I am running CF on the infected machine. CF ran thru its stages and found then deleted several infected files. Then it rebooted the computer,...
hahaha... I used to be able to spell.... :D
*therefore... when it rains in my area, the broadband link becomes unavailable... 4 techs out to the house in the past 2 weeks and the are...
internet connection there, but page loading is becoming increasingly slower with each access attempt. Also... I have DSL and ATT is repairing my...
I am unable to access the internet thru my machine.. I have loaded cf and rkill to disk... will I be able to run them on my machine or do these...
I just finished loading CF and ready to try running it...
yes... I thought your first reply told me to run MBR.. I will stop and run combofix, but I need to know how to disable script blocking for XP......
I see what AVG is... I do not have it...
Just a couple of things please....what is AVG? and how do I disable script blocking on XP?
I am running MBR now for a lapsed time of approximately 10 hours... shall I let that finish first or stop it and run ComboFix?
Reg HKLM\SOFTWARE\Classes\MetafileCompanion32.WindowsMetafile\protocol\StdFileEditing\verb...
---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Nova Development\Art...
.text C:\WINDOWS\ehome\ehtray.exe[4084] ADVAPI32.dll!CreateServiceW...
.text C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe[3700] ADVAPI32.dll!ChangeServiceConfig2A...
7C9171CD 5 Bytes JMP 001403FC .text C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe[3004] kernel32.dll!GetBinaryTypeW + 80...
.text C:\WINDOWS\SOUNDMAN.EXE[2676] ADVAPI32.dll!SetServiceObjectSecurity...
.text C:\WINDOWS\system32\svchost.exe[612] USER32.dll!UnhookWindowsHookEx...
GMER 1.0.15.15627 - http://www.gmer.net Rootkit scan 2011-07-11 14:30:08 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 ->...
First MBR log from 2 days ago.... aswMBR version 0.9.7.705 Copyright(c) 2011 AVAST Software Run date: 2011-07-11 14:43:55...
doesn't indicate in the above report, but stealth scan said "nothing to report :(. "
Separate names with a comma.
