Rorschach112

Experts
  • Content count

    55
  • Joined

  • Last visited

About Rorschach112

  • Rank
    Regular Member

Contact Methods

  • ICQ
    0
  1. It was one of the official versions, I cant remember which one exactly. If you think all p2p and using them is safe, you are living in some fantasy world
  2. eMule has been bundled with navipromo in the past lordpake, and wasn't that long ago
  3. Its corrected, no more FP Nice one
  4. FP

    Cant seem to get a developer log The file is below if that helps New_Compressed__zipped__Folder.zip New_Compressed__zipped__Folder.zip
  5. The program is completely fine. You should take a look at it, it is very helpful with malware removal
  6. Sorry but I have to close the thread since you downloaded cracks, its against the rules here http://www.malwarebytes.org/forums/index.php?showtopic=5215
  7. Its fine to run the flash drive onlilife, you don't need to worry about it infecting your machine as we have already removed the infection that was responsible. So feel free to use it Nearly done now Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. Go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases [*]Click on My Computer under Scan. [*]Once the scan is complete, it will display the results. Click on View Scan Report. [*]You will see a list of infected items there. Click on Save Report As.... [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  8. It takes a while, please run it all.
  9. You can go ahead without the thumbdrive, its not essential
  10. Hello Plug your USB key in for this 1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present): O4 - HKLM\..\Run: [Flashy Bot] C:\WINDOWS\system32\Flashy.exe O4 - Startup: systemID.pif = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present 2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis. Please download the OTMoveIt3 by OldTimer or from here. Save it to your desktop. Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): :Processesexplorer.exe :Services :Reg[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]"DisableRegistryTools"=-"DisableTaskMgr"=-[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cd9d87c-a59e-11dd-ba28-0019dbb54ec5}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d21561a4-6eab-11dd-b9b5-0019dbb54ec5}] :FilesC:\WINDOWS\system32\Flashy.exeG:\Winnie.exeC:\Documents and Settings\Zj\Start Menu\Programs\Startup\systemID.pif :Commands[purity][emptytemp][start explorer][Reboot] Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTMoveIt3 Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Also post a new Rsit log
  11. You got infected because you downloaded cracks Please download the OTMoveIt3 by OldTimer or from here. Save it to your desktop. Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): :Processesexplorer.exe :Services :Reg :FilesC:\DOCUME~1\Zj\Application Data\uTorrent\Crysis Warhead Crack.torrentC:\DOCUME~1\Zj\Application Data\uTorrent\FIFA.09.Crackfix-RELOADED.torrentC:\DOCUME~1\Zj\Application Data\uTorrent\Pro Evolution Soccer 2008 (Crack and Serial) by SMoKE (FIXED).torrentC:\DOCUME~1\Zj\Application Data\uTorrent\Pro Evolution Soccer 2009 Keygen Serial FIXED - Play Online PC PES 2009.torrentC:\DOCUME~1\Zj\Application Data\uTorrent\SporeCrack.torrentC:\DOCUME~1\Zj\Application Data\uTorrent\The two worlds keygen.rar.torrent :Commands[purity][emptytemp][start explorer][Reboot] Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTMoveIt3 Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Download random's system information tool (RSIT) by random/random from here and save it to your desktop. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
  12. Same here, here is the developer log and the file in question Malwarebytes' Anti-Malware 1.30 Database version: 1351 Windows 5.1.2600 Service Pack 2 11/01/2008 15:44:43 mbam-log-2008-11-01 (15-44-38).txt Scan type: Quick Scan Objects scanned: 68811 Time elapsed: 18 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 7 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\acroiehelper.acroiehlprobj (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CLASSES_ROOT\TypeLib\{5f226421-415d-408d-9a09-0dcd94e25b48} (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CLASSES_ROOT\Interface\{34a715a0-6587-11d0-924a-0020afc7ac4d} (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CLASSES_ROOT\Interface\{6e67bcc1-d776-44bb-9dc8-c09f542c3cb6} (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CLASSES_ROOT\CLSID\{06849e9f-c8d7-4d59-b87d-784b7d6be0b3} (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849e9f-c8d7-4d59-b87d-784b7d6be0b3} (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] HKEY_CLASSES_ROOT\acroiehelper.acroiehlprobj.1 (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adware.Cinmus) -> No action taken. [4054423730346988668370153674797886841301921723252126702671146825692414216922261 4672524691424252167246923677017672094] AcroIEHelper.zip AcroIEHelper.zip
  13. Hello Disable resident protections (Antivirus...); you'll re-enable them after the scan Download Lop S&D < here Double-click Lop S&D.exe Choose the language, then choose Option 1 (Search) Wait till the end of the scan Post the log which is created: (%SystemDrive%\lopR.txt)
  14. Have got most of it then No need to attach these logs Please download the OTMoveIt3 by OldTimer or from here. Save it to your desktop. Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): :Processesexplorer.exe :Services :Reg :FilesC:\FOUND.003C:\V2*.tmp :Commands[purity][emptytemp][start explorer][Reboot] Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply. Close OTMoveIt3 Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases [*]Click on My Computer under Scan. [*]Once the scan is complete, it will display the results. Click on View Scan Report. [*]You will see a list of infected items there. Click on Save Report As.... [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  15. I think it would be easier if you just went to the HJT forum, this is a nasty infection