Jump to content

vandy

Members
  • Content Count

    24
  • Joined

  • Last visited

Community Reputation

0 Neutral

About vandy

  • Rank
    New Member

Contact Methods

  • Website URL
    http://
  • ICQ
    0
  1. Hello, I am in need of help with a rootkit problem that just won't go away. Not sure if it is 0access or something else but Malwarebytes is useless against it and TDSSkiller can't seem to clean in entirely. Please help me. Here is the TDSSkiller log and Malwarebytes log: 14:50:31.0328 3580 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 14:50:33.0328 3580 ============================================================ 14:50:33.0328 3580 Current date / time: 2012/05/04 14:50:33.0328 14:50:33.0328 3580 SystemInfo: 14:50:33.0328 3580 14:50:33.0328 3580 OS Version: 5.1.2600 ServicePack: 3
  2. My PC managed to get a nasty bug that would redirect all web access, wouldn't allow me to open task manager, deleted Malwarebytes, wouldn't allow access to programs in my start menu or my C drive, and would pop up a window that said I was infected, among other things. I managed to install and run Malwarebytes and ESET in safe mode but neither found anything. I can install TDSSKiller.exe but it will not execute. Any help would be appreciated. Below is the most recent Malwarebytes log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6701 Windows 5.1.2600 Servic
  3. Sorry to keep bothering you. There is one lingering effect that I can't seem to get corrected. Something is happening to turn off my automatic updates approximately every 15 minutes and Windows Security Center pops up in the lower right saying that I might not be fully protected because automatic updates have been turned off. How do I fix this so that it's always on? And why does it keep shutting off?
  4. Thank you so much. Everything seems to be functioning properly. I'll let you know if I have any other issues regarding this fix.
  5. latest ComboFix log: ComboFix 10-12-20.01 - branch202 12/20/2010 12:27:32.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3543.2823 [GMT -6:00] Running from: c:\documents and settings\Branch202\Desktop\Combo-Fix.exe AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Oeminfo.ini . ((((((((((((((((((((((((( Files Created from 2010-11-20 to 2010-12-20 ))))))))))))))))))))))))))))))) . 2010-1
  6. Didn't find anything this time around. Was able to turn on automatic updates without any problem. 2010/12/20 12:06:09.0479 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46 2010/12/20 12:06:09.0479 ================================================================================ 2010/12/20 12:06:09.0479 SystemInfo: 2010/12/20 12:06:09.0479 2010/12/20 12:06:09.0479 OS Version: 5.1.2600 ServicePack: 3.0 2010/12/20 12:06:09.0479 Product type: Workstation 2010/12/20 12:06:09.0479 ComputerName: BRANCH208 2010/12/20 12:06:09.0479 UserName: branch202 2010/12/20 12:06:09.0479 Windows directo
  7. ran TDSSKiller (log below). After choosing "reboot" when it was done, it took almost 20 minutes for my computer to shut down. It also would lock up when I tried to turn "automatic updates" on. Had to turn firewall back on after restart. 2010/12/20 11:13:14.0652 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46 2010/12/20 11:13:14.0652 ================================================================================ 2010/12/20 11:13:14.0652 SystemInfo: 2010/12/20 11:13:14.0652 2010/12/20 11:13:14.0652 OS Version: 5.1.2600 ServicePack: 3.0 2010/12/20 11:13:14.0652 Product type: Works
  8. Auto-Protect has popped up with "Trojan.FakeAV!gen32". Said there were 57 counts and were cleaned by deletion. I'm guessing this is indicative of persisting problems.
  9. After ComboFix, computer restarted in normal mode and hasn't had any additional popups or symptoms although I haven't used it extensively yet. Here is the ComboFix log: ComboFix 10-12-19.03 - branch202 12/20/2010 9:35.1.2 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3543.3117 [GMT -6:00] Running from: c:\documents and settings\Branch202\Desktop\Combo-Fix.exe AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))
  10. New MBAM log in Safe Mode: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5345 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 12/17/2010 5:54:14 PM mbam-log-2010-12-17 (17-54-14).txt Scan type: Quick scan Objects scanned: 242982 Time elapsed: 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected
  11. System Tool 2011 popped up on my computer and is not creating chaos. it wouldn't allow me to open task manager and when I would connect to the internet, it would slow and eventually freeze. Won't fully restart now. How do I get this thing off my computer?? Please help. here is the MBAM log: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5345 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 12/17/2010 3:32:56 PM mbam-log-2010-12-17 (15-32-56).txt Scan type: Quick scan Objects scanned: 242533 Time elapsed: 3 minute(s), 57 second(s) Memory P
  12. Disregard. It turns out some update to Yahoo toolbar was causing the disruption and not something malicious.
  13. Exlorer opened fine yesterday but now when I try to open it, it immediately crashes and pops up the windown saying that "Internet Explorer has encountered a problem and needs to close". When I try to reopen explorer, it attempts to recover the page and begings an endless cycle of crashing and attempting to recover. Have not seen any other signs of malicious infection yet but... It should be noted that my computer is connected through a network to others who have had System Tool 2011 show up in the past 48 hours. Below is the MBAM log and any help or suggestions would be greatly appreciat
  14. here are the next two logs! : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4704 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 9/27/2010 12:19:30 PM mbam-log-2010-09-27 (12-19-30).txt Scan type: Quick scan Objects scanned: 225408 Time elapsed: 4 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items dete
  15. here is the TDSSKiller log, followed by the ComboFix log: 2010/09/27 10:17:35.0616 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44 2010/09/27 10:17:35.0616 ================================================================================ 2010/09/27 10:17:35.0616 SystemInfo: 2010/09/27 10:17:35.0616 2010/09/27 10:17:35.0616 OS Version: 5.1.2600 ServicePack: 3.0 2010/09/27 10:17:35.0616 Product type: Workstation 2010/09/27 10:17:35.0616 ComputerName: BRANCH201 2010/09/27 10:17:35.0616 UserName: troyvandyke 2010/09/27 10:17:35.0616 Windows directory: C:\windows 2010/09/27 10:17:35.0616 Sy
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.