Jump to content

Markus

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Okay, all done. Thnx again for all your help! Have a great week
  2. Wow, it looks like I'm clean!! Here is the log. Many, many thnx bro!!! Malwarebytes' Anti-Malware 1.44 Database version: 3888 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 3/22/2010 11:15:31 AM mbam-log-2010-03-22 (11-15-31).txt Scan type: Quick Scan Objects scanned: 144233 Time elapsed: 5 minute(s), 58 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  3. Okay, thnx man. It looks likes we might be out of the woods soon?? Here is the log of Combofix after I followed your instructions: ComboFix 10-03-21.05 - Mark 03/22/2010 9:59.4.2 - x86 Microsoft
  4. Thnx for helping me Borislav. I did all the steps and have pasted a ComboFix log and also re-ran the DDS program (which includes a Pseudo HJT Report) and have pasted the log from DDS.txt and attached the Attach.txt file as a zip: Combofix log: ComboFix 10-03-21.02 - Mark 03/21/2010 18:31:21.3.2 - x86 Microsoft Attach.zip
  5. Hey, I have a problem on my XP Home Basic edition. I ran Malwarebytes and it finds a Rootkit.Agent. So I set it to delete and reboot. When it reboots, I get the message that Windows has blocked programs starting up. I choose "run blocked program" but when I run it again, it still finds Rootkit.Agent. I've also run RootRepeal twice and it ran for over 20 hours both times. Thnx in advance, I've pasted the Malwarebytes and DDS.txt logs and attached the DDS/GMER log files: MalwareBytes: Malwarebytes' Anti-Malware 1.44 Database version: 3888 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 3/20/2010 10:33:03 AM mbam-log-2010-03-20 (10-33-03).txt Scan type: Quick Scan Objects scanned: 27184 Time elapsed: 3 minute(s), 52 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\system32\Drivers\kqslup.sys (Rootkit.Agent) -> Quarantined and deleted successfully. DDS.txt: DDS (Ver_10-03-17.01) - NTFSx86 Run by Mark at 10:40:55.36 on Sat 03/20/2010 Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_15 Microsoft Attach.zip
  6. Hello, My cable company has informed me I have spam being genereated from my IP address. I have XP Home Basic edition. I ran Malwarebytes and it finds a Rootkit.Agent. So I set it to delete and reboot. When it reboots, I get the message that Windows has blocked programs starting up. I choose "run blocked program" but when I run it again, it still finds Rootkit.Agent. Also, I followed directions found on this forum to solve the "blocked after reboot" problem. I ran startup_fix.reg and that didn't work. I also followed every step to fully remove and reinstall MalwareBytes and make sure my AVG anti-virus had all the correct MalwareBytes exception paths in the Resident Shield. But MalwareBytes is still being blocked after reboot. I've also run RootRepeal twice following directions from a similar post and it ran for over 20 hours both times. Any other suggestions? Thnx so much in advance. I've pasted the Malwarebytes and DDS.txt logs and I am attaching DDS/GMER log files: MalwareBytes: Malwarebytes' Anti-Malware 1.44 Database version: 3888 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 3/20/2010 10:33:03 AM mbam-log-2010-03-20 (10-33-03).txt Scan type: Quick Scan Objects scanned: 27184 Time elapsed: 3 minute(s), 52 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\system32\Drivers\kqslup.sys (Rootkit.Agent) -> Quarantined and deleted successfully. DDS.txt: DDS (Ver_10-03-17.01) - NTFSx86 Run by Mark at 10:40:55.36 on Sat 03/20/2010 Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_15 Microsoft Attach.zip
  7. Hello, My cable company has informed me I have spam being genereated from my IP address. I ran Malwarebytes and it finds a Rootkit.Agent. So I set it to delete and reboot but when I run it again, it still finds it. I've run RootRepeal twice following directions from a similar post and it ran for over 20 hours both times. Any other suggestions? Thnx so much in advance. Here is the Malwarebytes log: Malwarebytes' Anti-Malware 1.44 Database version: 3886 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 3/19/2010 10:05:28 PM mbam-log-2010-03-19 (22-05-28).txt Scan type: Quick Scan Objects scanned: 1 Time elapsed: 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\windows\system32\drivers\kqslup.sys (Rootkit.Agent) -> Quarantined and deleted successfully. Thank u! Markus
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.