deocder

Members
  • Content Count

    14
  • Joined

  • Last visited

Everything posted by deocder

  1. Hello, Finally I have had a chance to work on this computer. However I had to do so remotely and cannot be in front of it. In addition, I have been unable to restore the desktop wallpaper. I have tried several fixes to no avail. The computer was having issues connecting to the internet. But once connected I tried to check the router it was connected to to make sure it was set up properly. I was unable to browse to the router (192.168.1.1). All other web browsing was fine, just unable to connect to the router's GUI. I have been able to connect to this in the past. I suspected that the b
  2. It seems to be running well now but I have not had much time to really work with the system since going through all the scans. Thank you for your help thus far, I really appreciate it!
  3. I ran the scan and nothing was found. Additionally, "Click here to export the scan results" did not exist as on option.
  4. Hello and thanks! I have noticed that Internet Explorer taks a long time to load. Also, I have been unable to install Security Update for SQL Server 2005 Service Pack 2 (KB970895), but I dont think it has anything to do with Malware. How do the scans look?
  5. Hello, I have posted both logs below: . Are we making progress? Malwarebytes' Anti-Malware 1.42 Database version: 3289 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.11 12/29/2009 10:56:08 AM mbam-log-2009-12-29 (10-56-08).txt Scan type: Quick Scan Objects scanned: 138975 Time elapsed: 9 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious
  6. I finally got the scan to complete! Here is the log: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2009-12-29 01:31:01 Windows 5.1.2600 Service Pack 3 Running: 9m087noy.exe; Driver: C:\DOCUME~1\JAYPLE~1\LOCALS~1\Temp\uxriypoc.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0x9DE1A6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALW
  7. Thanks again Tom, I have tried to run the scan you have instructed me to do. After pressing the scan button, during the scan, the computer flashed a blue screen and immediaty rebooted. This has happend twice during the scan. I am unable to read the blue screen as it flashes very quickly before rebooting. I will continue to try to get the scan to complete.
  8. Awesome! Thank you Tom. Here are the log's from the scan: OTL logfile created on: 12/27/2009 9:59:53 AM - Run 1 OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Jay Plesset\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 238.00 Mb Available Physical Memory | 23.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free Pag
  9. I'm working on this computer and can't seem to get anywhere.... Here is the HijackThis log. See anything? _________________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:26:37 PM, on 12/26/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\W
  10. I have followed the instructions and everything looks good! Thank you so much for guiding me through this process. Your help is greatly appreciated!
  11. Here is the Hijack This log file: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:52:11 AM, on 11/22/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\ANSYS
  12. I followed your directions and here's what came out: Malwarebytes' Anti-Malware 1.41 Database version: 3204 Windows 5.1.2600 Service Pack 3 11/20/2009 9:30:16 PM mbam-log-2009-11-20 (21-30-16).txt Scan type: Quick Scan Objects scanned: 123226 Time elapsed: 7 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (
  13. Rorschach112, I have followed your directions. Thank you! Here is the output: ComboFix 09-11-19.05 - Customer 11/19/2009 23:06.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1432 [GMT -5:00] Running from: c:\documents and settings\Customer\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Customer\Desktop\CFScript.txt file zipped: c:\windows\system32\dadozive.dll file zipped: c:\windows\system32\domasuro.dll file zipped: c:\windows\system32\johuvuki.dll file zipped: c:\windows\system32\kemukoma.dll file zipped: c:\windows\system32\kuyijovi.d
  14. Wow, I can usually clean things out myself, but I need some help on this one! I ran Combofix and then HiJackThis and then the uninstall_list.txt. All logs are as follows: ComboFix 09-11-18.06 - Customer 11/18/2009 22:45.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1216 [GMT -5:00] Running from: c:\documents and settings\Customer\My Documents\Downloads\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} * Resident AV is active . ADS - system32: deleted 12 bytes in 1 streams. ((((((((((