Home > Is This > Is This Bad? B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F

Is This Bad? B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F

I know he's been able to get on to someone else's computer and steal e-mail passwords. Attached Files mbam_log_2009_07_03__19_59_35_.txt 1.11KB 1 downloads mbam_log_2009_07_22__11_56_48_.txt 835bytes 1 downloads Back to top #9 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 22 July 2009 - Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 26/05/2008 Please post the content to your reply.

DDS (Ver_09-03-16.01) - NTFSx86 Run by Compaq_Owner at 14:35:23.15 on Fri 04/17/2009 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1271.793 [GMT -4:00] AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* be patient and someone will help you out.Having said my piece, I'll now step out again. Tech Support Guy is completely free -- paid for by advertisers and donations. Using the site is easy and fun.

Please perform the following scan:Download DDS by sUBs from one of the following links. If it detects rootkit activity, you will receive a prompt (refer below) to run a full scan. I going to feel pretty dumb if it was the files in the task causing all these issues but I guess you learn something new everyday. I'm attaching the malwarebytes log from today and 7/3 when I frist ran it.

The scan will begin and "Scan in progress" will show at the top. Back to top #12 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 23 July 2009 - 11:26 PM Hi! Can you tell me if anything is wrong. Please try the request again.

Attached Files PrintScreen2.doc 177.5KB 1 downloads Back to top #15 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 24 July 2009 - 12:47 AM Sorry... I restart the computer and it runs fine for about ten mins. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Several functions may not work.

If you are not behind a router I strongly advise you to install a firewall before surfing. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open Attached Files 6.20p.doc 107KB 2 downloads hijackthis.log 9.52KB 5 downloads 6.20.txt 12.86KB 0 downloads Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 myrti myrti Register now!

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? I've uploaded the log files for hijack this and for the day I saw him doing something strange. I have run malwarebytes, nod32, Comboxfix, Hijackthis.

they are too big to upload. A menu will appear with several options. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.Network Service Temporary Internet Files folder emptied.File delete failed. Every time I believe I have it gone it comes back.

Once again about ten mins into the computer running everthing is back again only with different names. There are two batch files the contents of one appears to shut off the firewall and then try to run one of the randomly named exes. Click here to join today! Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.

Help requests via the PM system will be ignored.If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.The help you receive here Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Software or read our Welcome Guide to learn how to use this site.

Thanks!

Sorry, one more thing. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your Attached Files gmer.log 5.53KB 3 downloads Back to top #10 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 22 July 2009 - 12:26 PM Hi, I It made a HTM file & a DAT FILE called B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat, safely hidden away in local settings, where you'll never see it.

To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. Advertisement Recent Posts "TSG Coffee and Café with... Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

HELP!! << < (2/6) > >> Calum: Topic merged.tinmangin, please keep all your posts together under one topic. Here is the DDS file. After downloading the tool, disconnect from the internet and disable all antivirus protection. Click here to Register a free account now!

Yes, my password is: Forgot your password? Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump When you have done this, close all running programs. ymfoster replied Feb 13, 2017 at 2:20 AM Iphone 6s photo ?

The windows firewall is not good enough. Optional Recommendations: Your log looks clean. Can anyone tell me what this is and if it's okay or not? Is this bad?

Some of the malware you picked up could have been saved in System Restore. Search - file:///c:\program files\yahoo!\Common/ycsrch.htm IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000 IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} Back to top #14 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 24 July 2009 - 12:38 AM Sorry, sorry, sorry for another post. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.

Altering IE7's BUILT IN antiphishing protection is never a good sign that thIs particular programmer loves you. He was doing something and when I looked, I found that. or read our Welcome Guide to learn how to use this site. Save it to your desktop.

and copy and paste the following in to the box: C:\azq2bu.txtCopy the link to this topic in the appropriate box: http://www.bleepingcomputer.com/forums/ind...p;#entry1222596Click Send File.Please download the OTMoveIt3 by OldTimer. random named batch files and .exe's that keep coming back Started by neelhow , Apr 16 2009 01:34 PM This topic is locked 8 replies to this topic #1 neelhow neelhow