Misc. Strange Happenings...

Discussion in 'Malware Help (A Specialist Will Reply)' started by 00pZ, Jun 8, 2008.

  1. 00pZ

    00pZ Private E-2

    Experiencing disappearing passwords, IE7 redirects, display settings changing etcetera...

    Hope the logs show something...
     

    Attached Files:

    00pZ, Jun 8, 2008
    #1
  2. 00pZ

    00pZ Private E-2

    Also - forgot to mention - went through the whole removal procedure and followed instructions for running the log tools.

    Did not see anything in the simple scans - hope the logs give some clues - thanks for help... :)
     
    00pZ, Jun 8, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Some of your problems do not sound like malware. And your logs agree with this assessment since they are all clean. Where are you being redirected to and when does it happen? What do you mean disappearing passwords? If you are referring to passwords for websites, each time you delete your cookies, you will loose the auto login capability since you deleted the cookies. Don't delete the cookies.

    Do you have the requested log from SUPERAntispyware? But I'm assuming it did not find anything.
     
    chaslang, Jun 9, 2008
    #3
  4. 00pZ

    00pZ Private E-2

    Thank you for checking the logs - the SuperAntispyware did not find anything either...

    After we set the password to protect our Outlook account (not the email password) - to prevent others from opening it - it works for awhile then is 'gone' - have to reset it. This has happened three times so far...

    Had a temp file appear on the desktop yesterday of a Word file that I have not accessed in over a year... :confused

    We have 5 home/office computers networked through a DSL modem/D-Link router, and are concerned about possible keylogger or something like that accessing our files... ?

    Thanks again for your help... :)
     
    00pZ, Jun 9, 2008
    #4
  5. 00pZ

    00pZ Private E-2

    The re-directions happen after typing a search term in Google - the site, according to the address bar, that it tries to go to is not what it should be, then we get a error - page not available...

    Happens every so ofter...
     
    00pZ, Jun 9, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    What do you mean by "it works for awhile and then is gone". If the password has changed, how are you getting into it to change it. Or you just mean that a saved autologin password is gone but the original password still works.

    It still is unlikely that any of this is malware. Please run the below and attach the requested logs.

    Using BitDefender Online Scan

    Running GMER to detect rootkits
     
    chaslang, Jun 9, 2008
    #6
  7. 00pZ

    00pZ Private E-2

    Sorry - not explaining this very clearly... :)

    The Outlook 'protected password' protects Outlook from being opened by anyone who does not have the password.

    We set the password, and each time we want to open Outlook it asks for the password or it will not open...

    Then, one day, we open Outlook and it DOES NOT ask for the password. Why... ?

    We then go back and set Outlook to have password protection AGAIN.

    Wondering why - and how- the password protection is being 'removed' ... ?

    Will run the other scans - thanks... :)
     
    00pZ, Jun 9, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Unknown but unlikely that it is malware. Sounds like a bug in Outlook. Perhaps you should look at this: http://support.microsoft.com/kb/290684

    Are you saying it does continue on to open up your email without asking for the password? And does the same thing happen on ALL of your computers? Does it happen all at the same time? That is do they all stop asking for the password at the same time?
     
    chaslang, Jun 10, 2008
    #8
  9. 00pZ

    00pZ Private E-2

    Only one of our computers has a Password-Protected Outlook, this particular problem is only occuring on that one.

    This does not affect email delivery through Outlook - it just no longer asks for the password to open the program...

    I ran the Bitdefender according to instructions - log attached... :)

    I installed and ran the GMER according to instructions, and it stopped working and crashed my computer in both Regular and Safe Modes, causing BSOD and CHKDSK to run. After Safe Mode Crash, computer would NOT BOOT into Safe Mode. Manual shut down and Normal Windows Start worked...

    Hope the attachment has some clues - thanks for your help... :)
     

    Attached Files:

    00pZ, Jun 10, 2008
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The log from BitDefender is not what was requested in the procedure. That was only a log summary and is of no use to us. However it is really a waste of time to look at this any further in this forum. Your problem is not related to malware. You need to look at what I gave you in that Microsoft link and post in the Software Forum if you still have questions about this.
     
    chaslang, Jun 10, 2008
    #10
  11. 00pZ

    00pZ Private E-2

    The log that was saved from BitDefender was the only thing that was 'offered' as a log that we could see - the instructions did not seem to exactly match what appeared in the interface we received when we ran this...

    Do you have any thoughts on whether the 'virtool.vbs.JAP3' finding in the BitDefender log is something of concern... ?

    What about the GMER crashing the computer twice... ? Why might this have happened... ?

    The Microsoft link provided addresses email password problems - we are not having problem with our email passwords.

    Really sorry you feel that this is a waste of your time - but we have gone through many hours of troubleshooting bizarre, sudden and intermittant changes to our programs...
     
    00pZ, Jun 10, 2008
    #11
  12. 00pZ

    00pZ Private E-2

    There were three files that BitDefender 'identified' and 'deleted' as being 'virtool.vbs.JAP3' - and these were actually important business files.

    Would like to know if this was a valid virus-removal or not... ?

    Do have back ups in case they are OK...
     
    00pZ, Jun 10, 2008
    #12
  13. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you know that these are files for your business then they are probably false positives. Since you did not attach the proper log and instead attached only a summary, I have no idea what files were found/removed or where they were located.

    I suggest that you post your problem with Outlook Express in the Software Forum since it is not a malware issue. The below link may also give you some useful info especially towards the end where it mentions: It sometimes happens that Outlook Express stops remembering account passwords

    http://www.microsoft.com/windows/IE/community/columns/passwords.mspx

    You logs are all clean. I don't know why GMER would not run. Perhaps it is an incompatibility with some other software on your PC.
     
    chaslang, Jun 11, 2008
    #13

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds