453 Posted Topics
 | Re: KBDerabc.dll [QUOTE=dragonflei;1319846] Any ideas on what is causing this?[/QUOTE] It is hard to say. Could be a legit .dll that's now borked, but I'll wager it's a malware .dll that has been removed, but the corresponding registry key is still there to call it on startup. You can probably fix this …  |
 | [QUOTE=Niklas] Would really appreciate if you guys could help me out with this.[/QUOTE] Hey Niklas, Run the steps in the linky below and post the logs and we'll see what's left after MBAM has done its thing: [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] Cheers :) PP |
 | [QUOTE=racoon8995]can anyone pls help me out with the AAA logo creator serial passkey...or sugest where i can download he keygen.tnx[/QUOTE] This is not the site for that - Sorry. We get enough idiots infecting their machines this way as it is..... Thread closed :) |
| | [QUOTE=Fred33;645617]Is this a reliable program? Has anyone tried it?[/QUOTE] [B][url]http://spywarewarrior.com/viewtopic.php?t=28684&sid=ab1e055a1ab43a5e5fcb83c991567e76[/url] [/B] PP :) |
| | [QUOTE=drfinkelstein;] Your help is gratefully appreciated! Let me know if there is anything else I can describe or another log file I can post. I put a new HijackThis log at the end as well. [/QUOTE] Hi drfinkelstein, Given the multiple rootkits showing in the logs, I would recommend wiping … |
| | [QUOTE=sklingb1] PP please let me know what you think. I am running a second MBAM now and I will post that new scan when completed. [/QUOTE] Hey Scott - took a quick cursory look and don't see much, but that is par for the course these days. Not a lot … |
| | [QUOTE=virusmash;] i have also performed a MBAM security check and saved the log.[/QUOTE] Please post your MBAM log. Also, please follow the linky below and post the requested scanlogs (including a fresh MBAM with updated database): [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] With any luck, I or another volunteer will be able to assist you … |
| | [QUOTE=stuckandlost] Can any one help me?[/QUOTE] Please follow the steps in the linky below and post the requested scanlogs. [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] I will try to check back as time permits. Cheers :) PP |
 | [QUOTE=SgtMe]think there is a registry value making it open on startup and changing the settings again! Can someone give me some suggestions of where to find it? Sorry I'm a bit of a noob with the registry...[/QUOTE] I agree with [B]rch1231[/B] - Run MBAM and see what shakes out -- … |
| | [QUOTE=bpeck]I do not use IE, never do. Firefox is my go-to browser.[/QUOTE] Try this: -- Download the attached [B]FixIt.zip[/B] and [I]Extract[/I] [B]FixIt.bat[/B] from the Zip to your Desktop. -- DoubleClick on FixIt.bat to run it. Then, retry with MBAM and post the results. Best Luck :) PP |
| | [QUOTE=sysopt] At the very least, the concept of keeping third party applications updated should be mentioned as it is a critical preventative security measure.[/QUOTE] That is indeed a good idea. Unfortunately, those threads are quite old (especially in "malware prevention years") and in need of complete reworking. I've been meaning … |
| | [QUOTE=trickedout]i keep finding "(random letters)tssd.exe" in my task manager and i close them. . . . . GMER 1.0.15.15281 - [url]http://www.gmer.net[/url] Rootkit quick scan 2010-06-21 21:36:27 Windows 5.1.2600 Service Pack 2 Running: nxg6jws3.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kflyyfog.sys [COLOR="red"]File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification[/COLOR] ---- EOF - GMER 1.0.15 ---- [/quote] Sorry for the delay …  |
| | [QUOTE=metsys 2900]Are there any recorded instances of the dreaded "operating system not found" screen being caused by malware? I understand most likely cause to be creep or software related, apologise if this question already posted.[/QUOTE] I do not think a malware cause is outside the realm of possibility. Especially with … |
| | Re: Malware help [QUOTE=rch1231] Part of my job is cleaning viruses and malware off of customers systems.. . . [/QUOTE] MBAM is most effective when run in Normal Windows Boot. We only recommend Safe Mode when Normal Boot is not an option. Please follow Biker920's link and post those scanlogs for us. Please … |
| | [QUOTE=Kenny24;1264082]it started when i downloaded a cracked keygen and it looked suspicious but i let my guard down and downloaded it anyways because i had just downloaded a keygen for photoshop cs5 and it worked with no problems..... any help would be greatly appreciated. thank you for taking your time … |
| | [QUOTE=HeidiGiller] But now his Windows mail won't open. Can't initialize the MSOE.dll. [/QUOTE] That is a recurring Outlook error. I'd bet you probably have solved it by now. If not, let me know and we can take a whack at it. Cheers :) PP |
| | [QUOTE=richbindians] I am the DIY type and get alot of satisfaction from fixing things myself, but I have gotten so frustrated and have now reached the end of my rope. I hate to admit defeat, but I would appreciate any suggestions.[/QUOTE] Hi Rich, Sorry for the delay - we just … |
| | Re: RootKit Problem? [QUOTE=] The problem i'm having is that when ever i open up the Internet i get 2 pop ups that pop up twice (opening 2 seperate internet windows) See attachments.[/QUOTE] If I am not mistaken, that blocked url is indicative of a TDSS rootkit infection. If it were my machine, …  |
| | [QUOTE=]Installed Comodo Internet Security, which I think is the best option for this person, since it's an all in one. I use Comodo Firewall, so I'm familiar with the interface, etc. Did a full system scan with Comodo, it found 5 infected files. Out of the 5, 3 were not … |
| | Re: MD5 HASH [QUOTE=onlinessp;1246290]Hi, I want to learn about md5.please tell me how i can calculate md5 of a file Waiting for your kind answer Thanks[/QUOTE] There are a number of tools available to do this. I have used these, among others: [URL="https://help.ubuntu.com/community/HowToMD5SUM"][B]md5sum.exe[/B][/URL] [URL="http://md5deep.sourceforge.net/"][B]md5deep.exe[/B][/URL] [URL="http://www.md5summer.org/"][B]md5summer.exe[/B][/URL] Cheers :) PP |
| | [QUOTE=Yamajasti]]I do not have the faintest clue on how to remedy these malfunctions. I would appreciate any help offered. I am using XP, and my browser is Firefox.[/QUOTE] Please have a look at the linky below and post the requested scanlogs. With any luck, somebody will be able to assist … |
| | [QUOTE=]Well, I am stumped and I hate saying it :(. I will see if I can get some help here.[/QUOTE] Hey guys, Looks to me like a persistent re-infection of the MBR. This might be a newer version of this popular affliction. Lots of logs and little time, so I … |
| | [QUOTE=]this thread is 3 years old that poster is long gone in future check post date. Later---[/QUOTE] They were just spamming a link to their forum. It was poor etiquette, so I fixed it for them :) |
| | [QUOTE] GMER Two: GMER 1.0.15.15281 - [url]http://www.gmer.net[/url] Rootkit scan 2010-05-23 23:04:36 Windows 5.1.2600 Service Pack 2 Running: 7qxco86v.exe; Driver: C:\DOCUME~1\Shelly\LOCALS~1\Temp\uxroypod.sys ---- Files - GMER 1.0.15 ---- [COLOR="Red"]File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification[/COLOR] [/QUOTE] Hey Judy - I'd suggest skipping ahead to a run of Combofix and making sure it addresses the infected … |
| | [QUOTE=DhCoder;1226307] However, it got me thinking. What are these medium - large sized businesses using for virus removal. I imagine the larger businesses are either partnered with one of the main virus removers apps or they use proprietary software. Does anyone know of decent software for detection/removal of virus that … |
| | Re: Malwarebytes log [QUOTE=jholland1964;1226357]Welcome to daniweb, Not horrible, not wonderful either but have certainly seen worse.[/QUOTE] Hey Judy, Is this still considered malware? [URL="http://www.sophos.com/security/analyses/controlled-applications/mywebsearch.html"]Sophos[/URL] says this: [I]MyWebSearch is an adware application which, when initially analysed, was observed to display advertisments when the browser was active. Analysis of recent versions of MyWebSearch show that … |
| | Re: Help Assistant [QUOTE=azjanet;1205409] Any ideas? Thanks.[/QUOTE] Please follow the steps in the linky below and post the requested scanlogs. We'll have a look and go from there. [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] Cheers :) PP |
| | Please update your MBAM and then follow the steps in the linky below and post those logs for us and somebody ought to be able to advise you further: [B][COLOR="Green"]http://www.daniweb.com/forums/thread134865.html[/COLOR][/B] Let us know if any of the steps give you trouble. Cheers :) PP |
| | [QUOTE=BrianC.;1216013] Appreciate your help, but how about giving someone else a shot?[/QUOTE] Hi Brian, I think happyrock is approaching this issue in much the same way I or the other regulars here would do so - these are kind of hard to ferret out. I do believe this is a …  |
| | [QUOTE=Graphix;1206664] Eventually I found a database which contains around 1000 virus names, however none of the virus names has the extension .exe . Is this extension neglected? Or does the virus have various filenames?[/QUOTE] What you have listed are not viruses. Rather, they are Trojans. These tend to come in … |
| | [QUOTE=rayjasper0211;1191597] Im using Eset smart security now..[/QUOTE] Why would you want to switch? ESET is a pretty solid Security Suite - I think it and Kaspersky are two of the better ones. If you want a smaller footprint, try Avira. 'Course then you'll need to add firewall and malware protection …  |
 | [QUOTE=kaden;1127337] also i tried to re-install XP with the Dell issued purple OS disk with no response.. can you help me..?? any suggestions..?? [/QUOTE] -- Can you explain more as to what you tried to do with XP Disk? Did the drive recognize the disk? Did you try to boot … |
| | [QUOTE=teeandee;1170810] Any thoughts? Anything I can try? I'm fine reformatting, but I'm not fine just tossing the computers out the window, you know? There must be SOMETHING I can do. *nail bite* Halp![/QUOTE] [B]Reformatting might be the fastest / easiest / best course of action.[/B] However, there are some things … |
| | [QUOTE=rtrussell;1189305]I updated a new spyware version and ran a check. It told me to disable some stuff and restart. When I restarted, it froze on "turning on gate A20". Any ideas?[/QUOTE] That's is insufficient information with which to make a recommendation. What is your OS? What exactly did you update? … |
| | [QUOTE=Cyber 14;1187246] According to the file properties, it was created on Saturday, April 3rd, 2010, the day I reinstalled my sound card, and was last modified back in 2001. A C drive search showed that it (regplib.exe) turned up in the System32 folder and in the Windows prefetch folder. [/QUOTE] … |
| | [QUOTE=bizz2;991820] I don't know what to do.. Any help would be appreciated.[/QUOTE] Try this: Please download [URL="http://forum.networktechs.com/attachment.php?attachmentid=1894&d=1253497255"][B]FindWPP.zip[/B][/URL] and [I]Extract [/I] the FindWPP folder to your desktop. -- Inside the folder, you'll see [B]RunThis.bat[/B] - DoubleClick it and let it run for as long as it takes. A log should pop … |
| | Re: autorun eatr [QUOTE=mzansi;1184194]i recently installed autorun eater on a laptop with usb security, and eset smart its now refusing to boot whats the matter?[/QUOTE] Hard to say - could be a a number of things. -- Are you able to boot to Safe Mode / Safe Mode with Networking? (tap F8 on … |
 | [QUOTE=meksikatsi;1167445] any advice? thanks in advance!![/QUOTE] Do you have your Windows disk? If not, are you able to burn an ISO for a bootable disk? Let me know and we'll see what we can do. Cheers :) PP |
| | [QUOTE=ricmar2;671805] Sure hope some one can give me a solution on this The laptop is old but I like it even though the fan stopped working. I would sure appreciate any help any of you Techies can give me. And would it be wothwhile to take it in and have … |
| | [QUOTE=Horatyu;1184582]hello. I have the same problem with the desktop icons as [URL="http://www.daniweb.com/forums/thread133134.html"][B]This Thread --> helpscotty[/B][/URL]... could you be more speciffic about this: ,,Yes, do the Kelly's Korner link first. RightClick the link and save it. It should save as iedesktopshortcut.reg Move it to the ill machine and DoubleClick on it … |
| | [QUOTE=jholland1964;652768]Lordy! Didn't even look at the original date![/QUOTE] Nice one, Judy! :D |
| | [QUOTE=FredRock;1176399] I honestly have no idea about computers so anything is helpful. I'm on a different computer at the moment, turned my laptop off. Afraid to turn it on again until something can actually be done about it.[/QUOTE] Sounds like quite a mess! -- Do you have a flash drive? … |
| | [QUOTE=dukeb1000;1177223] So after all that, MBA-M found some nasty stuff but still no internet and still freezes if I use the keyboard. I feel like I really blew it. I hope I posted this correctly.[/QUOTE] At very quick glance, nothing jumps out at me from the log. Can you tell … |
| | [QUOTE=rch1231;1165511]Download the free version of Mal-ware Bytes and install and run it in safe mode till you get not more infections showing up.[/QUOTE] Run MBAM in Normal Windows boot - if it doesn't run in normal boot, then try Safe Mode. Be sure to Reboot after running MBAM. Ideally, I … |
| | Hi Karen, The problem that we are running into is that 64-bit Vista is a difficult animal with which to deal in a forum setting. Most of the tools we use are just not compatible.... -- Did you download this --->[B] 360Safe[/B] ? -- How are things running after Judy's … |
| | [QUOTE=didyouthink76;1170614]Can anyone please tell me if you have experienced a file called YAT32.exe automatically placed on your desktop? [/QUOTE] In addition to what Judy said, I suggest uploading it for analysis at [B][url]http://virusscan.jotti.org/[/url][/B] Let us know what you find. -- Are you sure it's not [URL="http://www.dillobits.com/yats32.html"][B]YATS32[/B][/URL]? Best Luck :) PP |
| | Hi Nancy, Are you sure this isn't due to a sticky keyboard? Kind of odd behavior for malware - do you have a different keyboard to try? -- To rule out malware, please post the requested scanlogs from the steps linked below: [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] Hopefully a volunteer will be able to … |
| | [QUOTE=PaulS22401;1159449] Is it possible to download Malwarebytes to the flashdrive and just run it to clear this up?[/QUOTE] Hi Paul, That would be a good first step - Transfer MBAM from the flash drive to the ill compy and give it a go. Have MBAM fix what it finds and … |
| | [QUOTE=crunchie;1161288]You have lost me. What are you asking?[/QUOTE] Oh for crying out loud . . . . It's as plain as the nose on your face! How can you not see that, in 2005, they had a program installed? -- It was somehow deleted. Accidentally. Now, they would like to … |
| | So, this behavior started immediately after the infection was cleaned? -- You can pretty much rule out other causes such as overheating? Are you able to run MBA-M and DDS as per the linky below? [B][url]http://www.daniweb.com/forums/thread134865.html[/url][/B] If so, please post those logs for me. -- Do you have a viable … |
The End.