Jump to content

GCG

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Here is the Security Check txt. Results of screen317's Security Check version 0.99.63 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! Sophos Anti-Virus Antivirus out of date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 24 Java 7 Update 17 Java 6 Update 5 Java version out of Date! Adobe Flash Player 11.6.602.180 Mozilla Firefox (20.0.1) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe Sophos Sophos Anti-Virus SAVAdminService.exe MediaMall MediaMallServer.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 22% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  2. I ran adwcleaner. Here are the log files. Is there anything more I need to do? I really appreciate your help. I will be making a donation shortly. GCG AdwCleanerR1.txt AdwCleanerS1.txt
  3. Here is the Combofix log file. What next? Thanks, GCG log.txt
  4. Mr. C Here are the two mbar log files and one system log file. The laptop booted normally and is connected to the internet via wifi router. Question: Should I change the password on my wireless router through which I was connected when the laptop received the FBI malware? Are we finished? Thanks, GCG system-log.txt mbar-log-2013-05-14 (12-06-10).txt mbar-log-2013-05-14 (13-06-41).txt
  5. Mr. C: I downloaded FRST to a flash drive on a computer running Win 7 Pro. I moved the flash drive to the laptop running XP Pro SP3 and the scan ran. Looks like the laptop booted normally. I have not tried to connect it to the web. Here is the Fixlog.txt file. What do I do now? Thanks, Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-05-2013 Ran by Administrator at 2013-05-14 10:29:13 Run:1 Running from E:\ Boot Mode: Normal ============================================== HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\dFJiIpAtOoM0Eg => Value deleted successfully. HKLM => Groop Policy Restriction on software restored successfully. HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully. HKEY_USERS\GGraham\Software\Microsoft\Windows\CurrentVersion\Run\\dFJiIpAtOoM0Eg => Value deleted successfully. C:\Documents and Settings\GGraham\Local Settings\Application Data\build.exe => File/Directory not found. Could not move C:\Windows\assembly\GAC\Desktop.ini. => Scheduled to move on reboot. Could not move C:\RECYCLER\S-1-5-18\$6bb45f7f70db94b066e93f1332aac1ad\n. . => Scheduled to move on reboot. "C:\RECYCLER\S-1-5-18\$6bb45f7f70db94b066e93f1332aac1ad" directory move: Could not move "C:\RECYCLER\S-1-5-18\$6bb45f7f70db94b066e93f1332aac1ad" directory. => Scheduled to move on reboot. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e48c56f-08cd-43aa-a6ef-c1ec891551ab} => Key deleted successfully. HKCR\CLSID\{1e48c56f-08cd-43aa-a6ef-c1ec891551ab} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1e48c56f-08cd-43aa-a6ef-c1ec891551ab} => Value deleted successfully. HKCR\CLSID\{1e48c56f-08cd-43aa-a6ef-c1ec891551ab} => Key not found. C:\PROGRA~1\WI83E4~1\Datamngr\ToolBar\jzipdtx.dll => Moved successfully.
  6. Mr. C: Here are the FRST files. GCG FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.