Jump to content

Guest anonim

Recommended Posts

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

P2P Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Removing malware can be unpredictable
...things can go very wrong!
Backup
any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>
Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>
Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Guest anonim

Hello Mr Charlie!

here's the report

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Dodatek Service Pack 2) 32 bits version

Started in : Normal mode

User : xxx [Admin rights]

Mode : Scan -- Date : 03/20/2013 09:56:58

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤

[RUN][bLACKLIST] HKLM\[...]\Run : SW24 (C:\WINDOWS\system32\sw24.exe) [-] -> FOUND

[RUN][bLACKLIST] HKLM\[...]\Run : SW20 (C:\WINDOWS\system32\sw20.exe) [-] -> FOUND

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] 0d81593b991abf27e78b770332f982b1

[bSP] 862600265ca3aeec28644fe9d241ed49 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 15366 Mo

1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 31471335 | Size: 22795 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_S_03202013_02d0956.txt >>

RKreport[1]_S_03202013_02d0923.txt ; RKreport[2]_S_03202013_02d0956.txt

Link to post
Share on other sites

Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

Download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

To attach a log if needed:

Bottom right corner of this page.

more-reply-options.jpg

New window that comes up.

choose-files1.jpg

~~~~~~~~~~~~~~~~~~~~~~~

Note:

If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

Internet access

Windows Update

Windows Firewall

If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.

Verify that your system is now functioning normally.

MrC

Link to post
Share on other sites

Guest anonim

Good evening!

so doc, how bad is it? hm..

Going along with your instructions I would like to copy my files to CD/DVD first. Maybe it's the wrong section of the forum but I need help with it too and considering my computer trouble (I am sure that i would BUILD a computer faster than work on this sluggish crap) I really don't have an option than ask it here all in one place.

I need a decent DVD, heard that Verbatim's are of good quality and of course what type of DVD, is it best to use DVD-R or other? Don't know if it has any significance, I have Toshiba Samsung SH-W162C writer. It was made November 2005 but last time i used it-was late 2008 and there were some problems with reading the CD's/DVD's afterwards. I burned it with Nero, right now I have Ashampoo Burning Studio 6 FREE, is it good or can would you recommend other burning software?

Now after doing it I am going to create restore point as you said. Currently it's turned off. My question regarding this is- how much space should i set for this- on disc C it's from 200 MB-1844 MB max (1-12%) and D disc is 50 MB-2735 MB (0-12%).

My disc space is C- 10,1 GB free out of 15,0 GB and D- 3,80 Gb free out of 22,2 GB.

It might matter that sometimes while using too much internet i get notified that virtual memory is low then the pagefile is increasing from 768 MB to 1 GB.

Next step-removing malware. As you said Removing malware can be unpredictable...things can go very wrong! Indeed

Question-what if something happens?

-situation A: there's gonna be a black screen

-B: internet connection or browser won't start

-C: computer won't start at all

-D: any other possible thing I have no knowledge of

In case A-is there possibility to press one of the 'F' buttons?

B- I have no idea

C &D - i'm scared to even think about it

in such situation (God forbid!) is there anything i can do by myself -as I won't be able to post my reply to you. Although i have second computer I cannot connect it to the internet coz it needs router and mine's not working and I cannot switch my Motorola modem to the second Pc because my IP is assigned to the first PC I am currently workin on. And I just had an idea-this might just save my life in case anything would go wrong- can i somehow alter/rewrite the modem to be able to work on second PC?- because I don't see any other solution than this and I guess there's gonna be 2nd computer needed if this one won't respond, and as I pay my bills i don't see why could't do that-it's not like I am stealing it from somebody.

this was a long one, don't know if i broke any rules, but i gotta try otherwise it won't get me anywhere..

hope to hear from you very soon, goodnight

Link to post
Share on other sites

You're making me nervous with all of these questions, there's nothing bad found so far..we have to run some scans to see if there's any malware o the system.

I have all my important files backed up to a usb flash drive.

If you're unsure and have concerns about what we are going to do, I would rather stop now,

MrC

Link to post
Share on other sites

Guest anonim

I cannot stop

my flash drive is only 4,7 or 4,8 GB (and there is issue with it too-my computer asks me to fix it-though i don't think it's necessary) and all my important files consume 18,4 GB cannot lose a single one

so what now buy new f.drive or external drive? don't have money for that right NOW :wacko::unsure:

any chance to get answer to any question?

ok i'm off to sleep tommorow morning I'll put back my DVD writer I was cleaning and buy DVD-s and burn it

hopefully YOU'RE not gonna ClosE my topic as it might take more than 3 days to deal with all this stuff :(

Link to post
Share on other sites

As I mentioned before, I use flash drives to back up my data. I don't have a DVD drive so I can't answer your questions on that.

Here's what I suggest you do:

Clean out temp files:

You have CCleaner installed on the computer, please use it.

Next:

Please Update and run a Full Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Next:

I don't see an anti-virus on the system, I suggest you download and install Avast, then run a Full Scan:

http://www.avast.com/en-us/index

Info on slow computers can be found in my Preventive Maintenance , take a look.

After completing those steps, let me know how it's running.

MrC

Link to post
Share on other sites

Guest anonim

hello!

Yes i forgot I was about to ask about the anti-virus

I have one but it's outdated

it's mks vir

so, First I uninstall my AV then install avast then run Malwarebytes Anti-Malware scan, right?

Link to post
Share on other sites

Guest anonim

  • I've got one more thing to ask. I's about websites-favourites/bookmarks. I have web sites shortcuts saved on my pc I want to copy the adressess-is that possible? what I mean is if I add this site to favourites it's gonna be Infected - Malwarebytes Forum but i want it to be like that http://forums.malwarebytes.org/index.php?&showtopic=124025

any help please

thanks

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.