Jump to content

stormraider

Members
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

0 Neutral

About stormraider

  • Rank
    New Member
  1. very well i will go with your recommendations... i will keep this thread readily available for future reference and thank you for your work... donation made
  2. not sure about that one... i dont have anything that is using python language.... can u direct me to the software that uses these files, also as stated i use my phone for tethering and have noticed screen shots showing up under my images on my phone... i believe that this may be a keylogger of some nature...
  3. what are these files for and why does combofix quarantine them?
  4. reran combofix and still finding and quartines the following c:\users\Your\AppData\Local\Temp\_MEI24602\_ctypes.pydc:\users\Your\AppData\Local\Temp\_MEI24602\_elementtree.pydc:\users\Your\AppData\Local\Temp\_MEI24602\_hashlib.pydc:\users\Your\AppData\Local\Temp\_MEI24602\_multiprocessing.pydc:\users\Your\AppData\Local\Temp\_MEI24602\_socket.pydc:\users\Your\AppData\Local\Temp\_MEI24602\_ssl.pydc:\users\Your\AppData\Local\temp\_MEI24602\msvcp100.dllc:\users\Your\AppData\Local\Temp\_MEI24602\msvcr100.dllc:\users\Your\AppData\Local\Temp\_MEI24602\pyexpat.pydc:\users\Your\AppData\Local\Temp\_MEI
  5. ok have updated defender... decided not reinstall went with open source. seems to be functioning, but got a freeze the other day and internet connection seems to be intermittent. i am also tethered to droid for internet... is it possible i could have downloaded an app that has infected the phone and the phone is passing the infection into the computer.. i ran avg on the phone and seems cleared...
  6. i have removed microsoft security essentials. microsoft defender wants to update? tea timer was already unchecked? i unchecked the other option as well "SD helper" and rebooted system. my adobe programs are crashing and are asking to be reinstalled now?
  7. 7-Zip 9.20 Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe After Effects CS3 Third Party Content Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adob
  8. ComboFix 13-08-11.02 - Your 08/15/2013 10:52:59.104.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.837 [GMT -4:00] Running from: c:\users\Your\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} FW: Online Armor Firewall *Enabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E
  9. C:\Users\All Users\Codec\runtime.dll Win32/GenUpdater application C:\ProgramData\Codec\runtime.dll Win32/GenUpdater application cleaned by deleting - quarantined C:\Users\Your\Downloads\adt\PDAnet_For_Android_+_Crack_secure.exe Win32/TopMedia.B application cleaned by deleting - quarantined
  10. mbar-log.txt Malwarebytes Anti-Rootkit BETA 1.06.1.1005www.malwarebytes.org Database version: v2013.08.14.04 Windows 7 Service Pack 1 x86 NTFSInternet Explorer 10.0.9200.16660Your :: YOUR-PC [administrator] 8/14/2013 10:30:54 AMmbar-log-2013-08-14 (10-30-54).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2PScan options disabled: PUPObjects scanned: 257748Time elapsed: 24 minute(s), 32 second(s) Memory Processes Detected: 0(No malicious items detected)
  11. i know currently it does not show anything, but im telling ya things keep appearing??? last time i ran combofix Infected copy of c:\windows\system32\Services.exe was found and disinfected Restored copy from - c:\windows\erdnt\cache\services.exe further it keeps having to delete and quarantine the following:2013-08-13 15:14:20 . 2013-08-13 15:14:20 154,112 ----a-w- C:\Qoobox\Quarantine\C\Users\Your\AppData\Local\temp\_MEI24162\wxbase294u_net_vc90.dll.vir2013-08-13 15:14:20 . 2013-08-13 15:14:20 91,648 ----a-w- C:\Qoobox\Quarantine\C\Users\Your\AppData\Local\temp\_MEI2416
  12. i have used combofix, malewarebytes and other tools to clean system, but gmer still states something wrong. please advise pasted results below GMER 2.1.19155 - http://www.gmer.netRootkit quick scan 2013-08-13 13:57:31Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST980813AS rev.3.ADB 74.53GBRunning: kziy15r3.exe; Driver: C:\Users\Your\AppData\Local\Temp\kgldrpoc.sys ---- Devices - GMER 2.1 ---- AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys Device \Driver\tdx \Device\Ip OAmon.sysDevice \Driver\tdx \Device\Tcp OAmon.s
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.