avprox777

Members
  • Content Count

    14
  • Joined

  • Last visited

About avprox777

  • Rank
    Member
  • Birthday 08/11/1991

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Ontario, California

Previous Fields

  • Operating System
    Windows XP
  1. well, i was running OTScanIt2 and it got an error halfway through. it finished and asked if i wanted to reboot, i said yes, and it wouldnt reboot. so i manually restarted (held down the power button) and when i turned my computer back on, it got to the login screen and there were no users to log onto. the screen was just blank. so i went into safe mode, and it was the same. i ended up just formatting my computer, so i guess you can close this thread, because the issue is resolved. thanks again for all the help, i really appreciate it.
  2. SDFix: Version 1.240 Run by Owner on Sun 11/09/2008 at 01:10 PM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\comsa32.sys - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-09 14:36:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... C:\WINDOWS\system32\afis
  3. Do I use OTScanIt2 in normal or safe mode? Also, I just want to say that I really appreciate you taking time out of your day to help me.
  4. also, there seems to be a process called "udxfytw.sys" that hijackthis isnt picking up, that i know is the source of some of the malware.
  5. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:17:50 AM, on 11/9/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\VistaDrive\VistaDri
  6. yeah, i havent reformatted my HDD for a good 3 years, so im definately due for it. ========== PROCESSES ========== Process explorer.exe killed successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== DllUnregisterServer procedure not found in C:\Documents and Settings\Owner\Desktop\Downloads\M64K_079\Mupen64K 0.7.9\kailleraclient.dll C:\Documents and Settings\Owner\Desktop\Downloads\M64K_079\Mupen64K 0.7.9\kailleraclient.dll NOT unregistered. C:\Documents and Settings\Owner\Desktop\Downloads\M64K_079\Mupen64K 0.7.9\kailleraclient.dll moved
  7. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:07:38 PM, on 11/8/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\VistaDrive\VistaDri
  8. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Saturday, November 8, 2008 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Saturday, November 08, 2008 17:23:19 Records in database: 1374606 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ E:\ F:\ G:\
  9. kapersky log isnt going to be here until later in the day. i started it earlier, and after 3 hours it was still barely 38% and i had things i needed to get done, so im going to start it up and let it run while i sleep.
  10. Malwarebytes' Anti-Malware 1.30 Database version: 1368 Windows 5.1.2600 Service Pack 2 11/6/2008 6:49:42 PM mbam-log-2008-11-06 (18-49-42).txt Scan type: Quick Scan Objects scanned: 52578 Time elapsed: 3 minute(s), 2 second(s) Memory Processes Infected: 2 Memory Modules Infected: 0 Registry Keys Infected: 21 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 9 Memory Processes Infected: C:\WINDOWS\system32\mabidwe.exe (Trojan.Agent) -> Unloaded process successfully. C:\WINDOWS\system32\soxpeca.exe (Trojan.Agent) -> Unloaded process successfull
  11. ========== PROCESSES ========== Process explorer.exe killed successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ada19060-796b-11dd-854e-000fdb1ba9ca}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ada19061-796b-11dd-854e-000fdb1ba9ca}\\ deleted successfully. ========== FILES ========== c:\windows\SwSys2.bmp moved successfully. c:\windows\SwSys1.bmp moved successfully. ========== COMMANDS ========
  12. ComboFix 08-11-05.02 - Owner 2008-11-06 10:10:12.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.740 [GMT -8:00] Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Install.txt c:\windows\system32\afisicx.exe c:\windows\system32\Install.txt c:\windows\system32\Memman.vxd c:\windows\system32\noytcyr.exe c:\windows\system32\roytctm.exe c:\windows\system32\skinboxer43.dll c:\windows\system32\tdydowkc.exe
  13. Hi, i just want to say thank you before-hand to everyone thats here for having a website to help people out. I honestly cant remember anything suspicious ive downloaded recently that would have added this malware. The first malware i noticed was one that kept making a clicking noise and would play sound clips randomly. I renamed it as a short fix and fell asleep, and now it has started back up and i have multiple processes that i dont recognize and im SURE are malware. here is my hijackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:29:40 PM, on 11/5/2008 Platform: Windows X