Jump to content

Rfacio

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Rfacio

  • Rank
    New Member
  1. Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.18.06 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Kandice :: CASTELLLANOS [administrator] Protection: Enabled 8/18/2012 4:57:43 PM mbam-log-2012-08-18 (16-57-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 207259 Time elapsed: 4 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items
  2. ComboFix 12-08-18.03 - Kandice 08/18/2012 16:12:01.3.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1919.1282 [GMT -7:00] Running from: c:\users\Kandice\Desktop\ComboFix.exe Command switches used :: c:\users\Kandice\Desktop\CFScript.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\System32\drivers\aguapud.sys" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Mozilla Firefox\searchplugins\search.xml c:\users\Kandice\AppData\Roaming\
  3. 15:37:38.0453 1132 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05 15:37:39.0046 1132 ============================================================ 15:37:39.0046 1132 Current date / time: 2012/08/18 15:37:39.0046 15:37:39.0046 1132 SystemInfo: 15:37:39.0046 1132 15:37:39.0046 1132 OS Version: 6.1.7600 ServicePack: 0.0 15:37:39.0046 1132 Product type: Workstation 15:37:39.0046 1132 ComputerName: CASTELLLANOS 15:37:39.0046 1132 UserName: Kandice 15:37:39.0046 1132 Windows directory: C:\Windows 15:37:39.0046 1132 System windows directory: C:\Windows 15:37:39.0046 1132 Processo
  4. ComboFix 12-08-18.03 - Kandice 08/18/2012 14:44:01.2.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1919.1272 [GMT -7:00] Running from: c:\users\Kandice\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\somototoolbar\vmNTemplatex.dll c:\program files\StartNow Toolbar c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe c:\users\Kandice\AppData\Local\Soft32\Soft32 Updater\Soft32 Upda
  5. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 18-08-2012 Ran by SYSTEM at 2012-08-18 13:53:35 Run:1 Running from J:\ ============================================== C:\Windows\Installer\{ec2e5983-b05b-1ba5-249a-a173358625fc} moved successfully. C:\Windows\assembly\GAC\Desktop.ini moved successfully. C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe copied successfully to C:\Windows\System32\services.exe ==== End of Fixlog ====
  6. Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 18-08-2012 Ran by SYSTEM at 18-08-2012 12:47:49 Running from J:\ Windows 7 Professional (X86) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [273544 2011-07-29] (RealNetworks, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated) HKLM\
  7. 6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 32 bits version Started in : Normal mode User: Kandice [Admin rights] Mode: Scan -- Date: 08/18/2012 09:39:45 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 6 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Soft32 Updater.exe (C:\Users\Kandice\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe /SILENT) -> FOUND [sUSP PATH] HKLM\[...]\Run : Anti-phishing Domain Advisor ("C:\ProgramData\Anti-ph
  8. Thank you MrCharlie. I've downloaded and attempted to run Rogue Killer numerous times without any success. Half the time the program "Stops Working Unexpectedly" every time its scanning MBR and the other half I get a blue screen of death referencing a Stoport.sys. I've also tried running it in safe mode but it seems to auto close when it's about to finish the scan and no log is created. Anything else I can do to get this information to you?
  9. Post Merged We look for post with 0 replies, so when you reply to your own topic, we assume you're being helped. Please be patient, someone will assist you as soon as possible. Hello, I've got this nasty Rootkit and Trojan on my computer that MalwareBytes cannot get rid of, and ever since my Malwarebytes detected it, I've been hearing this noise from my speakers that sounds like someone rustling around with a mic. The thing is, my PC does not have a mic plugged in to it so it's really freaking me out. Dunno if it's related to these two things but either way I'd really like to get rid of them.
  10. Thanks for the help so far. Just got off work and now I'm just waiting for further instructions. Please advice
  11. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 6/16/2011 1:00:51 AM System Uptime: 8/14/2012 6:55:34 PM (4 hours ago) . Motherboard: ASUSTek Computer INC. | | NARRA2 Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | Socket AM2 | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 74 GiB total, 26.589 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable . ==== Dis
  12. Thanks for the Reply. Here's what the logs say. Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.14.01 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Kandice :: CASTELLLANOS [administrator] Protection: Enabled 8/14/2012 10:08:24 PM mbam-log-2012-08-14 (22-23-55).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 207674 Time elapsed: 6 minute(s), 20 second(s) Memory Processes Detected: 0 (No malicious items detect
  13. Yet another topic with this same problem. I've just recently bought Malwarebytes PRO to scan this PC because it has been giving us lots of issues. It was able to delete over 160 infections that this PC had save for these buggers. I've tried and tried to get them removed but have not been successful. After coming here and seeing all these topics regarding these, I dont feel so terrible about my computer being infected with it, but now my problems is that I do not have the slightest clue on what to do next. I'm not computer sabby at all. Any help would be appreaciated!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.