brendanandryan

Members
  • Content Count

    10
  • Joined

  • Last visited

Everything posted by brendanandryan

  1. OK. Thanks. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:35:08 PM, on 2/4/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\Explorer.E
  2. Kapersky came back clean - no malware found. You are AWESOME. The world needs more good people like you in it. Thank You.
  3. here is the first log. Malwarebytes' Anti-Malware 1.33 Database version: 1717 Windows 5.1.2600 Service Pack 3 2/2/2009 5:23:21 PM mbam-log-2009-02-02 (17-23-21).txt Scan type: Quick Scan Objects scanned: 52140 Time elapsed: 4 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Regi
  4. Here is the log that ComboFix produced. Thanks. ComboFix 09-01-31.03 - Brendan and Ryan 2009-02-01 9:48:35.4 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.252 [GMT -5:00] Running from: c:\documents and settings\Brendan and Ryan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Brendan and Ryan\Desktop\CFScript.txt AV: McAfee VirusScan *On-access scanning disabled* (Updated) FW: McAfee Personal Firewall *enabled* * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))
  5. OK, seems to have run. As always, we truly appreciate your time and help. ComboFix 09-01-31.01 - Brendan and Ryan 2009-01-31 21:20:01.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.244 [GMT -5:00] Running from: c:\documents and settings\Brendan and Ryan\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) FW: McAfee Personal Firewall *enabled* * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2009-01-01 to 2009-02-01 ))))))))))))))))))))))))))))))) . 2009-01-30 22:26 . 2009-01-30 22:26 578,560 --a------
  6. I already had Combo Fix on this machine, not sure why, but it told me it was expired and could only run in reduced funcionality mode, so I went ahead. Hopefully that was the right choice. ComboFix 09-01-21.04 - Brendan and Ryan 2009-01-30 23:03:44.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.199 [GMT -5:00] Running from: c:\documents and settings\Brendan and Ryan\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning enabled* (Updated) FW: McAfee Personal Firewall *disabled* . - REDUCED FUNCTIONALITY MODE - . ((((((((((((((((((((((((( Files Created fro
  7. Some Fun!? I truly appreciate the help. Not sure how it happened. SDFix: Version 1.240 Run by Brendan and Ryan on Fri 01/30/2009 at 10:27 PM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check :
  8. Here you go: Thank you. GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2009-01-29 21:29:15 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.14 ---- SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF5608F20] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xF55109AA] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
  9. Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : IntelĀ® PentiumĀ® D CPU 2.66GHz ) BIOS : Phoenix ROM BIOS PLUS Version 1.10 A05 USER : Brendan and Ryan ( Administrator ) BOOT : Normal boot Thanks for the response / help. Here is the notepad result. Antivirus : McAfee VirusScan (Activated) Firewall : McAfee Personal Firewall (Activated) C:\ (Local Disk) - NTFS - Total:71 Go (Free:45 Go) D:\ (CD or DVD) Thu 01/29/2009|18:36 ----------------------\\ Search.. No infections found ! 1 - "C:\Rooter$\Rooter_1.txt" - Thu 01/29/2009|18
  10. Thanks in advance for the help. I have been trying for two days to fix this. Think I am getting close. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:21:34 PM, on 1/28/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C