Jump to content

trilogyfreak9

Members
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

0 Neutral

About trilogyfreak9

  • Rank
    New Member
  1. Thank you so much, Mr. Charlie! If I could teleport and give you a hug, I would!

  2. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.23.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Amanda Nguyen :: AMANDANGUYEN-HP [administrator] 7/23/2012 4:52:53 PM mbam-log-2012-07-23 (16-52-53).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 251559 Time elapsed: 1 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items
  3. OTL log All processes killed ========== FILES ========== File\Folder c:\windows\system32\drivers\ntkplnec.sys not found. File\Folder c:\windows\system32\drivers\xorxguak.sys not found. File\Folder c:\program files (x86)\Application Updater not found. File\Folder C:\Program Files (x86)\Common Files\Spigot not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Amanda Nguyen ->Java cache emptied: 0 bytes User: Andy Nguyen ->Java cache emptied: 0 bytes User: Chau Nguyen ->Java cache emptied: 0 bytes User: Dat Nguyen ->Java cache emptied: 0 bytes User: Default User:
  4. ComboFix 12-07-24.01 - Amanda Nguyen 07/23/2012 16:12:28.5.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4522 [GMT -5:00] Running from: c:\users\Amanda Nguyen\Desktop\ComboFix.exe Command switches used :: c:\users\Amanda Nguyen\Desktop\CFScript.txt AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA1
  5. ComboFix 12-07-24.01 - Amanda Nguyen 07/23/2012 15:47:02.4.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4509 [GMT -5:00] Running from: c:\users\Amanda Nguyen\Desktop\ComboFix.exe Command switches used :: c:\users\Amanda Nguyen\Desktop\CFScript.txt AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA1
  6. ComboFix log (again) ComboFix 12-07-24.01 - Amanda Nguyen 07/23/2012 15:18:23.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4503 [GMT -5:00] Running from: c:\users\Amanda Nguyen\Desktop\ComboFix.exe Command switches used :: c:\users\Amanda Nguyen\Desktop\CFScript.txt AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DD
  7. ComboFix log ComboFix 12-07-24.01 - Amanda Nguyen 07/23/2012 14:46:17.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4467 [GMT -5:00] Running from: c:\users\Amanda Nguyen\Desktop\ComboFix.exe Command switches used :: c:\users\Amanda Nguyen\Desktop\CFScript.txt AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F
  8. I did another MalwareByte scan and that was clean. Amanda Nguyen :: AMANDANGUYEN-HP [administrator] 7/23/2012 2:32:27 PM mbam-log-2012-07-23 (14-32-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 251476 Time elapsed: 1 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious
  9. Combofix log ComboFix 12-07-24.01 - Amanda Nguyen 07/23/2012 13:55:52.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4555 [GMT -5:00] Running from: c:\users\Amanda Nguyen\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: McAfee Anti-Virus and Anti-Spyware *Enable
  10. Dear Mr. Charlie, Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 20-07-2012 01 Ran by SYSTEM at 2012-07-23 12:59:05 Run:1 Running from H:\ ============================================== C:\Windows\Installer\{7f5b3363-867d-9769-7cc1-0e4cbacb1737} moved successfully. C:\Users\Amanda Nguyen\AppData\Local\{7f5b3363-867d-9769-7cc1-0e4cbacb1737} moved successfully. C:\Windows\assembly\GAC_32\Desktop.ini moved successfully. C:\Windows\assembly\GAC_64\Desktop.ini moved successfully. C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\amd64_microsoft-
  11. Hi Mr. Charlie, here are FRST and Search. FRST.txt Scan result of Farbar Recovery Scan Tool Version: 20-07-2012 01 Ran by SYSTEM at 23-07-2012 12:29:02 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-05-09] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392472 2011-05-09] (Intel Corporation) HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [416024 2011-0
  12. Whenever I run a quick scan with MalwareBytes, Trojan.Dropper.BCMiner is always there and cannot be removed. I also get redirected to random advertisements when web browsing. This seems to be occurring to many other people too. Can someone please help me? I have posted the logs here. DDS.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Amanda Nguyen at 11:36:03 on 2012-07-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.4501 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.