Is This Bad? B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F
I know he's been able to get on to someone else's computer and steal e-mail passwords. Attached Files mbam_log_2009_07_03__19_59_35_.txt 1.11KB 1 downloads mbam_log_2009_07_22__11_56_48_.txt 835bytes 1 downloads Back to top #9 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 22 July 2009 - Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 184.108.40.206 Kaspersky Anti-Virus database last update: 26/05/2008 Please post the content to your reply.
DDS (Ver_09-03-16.01) - NTFSx86 Run by Compaq_Owner at 14:35:23.15 on Fri 04/17/2009 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1271.793 [GMT -4:00] AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* be patient and someone will help you out.Having said my piece, I'll now step out again. Tech Support Guy is completely free -- paid for by advertisers and donations. Using the site is easy and fun.
Please perform the following scan:Download DDS by sUBs from one of the following links. If it detects rootkit activity, you will receive a prompt (refer below) to run a full scan. I going to feel pretty dumb if it was the files in the task causing all these issues but I guess you learn something new everyday. I'm attaching the malwarebytes log from today and 7/3 when I frist ran it.
The scan will begin and "Scan in progress" will show at the top. Back to top #12 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 23 July 2009 - 11:26 PM Hi! Can you tell me if anything is wrong. Please try the request again.
Attached Files PrintScreen2.doc 177.5KB 1 downloads Back to top #15 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 24 July 2009 - 12:47 AM Sorry... I restart the computer and it runs fine for about ten mins. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Several functions may not work.
If you are not behind a router I strongly advise you to install a firewall before surfing. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open Attached Files 6.20p.doc 107KB 2 downloads hijackthis.log 9.52KB 5 downloads 6.20.txt 12.86KB 0 downloads Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 myrti myrti Register now!
Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? I've uploaded the log files for hijack this and for the day I saw him doing something strange. I have run malwarebytes, nod32, Comboxfix, Hijackthis.
they are too big to upload. A menu will appear with several options. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.Network Service Temporary Internet Files folder emptied.File delete failed. Every time I believe I have it gone it comes back.
Once again about ten mins into the computer running everthing is back again only with different names. There are two batch files the contents of one appears to shut off the firewall and then try to run one of the randomly named exes. Click here to join today! Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.
Sorry, one more thing. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your Attached Files gmer.log 5.53KB 3 downloads Back to top #10 ss64224 ss64224 Topic Starter Members 12 posts OFFLINE Local time:03:27 AM Posted 22 July 2009 - 12:26 PM Hi, I It made a HTM file & a DAT FILE called B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat, safely hidden away in local settings, where you'll never see it.
To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. Advertisement Recent Posts "TSG Coffee and Café with... Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.
HELP!! << < (2/6) > >> Calum: Topic merged.tinmangin, please keep all your posts together under one topic. Here is the DDS file. After downloading the tool, disconnect from the internet and disable all antivirus protection. Click here to Register a free account now!