Jump to content

superaman

Members
  • Content Count

    27
  • Joined

  • Last visited

Community Reputation

0 Neutral

About superaman

  • Rank
    New Member
  1. Thank you very much for your help! I'm not the greatest at computers so it's nice to know that there are experts like you willing to help random people like myself :)

  2. Using Adobe Reader X, not sure why Adobe Reader 9 is showing up on this even
  3. Results of screen317's Security Check version 0.99.51 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 CCleaner Java 7 Update 7 Adobe Flash Player 11.4.402.278 Adobe Reader 9 Adobe Reader out of Date! Adobe Reader X (10.1.4) Mozilla Firefox (15.0.1) Google Chrome 21.0.1180.83 Goo
  4. Hmm not sure why it didn't work last time, did a direct copy and paste, but here it is again from what you posted from the last post. All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE
  5. Mainly my only concern is that since nothing has been found so far, I'm confused what had disabled Windows Updating from doing it's job. With things like that, I don't change those settings, as far as I had known, it was always set to Check for Updates and prompt me to choose which to install. So I'm not sure if it was a malicious virus or a program that was being difficult with Windows, so any clarification on this would be great. Also, other than MBAM, which virus protection would you say is the best to have installed on a computer? I currently have Norton but I feel like as a protection
  6. I tried to open those files (were just 2-4kb files, no specific ending) and since they had no native application, I just opened with notepad and it was just a bunch of jibberish from what I could tell. Here is the picture of what I saw: Here is the OTL log as requested: All processes killed Error: Unable to interpret <:OTLO3 - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.O3 - HKU\S-1-5-21-1781417293-1407770052-2831755773-1000\..\Toolbar\WebBrowser:
  7. Extras: OTL Extras logfile created on: 9/22/2012 2:46:01 PM - Run 1 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Aman Arneja\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.50 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 50.83% Memory free 7.18 Gb Paging File | 5.55 Gb Available in Paging File | 77.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive
  8. OTL: OTL logfile created on: 9/22/2012 2:46:01 PM - Run 1 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Aman Arneja\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.50 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 50.83% Memory free 7.18 Gb Paging File | 5.55 Gb Available in Paging File | 77.41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %
  9. Sorry it took so many posts, would not let me post in one post and the last helper I talked to told me that attachments may harm the person I am getting help from.
  10. 19:11:20.0857 4872 C:\Program Files\Microsoft Works\wksdb.exe - ok 19:11:20.0861 4872 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll 19:11:20.0861 4872 C:\Windows\System32\webcheck.dll - ok 19:11:20.0866 4872 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll 19:11:20.0866 4872 C:\Windows\System32\SyncCenter.dll - ok 19:11:20.0870 4872 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys 19:11:20.0870 4872 C:\Windows\System32\drivers\cdfs.sys - ok 19:11:20.0874 4872 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy
  11. 19:11:19.0085 4872 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll 19:11:19.0085 4872 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok 19:11:19.0090 4872 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll 19:11:19.0090 4872 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok 19:11:19.0094 4872 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFo
  12. C:\Windows\System32\drivers\TUNMP.SYS 19:11:17.0096 4872 C:\Windows\System32\drivers\TUNMP.SYS - ok 19:11:17.0100 4872 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys 19:11:17.0100 4872 C:\Windows\System32\drivers\tunnel.sys - ok 19:11:17.0105 4872 [ D3F22DA8F670EFD15D348B5952769CEF ] C:\Windows\System32\drivers\nvlddmkm.sys 19:11:17.0105 4872 C:\Windows\System32\drivers\nvlddmkm.sys - ok 19:11:17.0109 4872 [ 8A3C4E55C8E24D1D12AF4142D50939FC ] C:\Windows\System32\drivers\nvBridge.kmd 19:11:17.0109 4872 C:\Windows\System32\drivers\nvBridge.kmd - ok 19:11:17.0114 4872
  13. The last file TDSS found is one I haven't seen before, not dock login or Amazon TDSS 1 19:05:32.0956 5324 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 19:05:33.0992 5324 ============================================================ 19:05:33.0992 5324 Current date / time: 2012/09/21 19:05:33.0992 19:05:33.0992 5324 SystemInfo: 19:05:33.0992 5324 19:05:33.0992 5324 OS Version: 6.0.6002 ServicePack: 2.0 19:05:33.0992 5324 Product type: Workstation 19:05:33.0992 5324 ComputerName: OLIVER 19:05:33.0992 5324 UserName: Aman Arneja 19:05:33.0992 5324 Windows directory: C:\Windows 19:05:33.0
  14. Here are the 2 RKill fills and the 2 TDSS Reports, will post TDSS in 2nd post. Removed 4 files from RKill as asked. RK1: RogueKiller V8.0.4 [09/19/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Aman Arneja [Admin rights] Mode : Scan -- Date : 09/21/2012 19:01:46 ¤¤¤ Bad processes : 3 ¤¤¤ [RESIDUE] iexplore.exe -- C:\Program Files\Internet Explorer\iexplore.exe -> KILLED [Te
  15. Here is the report as requested RogueKiller V8.0.4 [09/19/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Aman Arneja [Admin rights] Mode : Scan -- Date : 09/21/2012 16:40:29 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [TASK][ROGUE ST] 0 : c:\program files\internet explorer\iexplore.exe -> FOUND [TASK][ROGUE ST] 4788 : wscript.exe -> FOUND [HJPOL] HKCU\[...]\Sys
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.