Jump to content

ntd

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks for all your help! I really appreciate it.
  2. Results of screen317's Security Check version 0.99.57 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Please wait while WMIC is being installed. WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.2.202.233 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox 14.0.1 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 0% ````````````````````End of Log``````````````````````
  3. alright here's the adwcleaner log. i'll run security check now. AdwCleanerS1.txt
  4. Seems to be running fine. I don't recognize anything in the log that I'd want to keep. AdwCleanerR1.txt
  5. Attempted to run combofix once and it froze when it was preparing the log report. Restarted the computer and disabled spybot and malwarebytes in order to run combofix again and it froze. This has happened twice so far. Ideas?
  6. Ran it, nothing found. Guess I'l reboot and make sure everything is good. Thanks! system-log.txt mbar-log-2013-01-25 (12-59-34).txt
  7. RogueKiller V8.4.3 [Jan 24 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Nicki [Admin rights] Mode : Scan -- Date : 01/25/2013 11:33:55 | ARK || MBR | ¤¤¤ Bad processes : 2 ¤¤¤ [DLL] rundll32.exe -- C:\WINDOWS\system32\rundll32.exe : C:\Documents and Settings\Nicki\Application Data\sdlat.dll -> KILLED [TermProc] [DLL] rundll32.exe -- C:\WINDOWS\system32\rundll32.exe : C:\Documents and Settings\Nicki\Application Data\apsas.dll -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤ [RUN][bLACKLISTDLL] HKLM\[...]\Run : bvuts (rundll32.exe ",HrCheckTridentMenu) -> FOUND [RUN][sUSP PATH] HKLM\[...]\Run : sdlat ("C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Nicki\Application Data\sdlat.dll",Method_Fini) -> FOUND [RUN][sUSP PATH] HKLM\[...]\Run : apsas ("C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Nicki\Application Data\apsas.dll",Module_GetDict) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHV2040BH +++++ --- User --- [MBR] 4089de0212d4b1babb74a1443923f31b [bSP] 0865dbc3033a5b0d1557ae0b87d99f0b : Windows XP MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 31918 Mo 2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 65448810 | Size: 4753 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01252013_02d1133.txt >> RKreport[1]_S_01252013_02d1133.txt
  8. To run as administrator it asks for a password. Should I run it under my user info or is there a password to enter?
  9. Hello there. Think I've got some kind of virus, ran Malwarebytes full scan several times and it didn't find anything though. Internet explorer is running all my temporary files in the background. I have disconnected from the internet in the meantime. Ran the dds tool. Any help would be appreciated, thanks. attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.