Jump to content

Bartley

Members
  • Content Count

    20
  • Joined

  • Last visited

Everything posted by Bartley

  1. Farbar Service Scanner Version: 08-07-2012 Ran by Brad (administrator) on 13-07-2012 at 00:43:30 Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64) ************************************************ ======== Search: "dhcpcsvc.dll;afd.sys;tcpip.sys;dnsrslvr.dll;mpssvc.dll;bfe.dll;vssvc.exe;wscsvc.dll;WMIsvc.dll;qmgr.dll;es.dll;cryptsvc.dll;rpcss.dll;" ========= C:\Windows\System32\BFE.DLL [2009-09-10 22:19] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29 C:\Windows\System32\cryptsvc.dll [2012-06-13 22:43] - [2012-04-23 11:25] - 0174592 ____A
  2. Farbar Service Scanner Version: 08-07-2012 Ran by Brad (administrator) on 11-07-2012 at 22:53:12 Running from "C:\Users\Brad\Desktop" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Res
  3. everything seem good, other than the strange wireless networking issue with very well might not be related
  4. ok, did it. It said it was the same version, so to make sure i uninstalled the current version I had, and reinstalled the latest version.
  5. ok, here they are Status: Disinfected (events: 6) 7/7/2012 2:06:21 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.g C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\41fc65eb-4411d3d7 High 7/7/2012 2:06:21 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.g C:\Documents and Settings\Brad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\41fc65eb-4411d3d7/part2/jilo3.class High 7/7/2012 2:06:22 AM Disinfected Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\Brad\AppData\LocalLo
  6. yes. only one thing, some kind of coupon printer .exe program. Is there a log that tells what it was?
  7. very short log, ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  8. ComboFix 12-06-28.03 - Brad 06/28/2012 16:46:22.1.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4090.2346 [GMT -5:00] Running from: c:\users\Brad\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-28 ))))))))))))))))))))))))))))))) . . 2012-06-28 22:00 . 201
  9. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.0 Run by Brad at 1:17:33 on 2012-06-28 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4090.2160 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\sv
  10. MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 64-bit Base Board Manufacturer: Gateway BIOS Manufacturer: Phoenix Technologies LTD System Manufacturer: Gateway System Product Name: P-7805u Logical Drives Mask: 0x0000000c Kernel Drivers (total 156): 0x02C4D000 \SystemRoot\system32\ntoskrnl.exe 0x02C07000 \SystemRoot\system32\hal.dll 0x00604000 \SystemRoot\system32\kdcom.dll 0x0060E000 \SystemRoot\system32\mcupdate_GenuineIntel.dl
  11. ok, made the recovery disc from the partition. So I think I am ready to do this. How dangerous is this, is there much of a chance I wont be able to boot back into windows? Do I need to back everything up before trying this?
  12. Ok, this make take some time to locate one. I did find online the original mbr in zipped format for this laptop, the Gateway p7805. Can I use that in some manner?
  13. My computer came without a Vista dvd, do I need to find someone that has a vista 64bit dvd to perform this task?
  14. ok, got it done. MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 64-bit Base Board Manufacturer: Gateway BIOS Manufacturer: Phoenix Technologies LTD System Manufacturer: Gateway System Product Name: P-7805u Logical Drives Mask: 0x0000000c Kernel Drivers (total 158): 0x02C64000 \SystemRoot\system32\ntoskrnl.exe 0x02C1E000 \SystemRoot\system32\hal.dll 0x00608000 \SystemRoot\system32\kdcom.dll 0x00612000 \SystemRoot\system32\mcupda
  15. sorry but I confused, whene it says " Enter the physical disk number to fix (0-99, -1 to cancel):" I am to type the word "choice". Same question when it says "Available MBR codes: [ 0] Default (Windows XP) [ 1] Windows XP [ 2] Windows Server 2003 [ 3] Windows Vista [ 4] Windows 2008 [ 5] Windows 7 [-1] Cancel Please select the MBR code to write to this drive:" I type the word "choice" again?
  16. here they are Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.23.02 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Brad :: BRAD-PC [administrator] 6/22/2012 10:56:33 PM mbam-log-2012-06-22 (22-56-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 231668 Time elapsed: 6 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious item
  17. ok, here ya go. I had trouble and kept getting blue screen when running aswmbr.exe. I disabled my avast and turned off the wireless card and it worked. I hope that was ok to do. Thanks for your help aswMBR.txt DDS02.txt
  18. Hello, Please see my logs attached, I'm not sure I'm infected, Malwarebytes reports nothing, but all of sudden started having several issues all at once. First I started having very sporadic wireless issues. Great signal, very slow speed. Often dropping from 270+mbps to 35mbps, even to the point of being disconnected. I have updated drivers and done all the normal stuff. But the problem happens no matter where I am at (I went to various location, with different isp, same issues). The problem is random and may start as soon as I connect, or may run for an hour without issues before it starts. C
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.