Jump to content

mark57

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello, My wife is using Microsoft Outlook Express version 6. For over two months, she has been having a problem with it sending out three to eight copies of her messages. I ran the Malwarebytes program about six weeks ago, and it found no problems. I am unsure of what to do. Does anyone have a suggestion as to what can be done. Thanks, Mark M.
  2. Borislav, I left the computer running last night after going onto some web pages without experiencing any problems. I did not close those pages. Overnight, it appears that the PC rebooted itself. The computer was at the login screen when I looked this morning before going to work. I logged on again, and was able to go to the internet without any problems. I will see what is going on when I get home later today. I am not sure why it rebooted. I saw last night that it was requesting that Windows updates be launched, but I did not give permission to do so. Could the updates have been done and the computer automatically rebooted to allow those changes to take effect? I hope that is what happened but am not sure. Mark
  3. Hi! I ran the McAfee anti-virus scan and it detected nine viruses and trojans. It quarantined the nine items. I will give you a high level list: 1. Virus: Koobface.worm 2. Trojan: IMAPIOKOSYS.VIR 3. Trojan: CAPCHA.DLL.VIR 4. Trojan: BILL103.EXE 5. Trojan: RDR_1268335333.EXE.VIR 6. Virus: RDR_1268335005.EXE.VIR 7. Trojan: RDR_1268323561.EXE.VIR 8. Virus: RDR_1268323242.EXE.VIR 9. Virus: RDR_1268263698.EXE.VIR I ran this scan while I was at work. During that time, I did not have the internet connected. Now I do and so far so good. Mark
  4. Since I didn't think I was done with the disinfection process, I haven't been using this computer. It has been running without being connected to the internet since the McAfee real time anti-virus scanning and firewall are disabled. In addition, I had run another tool that had disabled some drivers that were never restored. Should I re-enable McAfee and start having my wife use this computer? What tests would you suggest I do to put the computer through verfiy that the infection has been removed? Thanks, Mark
  5. Borislav, Sorry I haven't responded in a number of days. I have been busy with some other work around the house. Anyway, I was able to backup the registry. However, I did not understand what I was supposed to do to remove the entries from the Registry for Adobe 4.0 I printed the instructions you gave me a link to, but when I read it, it mentioned something about the registry but no detailed instructions. I know there is a REGEDIT program, but don't remember how to use it. Please advise. Thanks, Mark
  6. Borislav, I made a mistake on the last entry. The subkey was: HKEY_CLASSES_ROUT\CLSID\{... Sorry, Mark
  7. Borislav, I was able to remove Adobe Acrobat 4.0 except for some subkeys: Unable to delete all subkeys under HKEY_CLASSES_ROUT\SLSID\{CA8A9780_2801)_11CF_A24D_444553540000} Unable to delete registry values "HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\User Trusted External Application\C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe I removed all Java installed files and directories as requested. Attached is the log from JavaRe. I would think that the newest version of Java needs to be installed next, but please let me know what to do now. Also, how do I remove the subkeys and registry entry shown above? Thank you! Mark
  8. I did update the anti-malware before running yesterday, but the database was never updated. I was able to successfully upload the latest database and re-ran the anti-malware. No infections were found. Please see attached log. Please advise for what to do next. Thank you. Mark mbam_log_2010_04_10__07_43_42_.txt
  9. Borislav, The Anti-Malware found one infection and removed it. Please review the attached log. Hopefully we are getting close to the end! Thank you. Mark mbam_log_2010_04_09__18_25_43_.txt
  10. Hi Borislav, I was able to successfully run the RootRepeal program. The log is attached. Please advise for further actions I need to do. Thank you! Mark RootRepeal_report_04_08_10__17_35_45_.txt
  11. Hi Borislav, I did exactly as you requested. I downloaded the GMER program and ran it. It ran for a few hours at least. I left the computer to take care of some other things. When I returned, I discovered that the computer halted again with a similar error to what happened the last time I ran GMER: STOP: C000021a {Fatel System Error} The windows system process terminated unexpectedly with a status of 0xc0000005 (0x001bofef 0x0054e064) The system has been shut down. The instructions say to run in safe mode if any problems occur. Is that what you want me to do next? If so, please remind me how to get into safe mode. Thank you! Mark
  12. I ran the ComboFix program successfully. Please analyze the log file. The only change from the suggested process was that two programs started up after the PC rebooted (Yahoo Messenger and another Yahoo website which I immediately closed). I still have the CD Emulation drivers disabled from Defogger. Please advise if I need to do anything else. Thank you! Mark log.txt
  13. I was instructed to follow a set of instructions to scan my computer for Malware. I first downloaded and executed the Malwarebytes' Anti_Malware. The scan detected no corrupt files. The log file is attached. I continued by downloading the Defogger and disabled the CD Emulation drivers. The program did not request to reboot the computer as the instructions said it would, so I did the reboot manually. I started having problems in that it did not reboot properly at first. I received a number of "Invalid system disk" errors before the PC finally booted. I continued by running DDS. It completed and created the two text files which are attached. I then tried to execute the GMER Rootkit Scanner. I was able to start it, and it ran for about 30 minutes. The computer then rebooted on its own. I tried to run it again, and this the PC froze with the following error: stop: c000021a: Fatal System Error The windows subsystem process terminated unexpectedly with a status of 0xc000005 {0xc001b0014 0x0340e064} The system has been shut down. I turned off the computer at that point, and haven't turned it back on since this happened last night. I am not sure what to do next. Please advise. Thank you. mbam_log_2010_03_28__14_40_00_.txt DDS.txt Attach.txt
  14. I am new to the field of malware and trojans. My wife's computer became infected through clicking on a link she received from a friend. The computer proceeded to write bad links to my wife's friends on facebook and managed to screw up many of her friend's PCs. In addition, many windows kept on popping up on her PC. A friend recommended that I download the free version of Malwarebytes and scan the computer. Four bad files were found and removed. The computer seemed ok for a day, then started to have windows pop up again. I ran the Malwarebyte scan again, and it found no new bad files. My wife did a little research and believes that she found that it is the Bredolab trojan that has infected the computer. My question is what should I do to remove it. Will the purchased version of Malwarebyte remove this trojan? Has anyone had luck removing this trojan? I found some information about how to remove it, but am not sure if it is accurate information, or if itself is a trick. Any help would be greatly appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.