Thomas Dorris

Member
  • Content Count

    7
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Thomas Dorris

  • Rank
    New Member
  1. Everything is running perfectly. No problems at all. Thanks again! I think you can close this thread out.
  2. OK, I ran that script and then grabbed a fresh AVZ log.
  3. Thanks again. No unusual issues came up while running these. I have attached the requested files. At least I think so. I'm not sure if the OTL log I have attached is the one you want or not. It's what came up in an editor when the OTL thing finished.
  4. If you see something that concerns you, then it concerns me too. I have attached the requested files. Thanks again!
  5. Requested files are attached. I still got those 3 "registry editor died unexpectedly" messages when running ComboFix, but other than that, everything seems to have run fine. In fact, I haven't had any problems at all with this machine since this morning. So I think we're looking pretty good at this point. Thanks!!! You guys have a top notch piece of software and support that's insanely cool. Thanks again!
  6. Thanks for the time! I have attached the ComboFix log and new ISeeYouXP log files to this post. ----------------------------------------- Results ----------------------------------------- I'm letting the PC run for a while to see if any of the original "Generic Host Process for Win32 Services has encountered a problem" messages come back up, but so far none have yet. There is still browser hijacking going on, though. But it's a little different now. Now, instead of the browser just instantly jumping over to the bogus site, The Emisisoft Anti-Malware software seems to be able to catch it and is displaying a popup saying something like "Anti-Malware detected a suspicious site access and blocked it". At least from Firefox that's true. Internet Explorer can no longer access the internet at all. I haven't looked into what's going on there yet. So it seems like progress to me, but still not back to normal yet. ----------------------------------------- Some notes on running ComboFix ----------------------------------------- When I ran ComboFix, it mentioned that it found a master boot record infection and that it detected rootkit activity. It then attempted to reboot the machine, but this failed with a blue screen of death. Once I manually restarted, ComboFix picked up where it was supposed to and seemed to run to completion. At the very end, though, I got a "Registry Editor stopped working and had to be closed" message box. I wanted to ignore it and touch nothing, but ComboFix was stalled at that point. So I had to click the "do not send" button to dismiss it and then ComboFix continued to finish up. I got one or two more "registry editor crashed" boxes that had to be dismissed but ultimately it seems ComboFix ran and created the log.
  7. One of our computers has been infected in some way. The browser (both IE and Firefox) will bring you to random pages/advertisements instead of the pages you were trying to pull up. Google search results, for example, appear valid in the results list, but when clicked they take you to various real estate ads and such. In addition, she's getting a Windows message saying: "Generic Host Process for Win32 Services has encountered a problem and needs to be closed." I have attached what I believe you need for diagnosis from your "start here" thread. The system is running MS Windows XP Home SP3 on an AMD Athlon 64 3500+ processor with 958 MB RAM and an NVIDIA GeForce 6150LE card. Please help. Thanks.