uspoor

Members
  • Content Count

    24
  • Joined

  • Last visited

Everything posted by uspoor

  1. Hi, Rogue Killer log: RogueKiller V9.2.9.0 [Jul 11 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : https://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits versionStarted in : Normal modeUser : Chris [Admin rights]Mode : Remove -- Date : 09/07/2014 23:18:33 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤[PUM.Policies] HKEY_USERS\S-1-5-21-3035749747-4275825102-630541599-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | Di
  2. Last one for now, malwarebytes log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 9/6/2014 Scan Time: 5:56:09 PM Logfile: mal.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.03.04.09 Rootkit Database: v2014.08.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: Chris Scan Type: Threat Scan Result: Completed Objects Scanned: 282568 Time Elapsed: 8 min, 28 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootk
  3. OTL extras log: OTL Extras logfile created on: 9/6/2014 7:13:23 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 45.52% Memory free 6.00 Gb Paging File | 4.80 Gb Available in Paging File | 80.13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: |
  4. OTL log 2/2: ========== Files - Modified Within (All) ========== [2014/09/06 19:14:07 | 002,359,296 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT [2014/09/06 18:59:51 | 000,033,512 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2014/09/06 18:59:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.com [2014/09/06 18:56:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/09/06 18:56:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/09/06 17:59:18 | 000,020,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-
  5. More: OTL log 1/2: OTL logfile created on: 9/6/2014 7:13:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 45.52% Memory free 6.00 Gb Paging File | 4.80 Gb Available in Paging File | 80.13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %
  6. Hi, Rogue Killer log: RogueKiller V9.2.9.0 [Jul 11 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : https://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits versionStarted in : Normal modeUser : Chris [Admin rights]Mode : Scan -- Date : 09/06/2014 19:05:19 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr -> FOUND[suspicious.Path] HKEY_LOCAL_MACHINE\System\Contro
  7. Hi, AdwCleaner Log: # AdwCleaner v3.309 - Report created 06/09/2014 at 17:26:05# Updated 02/09/2014 by Xplode# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)# Username : Chris - NEVES# Running from : C:\Users\Chris\Desktop\adwcleaner_3.309.exe# Option : Clean ***** [ Services ] ***** [#] Service Deleted : Update Jump Flip ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Chris\Documents\Updater ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigckKey
  8. Hi, I notice my PC's been a little slow when typing URLs or logging into certain websites for email, etc and I want to do a preventative maintenance clean-up on it. Read this link: http://www.besttechie.com/forums/topic/34318-malware-check-up/ and am following its instructions. Here's the two logs from FARBAR, FRST.txt and Addition.txt. If someone can advise how to go forward, that would be great. Thanks, Paul FRST.txt Addition.txt
  9. Hi again, Scanning Report Tuesday, September 02, 2008 19:26:28 - 00:19:06 Computer name: Scanning type: Scan system for malware, rootkits Target: C:\ -------------------------------------------------------------------------------- Result: 10 malware found TrackingCookie.2o7 (spyware) System TrackingCookie.Adrevolver (spyware) System TrackingCookie.Advertising (spyware) System TrackingCookie.Atdmt (spyware) System TrackingCookie.Doubleclick (spyware) System TrackingCookie.Mediaplex (spyware) System TrackingCookie.Specificclick (spyware) System TrackingCookie.Webtrends (spyware)
  10. Hi, File C:\Backup\January through April 2005 backup\Electronic Circuits\Ampex\Ampex archives111.txt infected by "Exploit.HTML.Iframe.FileDownload" Virus. Action Taken: File Renamed. File C:\Backup\January through April 2005 backup\Electronic Circuits\Ampex\Ampex archives206.txt infected by "Exploit.HTML.Iframe.FileDownload" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Chris\.housecall\Quarantine\rlls.dll.bac_a02748 tagged as not-a-virus:AdWare.Win32.RK.e. No Action Taken. File C:\Documents and Settings\Chris\.housecall6.6\Quarantine\firstload&co acount maker.exe.bac_a
  11. Hi, I didn't notice that. I have already backed them up to disc in the past (CD and/or DVD), but I want to disinfect them so I can re-archive them without the viruses/worms. Please advise.
  12. Hi, Here's the log: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, August 31, 2008 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, August 31, 2008 19:59:52 Records in database: 1172205 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D
  13. My disk is always running whenever I use my PC nowadays. I have been referencing some questionable web sites over the past month, but nothing I can pin the consistent disk activity to. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:22:01 PM, on 8/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system
  14. Great! Thanks for your assistance! Is there a way we can contribute financially to the site or otherwise to show appreciaition?
  15. Hello! Scanning Report Wednesday, October 10, 2007 21:23:55 - 22:21:50 Computer name: Scanning type: Scan system for viruses, rootkits, spyware Target: C:\ -------------------------------------------------------------------------------- Result: 0 malware found -------------------------------------------------------------------------------- Statistics Scanned: Files: 52999 System: 5280 Not scanned: 4 Actions: Disinfected: 0 Renamed: 0 Deleted: 0 None: 0 Submitted: 0 Files not scanned: C:\HIBERFIL.SYS C:\PAGEFILE.SYS C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\DOCUMENTS AND SETTINGS\ALL U
  16. Incident Status Location Hacktool:Exploit/iFrame Not disinfected C:\Backup\2003_A30406_1420 040103 Miscellaneous\Mail\HOL\Incoming, 3rd quarter 2002[~0000538.~]
  17. main.txt Deckard's System Scanner v20070905.67 Run by on 2007-10-09 19:13:09 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 45: 2007-10-10 05:13:16 UTC - RP638 - Deckard's System Scanner Restore Point 44: 2007-10-07 07:02:45 UTC - RP637 - Index.dat Suite Restore Point [ Cleanup ] 43: 2007-10-07 07:02:41 UTC - RP636 - Index.dat Suite Restor
  18. OK, I moved HJT into it's own directory. Sorry about that. Now, step 1. Sorry, I should have said that Remote Admin was a legit app:
  19. Thank you. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:50:59 PM, on 10/8/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ngvpnmgr.exe C:\Program Files\Lavasoft\Ad
  20. Hoping someone can assist me with reading/interpreting this and helping me to determine what is causing my browser to redirect, usually when I click on a link from a google search. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 10:49:12 AM, on 10/7/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe