jrbarker

Members
  • Content Count

    18
  • Joined

  • Last visited

About jrbarker

  • Rank
    Member
  1. I haven't had any popups over the last few days. I think we might be good. Thanks so much for all your help!!
  2. This is what it came up with... # version=4 # OnlineScanner.ocx=1.0.0.635 # OnlineScannerDLLA.dll=1, 0, 0, 79 # OnlineScannerDLLW.dll=1, 0, 0, 78 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=4004 (20090413) # vers_arch_module=1.064 (20080214) # vers_adv_heur_module=1.066 (20070917) # EOSSerial=97394a74460f01439bb22e9598d7b13d # end=finished # remove_checked=true # unwanted_checked=true # utc_time=2009-04-14 03:19:09 # local_time=2009-04-13 10:19:09 (-0600, Central Daylight Time) # country="United States" # osver=5.1.2600 NT Service Pack 3 # scanned=1307438 # found=3 # scan
  3. Yes, I can get Windows Updates now. But I noticed yesterday that the Trojan.KillAV came back. Norton blocked it from doing something every 11 seconds from 12:53:39 PM until 2:15:18 PM. Then nothing happened until 5:22 PM when something called ~.exe was detected and removed by Norton. Then at 12:26:31 AM the Trojan.KillAV was detected and actually removed instead of being blocked. This scenario also happened a couple days ago. I thought Norton took care of it then, but apparently it didn't. When I go to "Risk Details" in Norton it says there were two affected files. C:\windows\system32\~.exe
  4. Here's the report. But looking back through the Norton History, I think the Trojan was found and removed by Norton automatically early this morning. So I think we're good (I hope). Thanks for all your help on this. Is there anything else I should do to protect my computer and keep it running smoothly? ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\windows\okxycnn.ogs not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\alm.log scheduled to be deleted on reboot. File delete failed. C:\
  5. Let's see, it if I look under details for "Unauthorized access blocked" it says the Actor is C:\program files\update\googleupdate.exe and the Target is C:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe For the Trojan.KillAV it says the file name is C:\windows\okxycnn.ogs
  6. Update: I restarted my computer and seem to be able to get Windows updates now. Also my Norton hasn't crashed either. But I'm still getting fairly constant threats from Trojan.killAV and also warnings of "Unauthorized access blocked", as Norton says. A quick Norton and Spybot scan doesn't find anything.
  7. Okay I downloaded and ran the HostsXpert.exe but I'm still unable to download the updates. It keeps timing out or freezing when it's "check for the latest updates for your computer". Norton is running after I restarted my computer. And now it's detecting Trojan.KillAV every 20 seconds or so. What should I do, run another virus scan? Now, while I was typing I got a popup that says "Generic Host Process for Win32 Services has encountered a problem and needs to close."
  8. It seems to be running better so far. The browser hasn't crashed in the last 24 hours or so. But Norton is still shutting down. It says "Symantec service framework encountered a problem and needed to close." [App: ccSvchste.exe Offset 10031e39] I've reinstalled Norton but it keeps happening. Also, I still am not able to download the newest Windows Updates.
  9. I believe that was the whole log. I will paste it again. (This site won't let me upload the log file to this thread.) Should I run something again? ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\WINDOWS\SYSTEM32\HQ13235.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ55564.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ57060.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ73597.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ99302.DLL not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Owner\LOCALS
  10. I rebooted after using OTMoveIt3 and was given this report upon start up... ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\WINDOWS\SYSTEM32\HQ13235.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ55564.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ57060.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ73597.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ99302.DLL not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\etilqs_uZBadbUKjhBS5105anct scheduled to be deleted on reboot. U
  11. Here's the report... ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder C:\WINDOWS\SYSTEM32\HQ13235.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ55564.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ57060.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ73597.DLL not found. File/Folder C:\WINDOWS\SYSTEM32\HQ99302.DLL not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\Owner\LOCALS~1\Temp\etilqs_uZBadbUKjhBS5105anct scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cac
  12. Thanks, here is the report... Scanning Report Saturday, April 04, 2009 13:56:30 - 16:59:03 Computer name: BARKER Scanning type: Scan system for malware, rootkits Target: C:\ L:\ Result: 8 malware found Exploit.Win32.Pidief.ans (virus) * C:\DOCUMENTS AND SETTINGS\OWNER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0FZL9QFK\DS[1].PDF (Renamed & Submitted) TrackingCookie.2o7 (spyware) * System Trojan.Win32.BHO (virus) * System Trojan.Win32.BHO.nui (virus) * C:\WINDOWS\SYSTEM32\HQ13235.DLL * C:\WINDOWS\SYSTEM32\HQ55564.DLL * C:\WINDOWS\SYSTEM32\HQ57060.DLL
  13. Here is the Extras.Txt OTListIt Extras logfile created on: 4/2/2009 8:43:34 AM - Run 1 OTListIt2 by OldTimer - Version 2.0.9.0 Folder = C:\Documents and Settings\Owner\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 90.11% Memory free 3.71 Gb Paging File | 3.34 Gb Available in Paging File | 90.02% Paging File free Paging file location(s): C:\pagefile.sys 1524