Jump to content

maurocattani

Members
  • Posts

    7
  • Joined

  • Last visited

Posts posted by maurocattani

  1. Important!

    All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.
    I need you to follow the instructions provided here
    first.
    I also need for you to download this program
    to your desktop.
    • Close all applications and windows so that you have nothing open and are at your Desktop

    • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

    • Place a checkmark in the
      "Scan All Users"
      checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

    • Click the Run Scan button

    • NOTE:
      Please be patient and let the scan run without using the computer

    • When the scan is complete, a text file (
      OTListIt.Txt
      ) will open in Notepad (if not, it can be found on your Desktop)

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

    • Submit your reply and close the Notepad window with
      OTList.txt

    • Also OTListIt's
      Extras.txt
      log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

    • NOTE:
      If the files (
      OTListIt.txt, Extras.txt
      ) do not appear in your taskbar, just open the files in notepad from your desktop.

    Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

    Here the Extr of Otlist

    Extras.Txt

    Extras.Txt

  2. Important!

    All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.
    I need you to follow the instructions provided here
    first.
    I also need for you to download this program
    to your desktop.
    • Close all applications and windows so that you have nothing open and are at your Desktop

    • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

    • Place a checkmark in the
      "Scan All Users"
      checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

    • Click the Run Scan button

    • NOTE:
      Please be patient and let the scan run without using the computer

    • When the scan is complete, a text file (
      OTListIt.Txt
      ) will open in Notepad (if not, it can be found on your Desktop)

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

    • Submit your reply and close the Notepad window with
      OTList.txt

    • Also OTListIt's
      Extras.txt
      log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

    • NOTE:
      If the files (
      OTListIt.txt, Extras.txt
      ) do not appear in your taskbar, just open the files in notepad from your desktop.

    Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

    Here the OTlist

    OTListIt.Txt

    OTListIt.Txt

  3. Important!

    All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.
    I need you to follow the instructions provided here
    first.
    I also need for you to download this program
    to your desktop.
    • Close all applications and windows so that you have nothing open and are at your Desktop

    • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

    • Place a checkmark in the
      "Scan All Users"
      checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

    • Click the Run Scan button

    • NOTE:
      Please be patient and let the scan run without using the computer

    • When the scan is complete, a text file (
      OTListIt.Txt
      ) will open in Notepad (if not, it can be found on your Desktop)

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

    • Submit your reply and close the Notepad window with
      OTList.txt

    • Also OTListIt's
      Extras.txt
      log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

    • NOTE:
      If the files (
      OTListIt.txt, Extras.txt
      ) do not appear in your taskbar, just open the files in notepad from your desktop.

    Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

    Here the HiJack report

    hijackthis.txt

    hijackthis.txt

  4. Important!

    All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.
    I need you to follow the instructions provided here
    first.
    I also need for you to download this program
    to your desktop.
    • Close all applications and windows so that you have nothing open and are at your Desktop

    • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

    • Place a checkmark in the
      "Scan All Users"
      checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

    • Click the Run Scan button

    • NOTE:
      Please be patient and let the scan run without using the computer

    • When the scan is complete, a text file (
      OTListIt.Txt
      ) will open in Notepad (if not, it can be found on your Desktop)

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

    • Submit your reply and close the Notepad window with
      OTList.txt

    • Also OTListIt's
      Extras.txt
      log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

    • NOTE:
      If the files (
      OTListIt.txt, Extras.txt
      ) do not appear in your taskbar, just open the files in notepad from your desktop.

    Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

    Here the Panda scan

    ActiveScan.txt

    ActiveScan.txt

  5. Important!

    All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.
    I need you to follow the instructions provided here
    first.
    I also need for you to download this program
    to your desktop.
    • Close all applications and windows so that you have nothing open and are at your Desktop

    • Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.

    • Place a checkmark in the
      "Scan All Users"
      checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)

    • Click the Run Scan button

    • NOTE:
      Please be patient and let the scan run without using the computer

    • When the scan is complete, a text file (
      OTListIt.Txt
      ) will open in Notepad (if not, it can be found on your Desktop)

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.

    • Submit your reply and close the Notepad window with
      OTList.txt

    • Also OTListIt's
      Extras.txt
      log file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window

    • In Notepad, click
      Edit
      ,
      Select all
      then
      Edit
      ,
      Copy

    • Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.

    • NOTE:
      If the files (
      OTListIt.txt, Extras.txt
      ) do not appear in your taskbar, just open the files in notepad from your desktop.

    Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.

    I'm proceding with the scans as per your suggestions.

    Before any scan I've switched of Kasper and Norton.

    The scan from Malware is (surprisingly) not reporting any infection! (see the attachment).

    Now I proceed with Panda.

    I'll let you know.

    (thank you)

    mbam_log_2008_11_26__22_26_08_.txt

    mbam_log_2008_11_26__22_26_08_.txt

  6. After scanning my computer with Malwarebytes, I got the following report:

    Elementi dato del registro infetti:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.

    If I scan the system again I find no further problems.

    After re-booting the system, I get again the same report.

    Elementi dato del registro infetti:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.

    Is it a false positive of the program or the program is not scanning the author of the modifications of the register?

    I've tryed also Kasper with the following results:

    C:\WINDOWS\system32\userinit.exe Infected: Exploit.Win32.IMG-WMF.hu 1

    Thank you for your support!

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.