Doginhispen, skitodayplease problems

Status
Not open for further replies.
Yes, they are on my privacy tab under blocked sites. Per my browser histroy, dog, ski, and 88.80.7.66 have all been visited 3 times each today.
 
let's clear the browsing history and see if it shows up again. Go to tools -> General tab-> Click Delete under browsing history section

I gotta go back to work, will check back on this thread in a few hours
 
I'm still on IE - didn't know if we had to resolve this before moving to Firefox. I'll go ahead and change now.
 
The only time I ever recommend using IE is to do microsoft updates. Which now I even do through Start -> control panel -> windows update

I have been on vista a while now and don't remember if XP had this option.

*Your Hijackthis log looks clean but let's make sure the infection is gone.

Combofix
  • Download Combofix to your desktop.
  • Double click combofix.exe & follow the prompts.
  • A window will open with a warning.
  • Type "1" (and Enter) to start the fix.
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

Combofix will automatically save the log file to C:\combofix.txt
 
Ok, I don't really see any startups that could be causing this. Let's see if this file is still on your system and if it is go ahead and submit it to virus total

Show hidden files through windows explorer
  • Access Windows Explorer by clicking Start, point to All Programs, Accesories, and then click Windows Explorer. Or hold the windows key and press E
  • On the Tools menu in Windows Explorer, click Folder Options
  • Click the View tab.
  • Under Hidden files and folders, click Show hidden files and folders
  • Remove the checkmark from the checkbox labeled Hide protected operating system files
  • Remove the checkmark from the checkbox labeled Hide file extensions for known file types
  • Put a checkmark in the checkbox labeled Display the contents of system folders.

Upload a File to Virustotal
Please visit Virustotal found HERE
  • Click the Browse... button
  • Navigate to the file C:\WINDOWS\system32\C4F32ADED3.sys
  • Click the Open button
  • Click the Send button
  • Copy and paste the results back here please.
 
When I try to open the file C:\WINDOWS\system32\C4F32ADED3.sys I get the following message: Windows cannot open this file: File C4F32ADED3.sys
To open this file, Windows needs to know what program created it. Windows can go online to look it up automatically, or you can manually select from a list of programs on your computer.

What should I do?
 
File C4F32ADED3.sys received on 03.12.2008 00:07:35 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/31 (0%)
Loading server information...
Your file is queued in position: 14.
Estimated start time is between 84 and 120 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.3.12.0 2008.03.11 -
AntiVir 7.6.0.73 2008.03.11 -
Authentium 4.93.8 2008.03.11 -
Avast 4.7.1098.0 2008.03.11 -
AVG 7.5.0.516 2008.03.11 -
BitDefender 7.2 2008.03.11 -
CAT-QuickHeal 9.50 2008.03.10 -
ClamAV 0.92.1 2008.03.11 -
DrWeb 4.44.0.09170 2008.03.11 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5607 2008.03.11 -
Ewido 4.0 2008.03.11 -
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.11 -
F-Prot 4.4.2.54 2008.03.11 -
F-Secure 6.70.13260.0 2008.03.11 -
Ikarus T3.1.1.20 2008.03.11 -
Kaspersky 7.0.0.125 2008.03.11 -
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.10 -
NOD32v2 2938 2008.03.11 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.11 -
Prevx1 V2 2008.03.12 -
Rising 20.35.12.00 2008.03.11 -
Sophos 4.27.0 2008.03.11 -
Sunbelt 3.0.930.0 2008.03.05 -
TheHacker 6.2.92.241 2008.03.11 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.11 -
Webwasher-Gateway 6.6.2 2008.03.11 -
Additional information
File size: 104 bytes
MD5: 186bb32712bd26ad5278a41f5a46e0c3
SHA1: 686c46e2200206aa2a797bcae6b48a8e71059c61
PEiD: -
 
That is correct - I went through the process again and here are the results:
File C4F32ADED3.sys received on 03.12.2008 01:12:15 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)
Loading server information...
Your file is queued in position: 14.
Estimated start time is between 84 and 120 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
AhnLab-V3 2008.3.12.0 2008.03.11 -
AntiVir 7.6.0.73 2008.03.11 -
Authentium 4.93.8 2008.03.11 -
Avast 4.7.1098.0 2008.03.11 -
AVG 7.5.0.516 2008.03.11 -
BitDefender 7.2 2008.03.12 -
CAT-QuickHeal 9.50 2008.03.10 -
ClamAV 0.92.1 2008.03.11 -
DrWeb 4.44.0.09170 2008.03.11 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5607 2008.03.11 -
Ewido 4.0 2008.03.11 -
FileAdvisor 1 2008.03.12 -
Fortinet 3.14.0.0 2008.03.11 -
F-Prot 4.4.2.54 2008.03.11 -
F-Secure 6.70.13260.0 2008.03.11 -
Ikarus T3.1.1.20 2008.03.11 -
Kaspersky 7.0.0.125 2008.03.12 -
McAfee 5249 2008.03.11 -
Microsoft 1.3301 2008.03.12 -
NOD32v2 2938 2008.03.11 -
Norman 5.80.02 2008.03.11 -
Panda 9.0.0.4 2008.03.12 -
Prevx1 V2 2008.03.12 -
Rising 20.35.12.00 2008.03.11 -
Sophos 4.27.0 2008.03.12 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.12 -
TheHacker 6.2.92.241 2008.03.11 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.11 -
Webwasher-Gateway 6.6.2 2008.03.11 -
Additional information
File size: 104 bytes
MD5: 186bb32712bd26ad5278a41f5a46e0c3
SHA1: 686c46e2200206aa2a797bcae6b48a8e71059c61
PEiD: -
 
please note that while, when I copy and paste the results, it says

"The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

I doesn't show that anywhere on the screen and at no time during the process did it appear that the scanner stopped.
 
:upload files to jotti:


  • Please upload a file for scanning:
    • Open virusscan.jotti
    • Copy/paste this file and path into the white box at the top:
    C:\WINDOWS\system32\C4F32ADED3.sys

    Press Submit - this will submit the file for testing.
    Please wait for all the scanners to finish then copy and paste the results in your next response.
 
Service load:
0% 100%
File: C4F32ADED3.sys
Status:
OK
MD5: 186bb32712bd26ad5278a41f5a46e0c3
Packers detected:
-
Bit9 reports: File not found
Scan taken on 12 Mar 2008 20:29:56 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
 
Status
Not open for further replies.

Similar threads

midian182
Plex update raises concerns over potential sharing of porn viewing habits
Replies
24
Views
672
m4a4
m4a4
M
Windows update issues - Server 2012 & 2016 (mainly 2016)
Replies
1
Views
1K
msmeal
M
Cal Jeffrey
Tomb Raider modder reveals he spent the last year heading up the trilogy remaster
Replies
3
Views
149
erickmendes
erickmendes

Latest posts

Back