Found multiple infections: hldrrr.exe, srosa and more | Thread profile

A few days ago I downloaded a stupid file. My system had already been running slowly, but I immediately saw a huge slowdown, internet connections became sporadic and I was unable to open my A/V program [eset NOD32] at all. I found this site and tried running through the steps on the first sticky. The first two apps/directions wouldn't run at all. I was able to run Malwarebytes' Anti...

Changed http/https, .com, www to other stuff. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:50:19 PM, on 6/27/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\...

I should add that I'm very concerned about running some confidential software and opening files until this is resolved. I don't want the information from my Quickbooks files or confidential MSWord docs to be exposed if any damage will be done to them or if their data will be compromised. But I need to run them soon. I guess I need to know if it's OK to work with these files with ...

My first Malware log: Malwarebytes' Anti-Malware 1.18 Database version: 894 10:47:26 PM 6/26/2008 mbam-log-6-26-2008 (22-47-26).txt Scan type: Full Scan (C:\|D:\|S:\|) Objects scanned: 285523 Time elapsed: 3 hour(s), 4 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 ...

Welcome. Quote: I should add that I'm very concerned about running some confidential software and opening files until this is resolved. I don't want the information from my Quickbooks files or confidential MSWord docs to be exposed if any damage will be done to them or if their data will be compromised. But I need to run them soon. I guess I need to know if it's OK to...

I sort of messed up when I panicked yesterday- after reading this post, I clicked on the link to download ComboFix. When I tried browsing to another link, my connection was gone and AVG seemed disabled- it appeared to be running, but I couldn't open the GUI and couldn't repair or reinstall. After some messing around and running CF last night (but not having run HJT previously as ...

The more times you run Combofix I loose track of what it did. Do have the log form it. I need to see that before we go any further. Look for c\combofix.txt

Quote: Originally Posted by Porthos The more times you run Combofix I loose track of what it did. Do have the log form it. I need to see that before we go any further. Look for c\combofix.txt I did save the CF log last night. Here it is. Since then, I just ran HJT and only fixed the one item. ComboFix 08-06-20.4 - Owner 2008-06-27 23:51:33.1 - ...

Slightly OT: I can't seem to get my PC to allow my PPC/phone to sync using activesync. I have a feeling it's because of the AVG8 firewall, but might have something to do with the infection. If it is a result of the infection, is there a method for fixing it? If it's because of AVG, is someone familiar enough with the program to help me configure it properly?

First we need to move Combofix to the desktop. Quote: Running from: S:\Downloads \Combo-Fix.exe Make sure you follow all directions as to where to run the fixes I give you. * Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the Quote box below: Quote: ...