I disabled the Avast shields before running combofix, but it still complained about them being active, not sure if that was a problem or not. Here...
Hi Broni, here's the log; 2011/02/04 16:29:02.0007 2844 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03 2011/02/04 16:29:02.0210 2844...
DDS (Ver_10-12-12.02) - NTFSx86 Run by judithwright at 14:10:16.05 on Fri 02/04/2011 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7...
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3188] ntdll.dll!LdrLoadDll...
.text C:\Windows\system32\taskeng.exe[1224] USER32.dll!UnhookWinEvent...
GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2011-02-04 14:08:43 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdePort3 ST9320320AS...
[Resolved] Need help with white smoke infection I have a friend's laptop that keeps getting something called white smoke translator. Malwarebytes...
Ok, I'll send them an email and ask them to bring the machine to me. Thanks Broni.
What I mean is, it gets installed on the machine, somehow, they are not sure, I'm guessing from some site they visit. Malwarebytes and...
Hi PeteC, I don't have the PC with me, they were asking me about it so I thought I would post and see if anyone knew anything about it before...
A friend of mine keeps getting something called White Smoke translator on their machine. There's a pop-up window that comes up at boot time asking...
The machine is doing much better now, boots much cleaner and faster and internet use is a lot better. I've update firefox and will be applying...
I updated Java and removed older versions, here are the OTl and security check logs, Eset scanner would not run in IE, had to download and run a...
< %systemroot%\Fonts\*.ini > [2005/10/19 20:31:15 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 >...
OTL logfile created on: 10/23/2010 11:19:43 PM - Run 1 OTL by OldTimer - Version 3.2.17.0 Folder = C:\Documents and Settings\Caitlin\Desktop...
The machine is doing better, the explorer window still pops-up to the system32 folder after boot. Here are the logs; OTL Extras logfile created...
New combofix log; ComboFix 10-10-22.05 - Caitlin 10/23/2010 18:29:11.4.1 - x86 Microsoft Windows XP Home Edition...
Files have been moved, sorry, must have clicked the wrong folder.
Files were successfully restored to system32 folder. Here is the new log. ComboFix 10-10-22.04 - Caitlin 10/22/2010 23:14:32.3.1 - x86...
They gave me an XP CD but it doesn't go with this machine, it is an XP Pro CD, this machine is Home Edition. Here is the new combofix log;...
Separate names with a comma.
