Jump to content

Jrrj15

Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by Jrrj15

  1. The program you told me to use doesnt seem to be working. I put it on my desktop and I followed all the instructions you gave but it doesnt seem to be scanning anything the scan only takes like 30 seconds and nothing pops up in the scanned area.
  2. Do you know where I can find one? Im looking for one right now
  3. Ok so I did the scan it found 1 malicious item called: Trojan:Win32/ircbrute do I delete it?
  4. I could not find C:\Users\JR\AppData\Local\Temp\flashapp.exe But after I deleted the other one Windows Defend popped up and said it discovered Flashapp.exe so did Windows Defender delete it automatically? The rootkit said no malicious files found. mbar-log-2013-09-17 (17-36-22).txt system-log.txt
  5. These are the logs from the scan: RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 8 (6.2.9200 ) 64 bits versionStarted in : Normal modeUser : JR [Admin rights]Mode : Scan -- Date : 09/16/2013 18:48:05| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤[RUN][sUSP PATH] HKCU\[...]\Run : Adobe Flash Player v10 (C:\Users\JR\AppData\Local\Temp\flashapp.exe [-]) -> FOUND[RUN][sUSP PATH] HKCU\[...]\Run : Sairdwjapzacniyl.exe ("C:\Users\JR\AppData\Roaming\Sairdwjapzacniyl.exe" [-]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-3838697379-3348231133-1508603935-1002\[...]\Run : Adobe Flash Player v10 (C:\Users\JR\AppData\Local\Temp\flashapp.exe [-]) -> FOUND[RUN][sUSP PATH] HKUS\S-1-5-21-3838697379-3348231133-1508603935-1002\[...]\Run : Sairdwjapzacniyl.exe ("C:\Users\JR\AppData\Roaming\Sairdwjapzacniyl.exe" [-]) -> FOUND[DNS] HKLM\[...]\CCSet\[...]\{2AA24863-DDCC-488C-994E-F58898902720} : NameServer (69.197.169.9,192.95.16.109) -> FOUND[DNS] HKLM\[...]\CS001\[...]\{2AA24863-DDCC-488C-994E-F58898902720} : NameServer (69.197.169.9,192.95.16.109) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS727575A9E364 +++++--- User ---[MBR] 3846bd0260d5f51c03f8e21c2924e283[bSP] dc3335843f8b1bf80a7f1a9be4672653 : Empty MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MoUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HTS727575A9E364 +++++--- User ---[MBR] 452f1063821a9da017b29dc4281a65ae[bSP] daf0f34305b3c3b6c4c987776e6a77c5 : Empty MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09162013_184805.txt >>
  6. So heres what happened. Someone on my skype friends list sent me a link and a message saying "When was the last time you saw this picture? [Link] :D" So when I asked him what it was since hes an idiot and doesn't realize that its a pretty big deal he told me to click it and download it. So (I know its mostly my fault) I clicked it like an idiot that I am because I didnt realize that this kind of stuff happened on skype. So basically I asked my other friend who's really good with computer and he said it was a botnet (I dont really know much about this stuff). And he told me to download Malwarebytes. Malwarebytes keeps telling me its blocking a potentially malicious website and the site is 94.76.244.133 and this message pops up like every 2 minutes. Anyone know how to fix this? Thanks in advanced.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.