Author Topic: [Resolved] Cannot Post Log  (Read 4810 times)

0 Members and 1 Guest are viewing this topic.

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #30 on: December 22, 2011, 09:51:55 pm »
ComboFix 11-12-21.02 - Jim Rhodes 12/21/2011  22:26:59.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.503.247 [GMT -5:00]
Running from: c:\documents and settings\Jim Rhodes\My Documents\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
 * Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB25480$\1892781370
c:\windows\$NtUninstallKB25480$\548750141\@
c:\windows\$NtUninstallKB25480$\548750141\bckfg.tmp
c:\windows\$NtUninstallKB25480$\548750141\cfg.ini
c:\windows\$NtUninstallKB25480$\548750141\Desktop.ini
c:\windows\$NtUninstallKB25480$\548750141\keywords
c:\windows\$NtUninstallKB25480$\548750141\kwrd.dll
c:\windows\$NtUninstallKB25480$\548750141\L\akygdmgo
c:\windows\$NtUninstallKB25480$\548750141\lsflt7.ver
c:\windows\$NtUninstallKB25480$\548750141\U\00000001.@
c:\windows\$NtUninstallKB25480$\548750141\U\00000002.@
c:\windows\$NtUninstallKB25480$\548750141\U\00000004.@
c:\windows\$NtUninstallKB25480$\548750141\U\80000000.@
c:\windows\$NtUninstallKB25480$\548750141\U\80000004.@
c:\windows\$NtUninstallKB25480$\548750141\U\80000032.@
c:\windows\system32\oobe\isperror
c:\windows\system32\oobe\isperror\ispcnerr.htm
c:\windows\system32\oobe\isperror\ispdtone.htm
c:\windows\system32\oobe\isperror\isphdshk.htm
c:\windows\system32\oobe\isperror\ispins.htm
c:\windows\system32\oobe\isperror\ispnoanw.htm
c:\windows\system32\oobe\isperror\isppberr.htm
c:\windows\system32\oobe\isperror\ispphbsy.htm
c:\windows\system32\oobe\isperror\ispsbusy.htm
c:\windows\$NtUninstallKB25480$ . . . . Failed to delete
.
.
(((((((((((((((((((((((((   Files Created from 2011-11-22 to 2011-12-22  )))))))))))))))))))))))))))))))
.
.
2011-12-14 18:41 . 2011-12-15 02:35   --------   d-s---w-   c:\windows\system32\config\systemprofile\UserData
2011-12-14 08:06 . 2011-12-14 08:06   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2011-12-13 03:53 . 2011-12-13 03:53   --------   d-----w-   c:\program files\Common Files\Java
2011-12-11 17:54 . 2011-12-11 17:54   --------   d-----w-   c:\documents and settings\Jim Rhodes\Application Data\Malwarebytes
2011-12-11 17:53 . 2011-12-11 17:53   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2011-12-11 15:33 . 2004-03-09 18:00   132880   ----a-w-   c:\windows\system32\MSINET.OCX
2011-12-11 15:33 . 2000-05-22 22:00   203976   ----a-w-   c:\windows\system32\richtx32.ocx
2011-12-11 15:33 . 1998-06-24 18:00   140096   ----a-w-   c:\windows\system32\COMDLG32.OCX
2011-12-11 15:33 . 2001-10-04 19:13   3584   ----a-w-   c:\program files\Common Files\Microsoft Shared\DAO\comcat.dll
2011-12-11 15:33 . 2001-10-04 18:16   1338880   ----a-w-   c:\program files\Common Files\Microsoft Shared\DAO\shdocvw.dll
2011-12-11 15:33 . 1999-06-11 04:34   570128   ----a-w-   c:\program files\Common Files\Microsoft Shared\DAO\DAO350.DLL
2011-12-11 15:33 . 1998-06-24 18:00   244024   ----a-w-   c:\windows\system32\MSFLXGRD.OCX
2011-12-11 01:37 . 2011-12-11 04:37   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-12-11 01:37 . 2011-12-11 01:41   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2011-12-11 01:13 . 2011-12-11 01:13   388096   ----a-r-   c:\documents and settings\Jim Rhodes\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-11 01:13 . 2011-12-11 01:13   --------   d-----w-   c:\program files\Trend Micro
2011-12-07 20:38 . 2011-12-07 20:38   --------   d-----w-   c:\windows\system32\wbem\Repository
2011-12-07 19:51 . 2011-12-07 19:51   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2011-12-07 19:50 . 2011-12-07 22:59   --------   d-s---w-   c:\documents and settings\NetworkService\UserData
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 13:25 . 2001-08-30 10:30   1859584   ----a-w-   c:\windows\system32\win32k.sys
2011-11-10 10:54 . 2011-06-18 04:04   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-11-10 08:27 . 2011-06-18 04:09   73728   ----a-w-   c:\windows\system32\javacpl.cpl
2011-11-01 20:35 . 2011-04-10 01:20   81920   ------w-   c:\windows\system32\ieencode.dll
2011-11-01 20:35 . 2001-08-30 10:30   667136   ----a-w-   c:\windows\system32\wininet.dll
2011-11-01 20:35 . 2001-08-30 10:30   61952   ----a-w-   c:\windows\system32\tdc.ocx
2011-11-01 16:07 . 2001-08-30 10:30   1288704   ----a-w-   c:\windows\system32\ole32.dll
2011-11-01 15:02 . 2011-04-10 01:20   369664   ------w-   c:\windows\system32\html.iec
2011-10-28 05:31 . 2001-08-30 10:30   33280   ----a-w-   c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2001-08-30 10:30   2148864   ----a-w-   c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2001-08-17 13:48   2027008   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2011-10-18 19:32 . 2011-04-10 18:35   150856   ----a-w-   c:\windows\system32\mfevtps.exe
2011-10-18 11:13 . 2011-04-10 01:20   186880   ------w-   c:\windows\system32\encdec.dll
2011-10-15 18:16 . 2011-04-10 18:46   9608   ----a-w-   c:\windows\system32\drivers\mfeclnk.sys
2011-10-15 18:16 . 2011-04-10 18:46   89792   ----a-w-   c:\windows\system32\drivers\mfetdi2k.sys
2011-10-15 18:16 . 2011-04-10 18:46   87656   ----a-w-   c:\windows\system32\drivers\mferkdet.sys
2011-10-15 18:16 . 2011-04-10 18:46   83856   ----a-w-   c:\windows\system32\drivers\mfendisk.sys
2011-10-15 18:16 . 2011-04-10 18:46   59456   ----a-w-   c:\windows\system32\drivers\mfebopk.sys
2011-10-15 18:16 . 2011-04-10 18:46   338176   ----a-w-   c:\windows\system32\drivers\mfefirek.sys
2011-10-15 18:16 . 2011-04-10 18:46   57600   ----a-w-   c:\windows\system32\drivers\cfwids.sys
2011-10-15 18:16 . 2011-04-10 18:46   180816   ----a-w-   c:\windows\system32\drivers\mfeavfk.sys
2011-10-15 18:16 . 2010-10-14 02:28   464176   ----a-w-   c:\windows\system32\drivers\mfehidk.sys
2011-10-15 18:16 . 2010-10-14 02:28   121256   ----a-w-   c:\windows\system32\drivers\mfeapfk.sys
2011-10-10 14:22 . 2011-04-09 03:25   692736   ----a-w-   c:\windows\system32\inetcomm.dll
2011-10-04 18:56 . 2011-10-04 18:56   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-28 07:06 . 2001-08-30 10:30   599040   ----a-w-   c:\windows\system32\crypt32.dll
2011-09-26 15:41 . 2008-07-29 23:59   611328   ----a-w-   c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2001-08-30 10:30   220160   ----a-w-   c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2001-08-30 10:30   20480   ----a-w-   c:\windows\system32\oleaccrc.dll
2011-11-10 20:20 . 2011-04-09 15:01   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-14 18:01 . 2011-04-10 18:46   24376   ----a-w-   c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 00:11   2872120   ----a-w-   c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 00:11   2872120   ----a-w-   c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 00:11   2872120   ----a-w-   c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552]
"VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2011-02-01 206120]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 1565696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-09-28 894304]
"McAfeeWrapperApplication"="c:\program files\McAfeeMOBK\WrapperTrayIcon.exe" [2010-12-07 453344]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
"c:\\Documents and Settings\\Jim Rhodes\\Application Data\\Spotify\\spotify.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"50000:UDP"= 50000:UDP:IHA_MessageCenter
.
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/10/2011 1:46 PM 89792]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [4/10/2011 1:48 PM 54776]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [9/27/2011 7:08 PM 745880]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [10/13/2010 4:06 PM 286736]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [4/9/2011 9:57 AM 109728]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [4/9/2011 5:15 PM 312152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/10/2011 1:46 PM 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/10/2011 1:46 PM 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/10/2011 1:46 PM 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [4/10/2011 1:47 PM 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [4/10/2011 1:35 PM 150856]
R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 7:11 PM 229688]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\VERIZONDM\bin\sprtsvc.exe [2/1/2011 4:54 AM 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\VERIZONDM\bin\tgsrvc.exe [2/1/2011 4:54 AM 185640]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/10/2011 1:46 PM 57600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/10/2011 1:46 PM 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/10/2011 1:46 PM 83856]
S2 XMLProvS;Network ProService;c:\windows\System32\svchost.exe -k xmlpros [8/30/2001 5:30 AM 14336]
S3 iscFlash;iscFlash;\??\c:\windows\SYSTEM32\DRIVERS\iscflash.sys --> c:\windows\SYSTEM32\DRIVERS\iscflash.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/10/2011 1:46 PM 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/10/2011 1:46 PM 87656]
S3 PacketNTx;Packet helper driver;c:\windows\system32\drivers\PacketNTx.sys [4/8/2011 10:53 PM 24544]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
xmlpros   REG_MULTI_SZ      XMLProvS
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-12-22 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2011-04-10 18:11]
.
2011-12-22 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2011-04-10 19:24]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Jim Rhodes\Application Data\Mozilla\Firefox\Profiles\nqtesguu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.foxnews.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
HKLM-Run-BHR - c:\program files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe
Notify-xmlproservice - xmlrpw32.dll
Notify-xmlrpw32 - xmlrpw32.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-21 23:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
.
c:\docume~1\JIMRHO~1\LOCALS~1\Temp\ArmUI.ini 148526 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(972)
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\program files\McAfee Online Backup\MOBKshell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Verizon\McciBrowser.exe
c:\program files\Verizon\McciBrowser.exe
.
**************************************************************************
.
Completion time: 2011-12-21  23:08:00 - machine was rebooted
ComboFix-quarantined-files.txt  2011-12-22 04:07
.
Pre-Run: 146,254,299,136 bytes free
Post-Run: 146,781,274,112 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 82197232978A3CD7A9B90654EEE2C716

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #31 on: December 22, 2011, 09:58:32 pm »
Here are the system and application logs.

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #32 on: December 22, 2011, 10:05:32 pm »
Are you having any network issues with this computer?

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #33 on: December 22, 2011, 10:06:42 pm »
No, everything seems fine with the network.

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #34 on: December 22, 2011, 10:32:13 pm »
Then go to the control panel, then to the system control panel, then to the hardware tab, then click the device manager button and see if there are any devices with a yellow exclamation mark or a red x next to them. If there are, let me know which.


Did you check in the control panel?

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #35 on: December 22, 2011, 10:41:04 pm »
OOPS, sorry. I just checked and there are 3 items under "other devices" that are flagged in yellow.

PCI Simple Communications Controller
Universal Serial Bus (USB)
Video Controller (VGA) Compatible

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #36 on: December 22, 2011, 10:49:10 pm »
Double click on each one of them and then click on the update driver button. If it cannot update, then close the properties window and then right click on the devices that would not update and select uninstall. Then reboot the computer and check to see if they are still there. It may take a few minutes after the reboot to see if windows will detect the devices that need to be installed.

Let me know how that goes.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #37 on: December 23, 2011, 08:21:09 am »
Okay. It was able to find the PCI and USB drivers so they are okay now. It could not locate the software for the Video Controller even when I deleted it and rebooted. I had some application disks that came with the computer. I scanned them but to no avail.

I did locate the Windows XP Operating System CD though. I don't know if that will be helpful.

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #38 on: December 23, 2011, 10:10:38 pm »
Will your old keyboard and mouse work now? What is the make and model of your computer? I can try and find you the Video drivers.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #39 on: December 23, 2011, 10:26:59 pm »
My old mouse and keyboard still do not work.

My computer is a Gateway, model# E-5200S QS

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #40 on: December 23, 2011, 11:02:42 pm »
You can get the Video Driver here, as well as the keyboard drivers, that might also take care of the mouse. There are three different video drivers available. If you do not know which one it is, let me know.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #41 on: December 23, 2011, 11:40:26 pm »
Installed the keyboard driver and the video driver and rebooted. Everything looks good in the device manager now, but the old keyboard and mouse still do not work.

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #42 on: December 24, 2011, 01:03:56 am »
Go back into the device manager and delete the keyboard and mouse entry and reboot the computer. While it is rebooting, leave the PS2 keyboard and mouse connected and disconnect the USB mouse and keyboard. See if they are recognized and reinstalled. If you have to reconnect the USB devices, go ahead. Let me know how it goes.

Other than that, how is the computer running? If your search engine results are still being redirected, skip the above instructions and follow the instructions below.

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.





  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.





  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline jrhodes

  • Bronze Member
  • Posts: 27
Re: [In Progress] Cannot Post Log
« Reply #43 on: December 24, 2011, 08:45:02 am »
Ever since I ran Combofix the problem with redirection seems to be solved.

I deleted the mouse and keyboard drivers from Device Manager, I disconnected the USB mouse and keyboard and made sure that the old keyboard and mouse were plugged in and then I rebooted. Still do not have the old mouse and keyboard working. The computer doesn't even seem to recognize that they are plugged in. The only sign I see that I am getting some type of connection is that the Num Lock light stays lit. It will not toggle off and on and none of the other lights will come on at all.

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25712
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Cannot Post Log
« Reply #44 on: December 24, 2011, 09:48:09 am »
Do you know how to maneuver in the BIOS? If you do look in there and see if there is a setting to disable the PS2 keyboard and enable a USB keyboard. If there is make sure it is set to use the PS2 keyboard.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!