deocder

Hello, Finally I have had a chance to work on this computer. However I had to do so remotely and cannot be in front of it. In addition, I have been unable to restore the desktop wallpaper. I have tried several fixes to no avail. The computer was having issues connecting to the internet. But once connected I tried to check the router it was connected to to make sure it was set up properly. I was unable to browse to the router (192.168.1.1). All other web browsing was fine, just unable to connect to the router's GUI. I have been able to connect to this in the past. I suspected that the b

It seems to be running well now but I have not had much time to really work with the system since going through all the scans. Thank you for your help thus far, I really appreciate it!

I ran the scan and nothing was found. Additionally, "Click here to export the scan results" did not exist as on option.

Hello and thanks! I have noticed that Internet Explorer taks a long time to load. Also, I have been unable to install Security Update for SQL Server 2005 Service Pack 2 (KB970895), but I dont think it has anything to do with Malware. How do the scans look?

Hello, I have posted both logs below: . Are we making progress? Malwarebytes' Anti-Malware 1.42 Database version: 3289 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.11 12/29/2009 10:56:08 AM mbam-log-2009-12-29 (10-56-08).txt Scan type: Quick Scan Objects scanned: 138975 Time elapsed: 9 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious

I finally got the scan to complete! Here is the log: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2009-12-29 01:31:01 Windows 5.1.2600 Service Pack 3 Running: 9m087noy.exe; Driver: C:\DOCUME~1\JAYPLE~1\LOCALS~1\Temp\uxriypoc.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0x9DE1A6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALW

Thanks again Tom, I have tried to run the scan you have instructed me to do. After pressing the scan button, during the scan, the computer flashed a blue screen and immediaty rebooted. This has happend twice during the scan. I am unable to read the blue screen as it flashes very quickly before rebooting. I will continue to try to get the scan to complete.

Awesome! Thank you Tom. Here are the log's from the scan: OTL logfile created on: 12/27/2009 9:59:53 AM - Run 1 OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Jay Plesset\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,014.00 Mb Total Physical Memory | 238.00 Mb Available Physical Memory | 23.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free Pag

I'm working on this computer and can't seem to get anywhere.... Here is the HijackThis log. See anything? _________________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:26:37 PM, on 12/26/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\W

I have followed the instructions and everything looks good! Thank you so much for guiding me through this process. Your help is greatly appreciated!

Here is the Hijack This log file: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:52:11 AM, on 11/22/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\ANSYS

I followed your directions and here's what came out: Malwarebytes' Anti-Malware 1.41 Database version: 3204 Windows 5.1.2600 Service Pack 3 11/20/2009 9:30:16 PM mbam-log-2009-11-20 (21-30-16).txt Scan type: Quick Scan Objects scanned: 123226 Time elapsed: 7 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (

Rorschach112, I have followed your directions. Thank you! Here is the output: ComboFix 09-11-19.05 - Customer 11/19/2009 23:06.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1432 [GMT -5:00] Running from: c:\documents and settings\Customer\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Customer\Desktop\CFScript.txt file zipped: c:\windows\system32\dadozive.dll file zipped: c:\windows\system32\domasuro.dll file zipped: c:\windows\system32\johuvuki.dll file zipped: c:\windows\system32\kemukoma.dll file zipped: c:\windows\system32\kuyijovi.d

Wow, I can usually clean things out myself, but I need some help on this one! I ran Combofix and then HiJackThis and then the uninstall_list.txt. All logs are as follows: ComboFix 09-11-18.06 - Customer 11/18/2009 22:45.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1216 [GMT -5:00] Running from: c:\documents and settings\Customer\My Documents\Downloads\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} * Resident AV is active . ADS - system32: deleted 12 bytes in 1 streams. ((((((((((