email bug got in....suspicion of malware...

Sunday August 2, 2009

Hello again,

I think I've picked up a really nasty bug. My e-mail server, "Safe-Mail.net", a 'high-encryption' service from Israel has had some kind of crash and blow-out. Somebody threw a real stink-bomb in there:crap, and it somehow has gotten into my machine. While running Kaspersky's online scanner it spent some seven minutes at the file C:/Docs and Settings/..../mail / local folders......but found no known infections.

Did all your proceedures (like run CCLeaner, defragmented, and run my own scans) and attached all logs as specified.
One thing stuck out as noteworthy, Chaslang says in 'Updating Java' that the most recent edition is Java 6, Update 11. Well, I have Java 6, update 13!!:major

My machine is stuck in 'selective start-up', and even when I change it back to 'NORMAL' it reverts on reboot back to 'selective start-up'.
OUCH !!!

Here is some background information....Launched IE7 and tried to do Symantec's online 'security scan', but it aborts and refuses to run. Also, attempted Kaspersky's, and also found it got stopped and would pop off and evaporate. While running Kaspersky's it spent some seven minutes at the file C:/Docs and Settings/..../mail / local folders, then moved on.:crybaby:crybaby

I run AVG Free Anti-Virus, and have Sygate's Firewall. Also, I have Spybot S&D with teatimer 'off', and SpywareBlaster. I've run SUPERAnti-Spyware Free but lost the log - which came up 'clean'. I've run MalwareByte's and here is the log. I've run RootRepealer, here's the log.

I ran Combo.fix and here's the log.

I ran the MGTools....here are the zipped logs.

Thanks folks, much appreciated,

-scottportraits

 

Okay, here are your two logs.:-D

......more later......gotta go.....talk to ya soon....and thanks !!!

'bye

 

Friday Sep 7, 2009 1.oopm est

Chaslang -

Yes, I have MalwareByte's and SUPER Anti-Spyware, both free editions, and update and run them periodically. I also downloaded and installed SunMicro Java Update 15 and let them have a schedule checker in my start-up run menu....I guess that's a good way to keep current. But I heard somewhere that it was a bad idea, because worms or trojans can slip in through the mesh. Anyway.....

No, I don't recall using a tool called "Pocket Kill Box" - unless you mean that

KILLALL::
Driver::
BLHWBUQZ
MAZM
File::
c:\docume~1\Owner\LOCALS~1\Temp\BLHWBUQZ.exe
c:\docume~1\Owner\LOCALS~1\Temp\MAZM.exe

stuff we ran inside ComboFix (dropped and dragged) text ???

Yes, I uninstalled ComboFix with the Run > command, and it was successfully deleted.

Ran the MGClean.bat file. Command screen blipped for a second, then wiped all those items off C:/ drive.

Switched off 'system restore' on all drives, then purged all restore points. Rebooted, switched it back on, then created a new post-cleaning restore point.

Have read the 'protect yourself from malware' article. I run AVG Free, my sole anti-virus, with real-time protection. I have SUPERAnti-Spyware and MalwareByte Free installed, and update and run scans weekly. I also use Sygate Free firewall. Spybot S&D and SpywareBlaster are the other apps running. On my start-up RUN menu are 3 items: AVG anti-virus, Sygate Firewall, and java update scheduler.

Have had and use frequently CCleaner, a very good tool indeed.

So there you have it. Any other advice or counsel - at this time ??

Thanks again, and best wishes to all,

-scottportraits

 

....cruising along here, I find everything seems to be pretty ship-shape. My email server had some kind of 'incident', and we are still waiting for them to back-up stuff. Bad scene for them.

The only thing that is wrong right this second is this: I use Mozilla Firefox, a better browser. I also use IE7 and Google's personal sign-in page as my homepage, iGoogle, featuring several different 'gadgets' that are supposed to script-down and run. One is a calendar, another a clock, and a moon phase dealie, and a weather picture, and several newspaper's top stories.

Several of these gadgets will not 'run' when I launch my default, Firefox. I am signed in, but they won't download. Yes, I've checked my NoScript allowables, and the other obvious thingsm, but find no cause. Why blocked ??

Launching IE7 I find they all download very nicely. But I hate to use IE except when necessary. Love Firefox. So, Help !!!

-scottportraits

 

Okay, the rig seems pretty ship-shape now, so I will close this posting with a big thank you and a smile:-D

:waveThanks chaslang:wave

-scottportraits