planthead
Honorary Members-
Posts
36 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by planthead
-
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
I should be good from this point, so you can go ahead and close the topic. Thanks again for all your help! -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Hey Elise, thanks for all of your help. I guess that rather than to proceed any farther with this, as long as you think the computer is free of the virus I'll back up the important data and wipe the drive. I've been thinking about upgrading from XP to Windows 7 anyway, and now is starting to seem like the right time. You helped a lot though with getting some control of the machine back and allowing the data to be saved without worry of contaminating other machines so thanks so much. If you think that this is not a good idea for any reason, please let me know. Thanks again! -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Windows IP Configuration Host Name . . . . . . . . . . . . : Sybil Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Peer-Peer IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-15-C5-C3-1E-62 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 255.255.255.255 Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection Physical Address. . . . . . . . . : 00-18-DE-98-58-52 Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : 00-16-41-B0-D8-5D Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection Physical Address. . . . . . . . . : 00-18-DE-98-58-52 Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-15-C5-C3-1E-62 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 255.255.255.255 Ethernet adapter PdaNet Broadband Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : PdaNet Broadband Adapter Physical Address. . . . . . . . . : 00-26-37-BD-39-42 Server: UnKnown Address: 127.0.0.1 Server: UnKnown Address: 127.0.0.1 Ping request could not find host google.com. Please check the name and try again. Ping request could not find host yahoo.com. Please check the name and try again. =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 15 c5 c3 1e 62 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport 0x3 ...00 18 de 98 58 52 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport 0x10006 ...00 16 41 b0 d8 5d ...... Bluetooth Device (Personal Area Network) 0x10007 ...00 18 de 98 58 52 ...... Intel® PRO/Wireless 3945ABG Network Connection 0x10008 ...00 15 c5 c3 1e 62 ...... Broadcom NetXtreme 57xx Gigabit Controller 0x30004 ...00 26 37 bd 39 42 ...... PdaNet Broadband Adapter =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 255.255.255.255 255.255.255.255 255.255.255.255 30004 1 255.255.255.255 255.255.255.255 255.255.255.255 3 1 255.255.255.255 255.255.255.255 255.255.255.255 10007 1 255.255.255.255 255.255.255.255 255.255.255.255 2 1 255.255.255.255 255.255.255.255 255.255.255.255 10008 1 255.255.255.255 255.255.255.255 255.255.255.255 10006 1 =========================================================================== Persistent Routes: None -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
I did them with the same warning as a result -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
OTL logfile created on: 10/12/2010 2:10:02 PM - Run 3 OTL by OldTimer - Version 3.2.14.1 Folder = F:\virus logs Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,022.00 Mb Total Physical Memory | 445.00 Mb Available Physical Memory | 44.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.46 Gb Total Space | 54.74 Gb Free Space | 73.51% Space Free | Partition Type: NTFS Drive D: | 85.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded Drive F: | 1.96 Gb Total Space | 0.31 Gb Free Space | 15.95% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SYBIL Current User Name: Sybil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Driver Services (All) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\drivers\klmdb.sys -- (klmdb) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Sybil\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk) DRV - [2010/10/11 10:36:16 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2010/10/08 01:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101008.004\navex15.sys -- (NAVEX15) DRV - [2010/10/08 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2010/10/08 01:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101008.004\naveng.sys -- (NAVENG) DRV - [2010/09/02 17:49:06 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pneteth.sys -- (pneteth) DRV - [2010/02/26 22:23:54 | 000,116,784 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\Ironx86.SYS -- (SymIRON) DRV - [2010/02/26 22:23:21 | 000,325,680 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SRTSP.SYS -- (SRTSP) DRV - [2010/02/26 22:23:21 | 000,043,696 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2010/02/25 19:22:57 | 000,501,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\ccHPx86.sys -- (ccHP) DRV - [2010/02/10 21:55:33 | 000,536,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100211.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2010/02/03 21:40:52 | 000,362,032 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMTDI.SYS -- (SYMTDI) DRV - [2010/02/03 21:40:50 | 000,172,592 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMEFA.SYS -- (SymEFA) DRV - [2010/02/03 21:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0401000.020\SYMDS.SYS -- (SymDS) DRV - [2010/02/03 21:40:07 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20091105.001\IDSxpx86.sys -- (IDSxpx86) DRV - [2009/05/18 17:17:00 | 000,026,600 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2008/05/20 18:33:50 | 000,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb) DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/03/27 16:27:46 | 000,503,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000) DRV - [2007/06/25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2006/12/04 03:29:44 | 000,021,275 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x) DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2006/09/28 19:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf) DRV - [2006/06/13 13:22:58 | 000,111,232 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd) DRV - [2006/06/09 23:40:00 | 000,040,192 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2006/05/29 15:11:20 | 000,060,672 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2006/04/12 20:04:39 | 000,049,664 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412) DRV - [2006/04/12 20:04:39 | 000,021,568 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12) DRV - [2006/04/12 20:04:39 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12) DRV - [2006/03/24 18:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006/01/19 10:14:00 | 003,595,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006/01/10 13:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2005/12/28 15:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005/12/09 17:35:00 | 000,018,816 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pbadrv.sys -- (PBADRV) DRV - [2005/12/05 01:55:30 | 001,428,096 | ---- | M] (Intel -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Tried connecting via PDAnet again, same outcome... -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Hey Elise, no worries. I have done as you asked. What were your thoughts about deleting the files Norton found? -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Manually stooped just now, by hitting the X. It said the program had stopped responding. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
still going... -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
It's taking a really long time...it says processing registry data and the hour glass is showing, but its been at least 10 minutes -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Do you think it's O.K. to manually delete those two system volume information\_restore .sys files so that Norton stops picking them up as threats? -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\\"ImagePath"|"\\SystemRoot\\System32\\drivers\\afd.sys" /E : value set successfully! OTL by OldTimer - Version 3.2.14.1 log created on 10112010_161803 The only connection of the internet I can check right now is the PDAnet connection. The same thing is still happening, I select connect to internet and nothing happens. It does not say it can't connect or give an error, I just does nothing. Where I'm at now there is no other wired or wireless connection to try. The PDAnet is working just fine on the other computer... -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
OTL logfile created on: 10/11/2010 3:46:17 PM - Run 2 OTL by OldTimer - Version 3.2.14.1 Folder = F:\virus logs Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,022.00 Mb Total Physical Memory | 488.00 Mb Available Physical Memory | 48.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.46 Gb Total Space | 54.82 Gb Free Space | 73.63% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 1.96 Gb Total Space | 0.31 Gb Free Space | 15.99% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SYBIL Current User Name: Sybil Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Custom Scans ========== < MD5 for: AFD.SYS > [2008/08/14 06:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys [2004/08/04 07:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\i386\afd.sys [2004/08/04 07:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys [2004/08/04 06:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\dllcache\afd.sys [2004/08/04 06:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\system32\drivers\afd.sys [2008/06/20 07:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys [2008/06/20 06:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys [2008/06/20 07:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys < hklm\system\currentcontrolset\services\afd > "DisplayName" = AFD "Description" = AFD Networking Support Environment "Group" = TDI "ImagePath" = system32\drivers\tsk72D.tmp -- File not found "Start" = 1 "Type" = 1 "ErrorControl" = 1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Parameters] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Security] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Enum] < End of report > -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Sorry, I see that now. Retyping the command properly returned the same warning minus the command not found line -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Returned the following error: WARNING: Could not obtain host information from machine: [sYBIL]. Some commands may not be available. Class not registered. The following command was not found: int reset resetlog.txt -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Rescan with MBAM came up negative. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
The attempt at starting the DCHP returned a system error 1068 The dependency service or group failed to start. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
I will try that, but first, the most recent Norton scan following a complete removal with the Norton tool (performed 2x as per directions from the Norton people), and reinstall/update found the virus again in two C:system volume information\_restore...sys files. Any thoughts? -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Also, the virus seemed to have changed permissions as I took a look at startup programs (in msconfig) and noticed that there were a couple HP Printer related items, I attempted to uncheck them and it was stating that I needed to be logged on as admin (did not used to be this way). -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Norton scan came up clean. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Yes, when opening msconfig the services tab does have the services (the hide box was not checked), the DHCP Client box was checked, and the status is listed as stopped. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
I do see what you mean by looking at my other computer, so that's seems strange... -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
No, when highlighting it, clicking on it, etc. there is nothing. Also I have removed the files that MBAM found , uninstalled Norton with the removal tool, reinstalled Norton and updated with the intelligent updater, and am now running a full scan. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
Hi Elise, sorry for taking so long to respond. When opening the services window, the only thing that shows up is Services (Local) in the left hand column, and nothing in the right. There doesn't appear to be anything to expand or turn on or off. -
Backdoor.Tidserv.I!inf infection
planthead replied to planthead's topic in Resolved Malware Removal Logs
With the wireless it just keeps says something like trying to establish an IP address, with the wired (through the phone via PDAnet) when telling it to connect it doesn't do anything at all, and doesn't give an error message.