Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

I am having the same problem as inxs did

Thread Solved
« First 2 3

Join Date: Feb 2004
Posts: 10,059
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 763
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: I am having the same problem as inxs did

 
0
  #21
Dec 21st, 2008
Originally Posted by cohen View Post
Beautiful, Log Looks Clean to me
How about the combofix log?

=======================

nicole, you did not run combofix from the desktop, as requested. You also ran combofix 5 times.
You must follow instructions if we are to assist you.

==

1. Please open Notepad
  • Click Start , then Run
  • Type notepad.exe in the Run Box.
2. Now copy/paste the entire content of the codebox below into the Notepad window:
KillAll::

File::
c:\windows\Tasks\uakgweyq.job
c:\windows\system32\TDSSSERV.SYS
Driver::
TDSSSERV.SYS

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Save the above as CFScript.txt

4. Physically disconnect from the internet.

5. Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.

6. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Name: CFScript.gif Views: 11 Size: 27.1 KB


7. After reboot, (in case it asks to reboot), please post the following reports/logs into your next replyafter you re-enable all the programs that were disabled during the running of ComboFix:
  • Combofix.txt
  • A new HijackThis log.
Please take note:

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Join Date: Dec 2008
Posts: 13
Reputation: lcmom01 is an unknown quantity at this point 
Solved Threads: 0
lcmom01 lcmom01 is offline Offline
Newbie Poster

Re: I am having the same problem as inxs did

 
0
  #22
Dec 21st, 2008
I will do what you just told me in a moment, but I need to clarify...I did run ComboFix on the desktop as I do not have it installed on the laptop. I ran all my scans and saved the logs to a media stick, then plugged the media stick into the laptop in order to post them on the thread here since I couldn't access any websites on my desktop. I had run ComboFix previously before I contacted you, but I did ONLY what I've been told in this thread since we started. I haven't done anything you didn't advise me to do. I wouldn't want to waste my time nor yours and drag this thing out any longer that it has to be. Trust me, I've only done what you've told me to do. The computer is working fine now, but I will go ahead and do these last things you've told me.
Reply With Quote Quick reply to this message  
Join Date: Dec 2008
Posts: 13
Reputation: lcmom01 is an unknown quantity at this point 
Solved Threads: 0
lcmom01 lcmom01 is offline Offline
Newbie Poster

Re: I am having the same problem as inxs did

 
0
  #23
Dec 21st, 2008
Done. Just wanted to let you know that when I saved that file and went to drag it onto the ComboFix icon, ComboFix was gone from my computer like it was never even there to begin with, so I had to reinstall it, then I could drag the file onto the icon. So I did all that and the log is below:

ComboFix 08-12-20.03 - Nicole 2008-12-21 1:27:10.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1610 [GMT -5:00]
Running from: c:\documents and settings\Nicole\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Nicole\Desktop\CFScript.txt
* Created a new restore point

FILE ::
c:\windows\system32\TDSSSERV.SYS
c:\windows\Tasks\uakgweyq.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\uakgweyq.job

.
((((((((((((((((((((((((( Files Created from 2008-11-21 to 2008-12-21 )))))))))))))))))))))))))))))))
.

2008-12-20 19:20 . 2008-12-20 19:20 <DIR> d-------- c:\program files\Lavasoft
2008-12-20 19:20 . 2008-12-20 19:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-15 20:22 . 2008-12-15 20:22 <DIR> d-------- c:\program files\ATTToolbar
2008-12-15 20:22 . 2008-12-16 20:34 <DIR> d-------- c:\documents and settings\Nicole\Application Data\ATTToolbar
2008-12-15 20:22 . 2008-12-21 01:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATTToolbar
2008-12-15 20:13 . 2008-12-16 03:03 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-15 20:13 . 2008-12-16 03:03 1,409 --a------ c:\windows\QTFont.for
2008-12-15 19:39 . 2008-12-15 19:40 <DIR> d-------- c:\program files\ATT-SST
2008-12-15 19:20 . 2008-12-15 19:38 <DIR> d-------- c:\documents and settings\Nicole\Application Data\Motive
2008-12-15 19:19 . 2008-12-15 19:19 <DIR> d-------- c:\program files\ATT-HSI
2008-11-27 01:03 . 2008-11-27 01:03 <DIR> d-------- c:\program files\HOJY TECH
2008-11-22 17:47 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-11-22 17:47 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2008-11-22 17:47 . 2008-04-13 14:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-11-22 17:47 . 2008-04-13 14:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-21 06:26 --------- d-----w c:\documents and settings\Nicole\Application Data\PreCast
2008-12-21 02:36 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-21 00:19 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-19 03:54 --------- d-----w c:\documents and settings\Nicole\Application Data\LimeWire
2008-12-17 10:58 --------- d-----w c:\documents and settings\All Users\Application Data\pdf995
2008-12-16 01:22 --------- d-----w c:\program files\Common Files\Motive
2008-12-16 01:22 --------- d-----w c:\program files\AT&T
2008-12-16 01:15 --------- d-----w c:\program files\BellSouth
2008-12-16 01:12 --------- d-----w c:\documents and settings\All Users\Application Data\Motive
2008-12-16 01:09 --------- d-----w c:\program files\RealArcade
2008-12-16 01:08 --------- d-----w c:\program files\Google
2008-12-04 00:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-04 00:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-27 06:03 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-17 00:54 --------- d-----w c:\documents and settings\Nicole\Application Data\Move Networks
2008-11-03 01:56 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-03 01:55 --------- d-----w c:\program files\Microsoft.NET
2008-10-25 13:47 --------- d-----w c:\program files\LimeWire
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 07:07 --------- d-----w c:\program files\Microsoft Silverlight
2008-04-25 13:09 0 -c--a-w c:\documents and settings\Nicole\Application Data\CopyToGo.dat
2008-04-03 23:56 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-12-13 00:33 774,144 ----a-w c:\program files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot_2008-12-21_ 0.17.10.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-06 04:30:42 241,704 -c----w c:\windows\system32\dllcache\wgaLogon.dll
+ 2008-09-06 04:29:58 917,032 -c----w c:\windows\system32\dllcache\WgaTray.exe
- 2008-03-20 22:06:36 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll
+ 2008-09-06 04:30:06 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll
+ 2008-09-06 04:30:42 241,704 ------w c:\windows\system32\WgaLogon.dll
+ 2008-09-06 04:29:58 917,032 ------w c:\windows\system32\WgaTray.exe
+ 2008-12-21 06:30:24 16,384 ----atw c:\windows\temp\Perflib_Perfdata_754.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-10 1576176]
"SmileboxTray"="c:\documents and settings\Nicole\Application Data\Smilebox\SmileboxTray.exe" [2008-07-30 205448]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-09 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISW.exe"="c:\program files\AT&T\Internet Security Wizard\ISW.exe" [2007-05-03 2061816]
"AT&T Internet Security Suite"="c:\program files\AT&T\AT&T Internet Security Suite\RPS.exe" [2007-06-28 310000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2007-12-18 8720384]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
PreCast Monitor.lnk - c:\program files\Ocucom\PreCast\tmon.exe [2008-02-12 1811120]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-06-05 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-09-10 11:22 352256 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Reminder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Event Reminder.lnk
backup=c:\windows\pss\Event Reminder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PreCast Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PreCast Monitor.lnk
backup=c:\windows\pss\PreCast Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Nicole^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Nicole\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISW.exe]
--a------ 2007-05-03 13:12 2061816 c:\program files\AT&T\Internet Security Wizard\ISW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 13:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 14:24 458752 c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 14:14 217088 c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-07-19 16:32 221184 c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
--a------ 2007-12-18 20:47 8720384 c:\program files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-08-11 23:43 7630848 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2006-08-11 23:43 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-02-25 20:23 443968 c:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 16:22 21898024 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 03:25 144784 c:\program files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-r------- 2005-05-03 05:43 69632 c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-08-11 23:43 1519616 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2007-01-30 05:54 16116224 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 05:04 2879488 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"NVSvc"=2 (0x2)
"idsvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\ATT-HSI\\McciBrowser.exe"=

R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-02-29 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-02-29 55024]
R3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
S3 Radialpoint Security Services;AT&T Internet Security Suite;c:\windows\system32\dllhost.exe /Processid:{80098F68-1220-4F43-80A8-15C7395B8874} [2006-02-28 5120]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\DRIVERS\SDTHOOK.sys [2008-03-03 44928]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa5ad2a0-6972-11dd-b7cb-001a4d7a43a7}]
\Shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder

2008-12-20 c:\windows\Tasks\User_Feed_Synchronization-{5DC353DC-8426-4747-895F-A55DAB4849C5}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 10:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myspace.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

c:\windows\Downloaded Program Files\SpinTopGamesLauncher.dll - O16 -: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0}
hxxp://download-games.pogo.com/online2/pogo/mahjong_escape_ancient_japan/SpinTopGamesLauncher.cab
c:\windows\Downloaded Program Files\SpinTopGamesLauncher.inf

c:\windows\Downloaded Program Files\WMDownload.dll - O16 -: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}
hxxps://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
c:\windows\Downloaded Program Files\WMDL.inf
FF - ProfilePath - c:\documents and settings\Nicole\Application Data\Mozilla\Firefox\Profiles\4tyn4gya.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.firesearch.com/
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - plugin: c:\program files\Microsoft Silverlight\2.0.30523.8\npctrl.1.0.30401.0.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-21 01:30:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AT&T\AT&T Internet Security Suite\Fws.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\program files\CA\PPRT\bin\ITMRTSVC.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Raxco\PerfectDisk\PDAgent.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Raxco\PerfectDisk\PDEngine.exe
c:\program files\AT&T\AT&T Internet Security Suite\rpsupdaterR.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-12-21 1:33:39 - machine was rebooted [Nicole]
ComboFix-quarantined-files.txt 2008-12-21 06:33:12
ComboFix2.txt 2008-12-21 05:18:01
ComboFix3.txt 2008-09-11 16:25:54
ComboFix4.txt 2008-09-11 14:39:40
ComboFix5.txt 2008-12-21 06:26:12

Pre-Run: 198,313,390,080 bytes free
Post-Run: 198,316,105,728 bytes free

239 --- E O F --- 2008-12-21 06:07:23
Reply With Quote Quick reply to this message  
Join Date: Nov 2008
Posts: 816
Reputation: cohen is an unknown quantity at this point 
Solved Threads: 42
Featured Poster
cohen's Avatar
cohen cohen is offline Offline
Practically a Posting Shark

Re: I am having the same problem as inxs did

 
1
  #24
Dec 21st, 2008
Just looking at your combo fix log, it looks like your java is out of date.

Can you pls go into control panel > add / remove programs, and remove all Java Components.

Then go www.java.com and download and install the latest Java.

Thanks,

Cohen
Cohen's Site www.cohenl.com

Do not PM me for support!!!
Reply With Quote Quick reply to this message  
Join Date: Dec 2008
Posts: 13
Reputation: lcmom01 is an unknown quantity at this point 
Solved Threads: 0
lcmom01 lcmom01 is offline Offline
Newbie Poster

Re: I am having the same problem as inxs did

 
0
  #25
Dec 21st, 2008
Cohen...just uninstalled old and installed latest Java...thanks for catching that.
Reply With Quote Quick reply to this message  
Join Date: Feb 2004
Posts: 10,059
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 763
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: I am having the same problem as inxs did

 
0
  #26
Dec 22nd, 2008
Originally Posted by lcmom01 View Post
I will do what you just told me in a moment, but I need to clarify...I did run ComboFix on the desktop .
I need to clarify that you in fact, never ran it from the desktop. You ran it straight from the K drive'
ComboFix 08-12-20.03 - Nicole 2008-12-21 0:11:25.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1672 [GMT -5:00]
Running from: K:\ComboFix.exe
Thats the reason when you ran the script, it was no longer there.

====

Log looks ok.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Join Date: Dec 2008
Posts: 13
Reputation: lcmom01 is an unknown quantity at this point 
Solved Threads: 0
lcmom01 lcmom01 is offline Offline
Newbie Poster

Re: I am having the same problem as inxs did

 
0
  #27
Dec 22nd, 2008
K: is my memory stick. I downloaded ComboFix and saved it to my memory stick so that I could put it on the desktop pc. I guess when I ran it on the pc, it didn't install it.
Reply With Quote Quick reply to this message  
Join Date: Nov 2008
Posts: 816
Reputation: cohen is an unknown quantity at this point 
Solved Threads: 42
Featured Poster
cohen's Avatar
cohen cohen is offline Offline
Practically a Posting Shark

Re: I am having the same problem as inxs did

 
0
  #28
Dec 22nd, 2008
Originally Posted by lcmom01 View Post
K: is my memory stick. I downloaded ComboFix and saved it to my memory stick so that I could put it on the desktop pc. I guess when I ran it on the pc, it didn't install it.
When Running Combo Fix, pls run it from the desktop. Otherwise it will not do it's job.

Cohen
Last edited by cohen; Dec 22nd, 2008 at 6:36 pm.
Cohen's Site www.cohenl.com

Do not PM me for support!!!
Reply With Quote Quick reply to this message  
Reply
« First 2 3

Quick Reply to Thread
This thread has been marked solved.
Perhaps start a new thread instead?
Message:



Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet censorship china commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exploit facebook fake gaming gtaiv gumblar halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirecting reliability report research risk rogueantivirus samhain sans scareware school search security sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted usa virus viruses volume war warning windows worm yahoo zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC