and settings\Scott\Desktop\combo-fix.exe Command switches used :: c:\documents and settings\Scott\Desktop\CFScript.txt AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FILE :: "c:\windows\system32\iunvdsyufgo.dll" . (((((((((((((((((((((((((((((((((
  10. Here is the combo-fix log ComboFix 09-06-01.03 - Scott 03/06/2009 11:23.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.521 [GMT 12:00] Running from: c:\documents and settings\Scott\Desktop\PleaseDontEatme.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administr
  11. HI and thanks, Here is the new logs as requested,thanks for your help Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:59:56 a.m., on 3/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Progr
  12. Recently after my children being on my computer it started playing up,Internet explorer freezes and mucks around,gets new windows opening which are spyware or adware sites,cant open email directly from messenger.....i have posted my hijack this log here Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:19:43 p.m., on 2/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\service
×
×
  • Create New...