ballardea

Members
  • Content Count

    6
  • Joined

  • Last visited

About ballardea

  • Rank
    Member
  1. Thanks very much for great support and advice. I join the many others who have reason to be so impressed and grateful. Thanks! /eab
  2. OK, here's an HJT log as of now. /eab ------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:08:42 PM, on 11/20/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\Program Files\Lavasoft\Ad-Aware\aawservice.exe H:\WINDOWS\system32\spoolsv.exe H:\PROGRA~1\McAfee\MSC\mcmscsvc.exe h:\PROGRA~1\COMMON
  3. OK, MBAM log file is below. Kaspersky scan showed no threats. I hope this all means we're close ! /eab --------------- Malwarebytes' Anti-Malware 1.30 Database version: 1405 Windows 5.1.2600 Service Pack 3 11/17/2008 8:19:46 PM mbam-log-2008-11-17 (20-19-46).txt Scan type: Quick Scan Objects scanned: 49273 Time elapsed: 9 minute(s), 17 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modu
  4. Sent the CF zip file to bleepingcomputer. Below is latest log file /eab ----------------------------- ComboFix 08-11-16.04 - EAB Personal 2008-11-16 20:33:08.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.147 [GMT -5:00] Running from: h:\documents and settings\EAB Personal\Desktop\ComboFix.exe Command switches used :: h:\documents and settings\EAB Personal\Desktop\CFScript.txt * Created a new restore point * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . h:\documents and settin
  5. Thanks much -- here's the ComboFix log file -- what's next? ComboFix 08-11-16.02 - EAB Personal 2008-11-16 18:44:17.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.88 [GMT -5:00] Running from: h:\documents and settings\EAB Personal\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV.SYS -------\Service_TDSSserv.sys (((((
  6. HJT Log -- Hope you can advise Hijacked by Antispyware 2009 and maybe others? Machine is Dell 4100, XP SP3. Using Firefox 3 and McAfee Security Center from Comcast. Problem first surfaced early Nov with new browser tabs going to Antispyware2009 pages and installer message etc. On 11/11, the machine was totally hijacked -- any links were rederected to shopping pages, couldn't connect to any security or help sites, etc. Was able to find a message from this site with the technique of downloading on another machine and renaming the exe file. Successfully did that for Malwarebytes' Anti-Malware,