Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About EvanJ

  • Rank
    New Member
  1. MrCharlie, thank you much sir. You were very patient, thorough, and professional. Your replies were impressively prompt and you always paid attention to the entirety of my posts. I never once had to ask any follow up questions, your directions were clear and concise. I particularly liked how I understood what you were doing and where we were going during the process. In short, you took a frustrating situation and made it seem simple and routine. Well done, sir.

  2. Here is the SecurityCheck log. Results of screen317's Security Check version 0.99.77 Windows XP Service Pack 3 x86 Internet Explorer 6 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! AVG 2014 AVG SafeGuard toolbar AVG 2014 Microsoft Security Essentials `````````Anti-malware/Other Utilities Check:````````` SpyHunter Malwarebytes Anti-Malware version CCleaner TweakNow RegCleaner Java 7 Update 45 Adobe Flash Player 11.9.900.117 Adobe Reader 8 Adobe Reader out of Date! Mozi
  3. Yeah looks like it was an update prompted by the previous infection, and hence is no longer neccesary. The system looks and feels good to me, everything seems to be back in order. Moving that extension from Firefox,really solved the redirect problem, which was the primary issue for us. I've had no problems since moving it, so I will go ahead and shred it. Our AV and A-MW programs are now working as they should, and all XP services and programs are functioning We can now feel comfortable upgrading to Vista Ultimate. Thanks MrC. You've been a very big help, and we appreciate your time and e
  4. Thanks, Fixit found some corrupt registry entries and corrected them, however the updates still refuse to install. I'm kinda at a loss. What are these two updates listed as "HID Non-User Input Data Filter (KB911985)" for, anyway? Thanks as always,
  5. Well I moved that suspicious xpi file to a seperate folder on my desktop to see what it does and so far I haven't noticed any problem. In fact (though I haven't really been paying attention) I don't think I've experienced any odd redirects since then. Overall the system appears to be looking good, in fact MalwBytes, Spyhunter and AVG have now started quickly picking up contaminations on flashdrives and various peripherals that may have been compromised from the previous infection The only remaining issue is the Microsoft HID non-user input data filter upgrade, that still refuses to install.
  6. "FF Extension: eoWwdRD - C:\Documents and Settings\Master\Application Data\Mozilla\Firefox\Profiles\mqjc6y6u.default\Extensions\eoWwdRD@Qe3qzqg.com.xpi I have no idea what it is, but I've found a couple forums that mention it as being related to a redirect malware code hiding inside Firefox. Here is the JRT log. Thanks for the continued support! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Microsoft Windows XP x86 Ran by Master on Mon 11/11/2013 at 14:09:53.01 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  7. This is the addition log. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013Ran by Master at 2013-11-09 16:01:21Running from C:\Documents and Settings\Master\My Documents\DownloadsBoot Mode: Normal============================================================================== Security Center ========================AV: AVG Internet Security 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}Could not list Security Center items. Check WMI.====================
  8. Second part of the first log. 928 ____R C:\Documents and Settings\All Users\Documents\ESBK.mbb 2013-10-18 19:48 - 2013-10-18 20:23 - 00340992 ____R C:\Documents and Settings\All Users\Documents\ESBK.mb 2013-10-18 19:34 - 2013-10-18 19:34 - 00000000 ____D C:\Program Files\Common Files\Kodak 2013-10-18 19:34 - 2008-04-14 04:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll 2013-10-18 19:34 - 2001-08-17 21:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll 2013-10-18 19:32 - 2013-10-18 19:35 - 00000000 ____D C:\Program Files\Kodak 2013-10-18
  9. Thanks, Mr. Charlie. Been busy the past 48 hours. I'm getting an error saying the post is too long for the forum. I'll break it up in several posts for you. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01 Ran by Master (administrator) on PRIME-VM14R926D on 10-11-2013 19:59:08 Running from C:\Documents and Settings\Master\My Documents\Downloads Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.
  10. I'm still getting some odd, though less intrusive, re-directs while browsing. Quite commonly I click a link or try and download a file and it re-directs me to blank page suggesting I upgrade Flash.There have also been numerous Firefox pop-ups requesting I upgrade my browser giving me the option to "hide" them, and letting them slide to the side of the screen. I just back out or reject anything I didn't specifically request to DL, many times I can't get back to the original page I was re-directed from and have to retype the URL. I refuse to just auto accept anything that pops up. This was one
  11. I followed the instructions and only kept anything AVG related from being removed. I was suprised how much of these nasty little programs were still lingering around. MalwareBytes ran succesfully and detected several items. Furthermore, AVG also picked up one during the MWBytes scan. "MalSign.generic.3EF" I will proceed to clear them out. Here is the log.... Malwarebytes Anti-Malware www.malwarebytes.org Database version: v2013.11.08.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 Master :: PRIME-VM14R926D [administrator] 11/8/2013 11:35:42 AM MBAM-log
  12. I followed the directions and ran Combofix. Things seemed to work well, the system seems faster and more "crisp". Several missing features seemed to return such as update launchers for several programs. Windows update and the system restore wizard were refreshed and repaired. However several issues popped up. First issue was an unexpected Trojan that AVG detected and quarantined after combofix rebooted the system. (My AVG was disabled but automatically enables on system start) What was interesting was that AVG still showed that it was "disabled" even after the reboot (I'm assuming combofix a
  13. Thanks MrCharlie, I did as you said. Rootkit ran in safemode and did not detect any threats. However, while going over the two log files it created I saw something in the kernel list of the mbar-log that didn't look right. "\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys" Currently Windows Firewall seems functional. I can toggle between it and the AVG Firewall I normally use. As for updates. I am currently able to access system updates but the two updates listed "HID Non-User Input Data Filter (KB 911895)" repeatedly failed during to install during the installation process. Here are the t
  14. Thanks that was a really fast response. I did all, just as you requsted, here is the report... RogueKiller V8.7.6 [Oct 28 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Master [Admin rights] Mode : Scan -- Date : 11/06/2013 18:35:54 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ SMENU][PUM] HKCU\[...]\Advanc
  15. Running XPsp3 system is obviously infected and we are having browser redirects that upload even more malware. Been fighting this off for over a week now. AVG, Spyhunter and Malwarebytes have been effective to an extent. But seem to be losing the battle. I've removed 11 virues and close to 80 suspicious malware related entries and programs, but they keep popping back up. AVG isn't functioning like it should anymore, and Spyhunter has officially been locked out via admin rights. Malwarebytes via Chameleon is the only thing detecting infections currently. Browser redirects and odd pop-ups continu
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.