Sponsored By

Foshizzle

Members
  • Content Count

    1
  • Joined

  • Last visited

Everything posted by Foshizzle

  1. I got a hell of a virus and have been having some very nice people help me out w/ getting rid of it I have foloed a few guides and nothing is working it wont let me run malwarebytes ((( here is my Rooter file Microsoft Windows Vista Home Edition (6.0.6000) C:\ [Fixed] - NTFS - (Total:141219 Mo/Free:1232 Mo) D:\ [Fixed] - NTFS - (Total:11405 Mo/Free:3128 Mo) E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo) Tue 04/28/2009|12:47 ----------------------\\ Processes.. --Locked-- [system Process] --Locked-- System ---------- \SystemRoot\System32\smss.exe ---------- C:\Windows\system32\csrss.exe ---------- C:\Windows\system32\wininit.exe ---------- C:\Windows\system32\csrss.exe ---------- C:\Windows\system32\services.exe ---------- C:\Windows\system32\lsass.exe ---------- C:\Windows\system32\lsm.exe ---------- C:\Windows\system32\winlogon.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\system32\svchost.exe --Locked-- audiodg.exe ---------- C:\Windows\system32\SLsvc.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\System32\spoolsv.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\system32\SearchIndexer.exe ---------- C:\Windows\system32\taskeng.exe ---------- C:\Windows\system32\wbem\wmiprvse.exe ---------- C:\Windows\system32\taskeng.exe ---------- C:\Windows\system32\Dwm.exe ---------- C:\Windows\Explorer.EXE ---------- C:\Program Files\Windows Defender\MSASCui.exe ---------- C:\Windows\System32\igfxtray.exe ---------- C:\Windows\System32\hkcmd.exe ---------- C:\Windows\System32\igfxpers.exe ---------- C:\Program Files\Java\jre6\bin\jusched.exe ---------- C:\Program Files\Windows Sidebar\sidebar.exe ---------- C:\Program Files\Curse\CurseClient.exe ---------- C:\Windows\ehome\ehtray.exe ---------- C:\Windows\system32\igfxsrvc.exe ---------- C:\Windows\system32\wbem\unsecapp.exe ---------- C:\Windows\ehome\ehmsas.exe ---------- C:\Program Files\Windows Sidebar\sidebar.exe ---------- C:\firefox.exe ---------- C:\Users\Paul\AppData\Local\Temp\setup2.exe ---------- C:\Windows\system32\NOTEPAD.EXE ---------- C:\Windows\System32\notepad.exe ---------- C:\Windows\system32\DllHost.exe ---------- C:\Windows\system32\DllHost.exe ---------- C:\Windows\system32\cmd.exe ---------- C:\Rooter$\RK.exe ----------------------\\ Search.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{051A67E2-C560-4B3F-A5F2-CD0D1897F4F2}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{98F6763C-40EA-4F85-8FC0-2E81017AEE66}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{98F6763C-40EA-4F85-8FC0-2E81017AEE66}] DhcpNameServer REG_SZ 85.255.116.35 85.255.112.20 1.2.3.4 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{051A67E2-C560-4B3F-A5F2-CD0D1897F4F2}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{98F6763C-40EA-4F85-8FC0-2E81017AEE66}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{051A67E2-C560-4B3F-A5F2-CD0D1897F4F2}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{98F6763C-40EA-4F85-8FC0-2E81017AEE66}] NameServer REG_SZ 85.255.112.175,85.255.112.179 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{98F6763C-40EA-4F85-8FC0-2E81017AEE66}] DhcpNameServer REG_SZ 85.255.116.35 85.255.112.20 1.2.3.4 ==> WAREOUT <== ----------------------\\ ROOTKIT !! 1 - "C:\Rooter$\Rooter_1.txt" - Tue 04/28/2009|12:26 2 - "C:\Rooter$\Rooter_2.txt" - Tue 04/28/2009|12:47 ----------------------\\ Scan completed at 12:47