Change Mode
-
Content Count
1,963 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Gallery
Everything posted by luluhifi
-
Best is YoutubeByClick
-
Thanks Guys.....No place like home when you need help
-
Thank your very much for your help JonTom My system 100% better now>>I did all in post #41>>>idle is bouncing between 15 --22% while i have firefox open which makin me surf much faster than before>.i can see the increase I am goin to do the same with my other system...I Thank u so much.
-
[2011/01/30 05:30:55 | 000,084,480 | ---- | C] () -- F:WindowsSystem32ff_vfw.dll [2011/01/29 13:02:14 | 000,003,884 | ---- | C] () -- F:UsersTTArmstrongAppDataRoamingdvdae.config [2010/11/14 06:08:43 | 000,001,378 | ---- | C] () -- F:WindowsSystem32SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat [2010/10/23 20:04:09 | 000,130,048 | ---- | C] () -- F:WindowsSystem32SpoonUninstall.exe [2010/10/23 05:02:04 | 000,001,057 | ---- | C] () -- F:UsersTTArmstrongAppDataRoamingvso_ts_preview.xml [2010/10/23 05:00:39 | 000,087,608 | ---- | C] () -- F:UsersTTArmstrongAppDataRoaminginst.exe [2010/10/23 0
-
OTL logfile created on: 8/1/2012 8:47:10 AM - Run 3 OTL by OldTimer - Version 3.2.54.1 Folder = F:UsersTTArmstrongDesktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 55.63% Memory free 3.98 Gb Paging File | 2.43 Gb Available in Paging File | 61.12% Paging File free Paging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = F: | %SystemRo
-
F:QooboxQuarantineFWindowsInstaller{371f0327-d1cc-d2bc-bbb5-70ff0af3e16e}[email protected] Win32/Conedex.E trojan cleaned by deleting - quarantined Make sure that the option to "Remove Found Threats" is UN checked. i miss doin this before the scan sorry ESET
-
The system is running much better now and only one thing seem funny to me is that in a idle state my CPU is bouncing between 50% -60% Eset in next post.
-
Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.31.13 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 TTArmstrong :: TTARMSTRONG-PC [administrator] 7/31/2012 7:47:54 PM mbam-log-2012-07-31 (19-47-54).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 206811 Time elapsed: 4 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Me
-
I run the ESET Scan yesturday before post #32 and this is what the log is>>i will run both scan again posted in #32 and post log F:Program FilesLoarisTrojan Remover 1.2ltr12.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined F:QooboxQuarantineFWindowsInstaller{371f0327-d1cc-d2bc-bbb5-70ff0af3e16e}[email protected] Win32/Conedex.D trojan cleaned by deleting - quarantined F:QooboxQuarantineFWindowsInstaller{371f0327-d1cc-d2bc-bbb5-70ff0af3e16e}[email protected] a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined F:QooboxQuaranti
-
[2011/11/17 08:50:28 | 000,012,800 | ---- | C] () -- F:WindowsSystem32driversanodlwf.sys [2011/11/17 08:50:27 | 000,014,051 | ---- | C] () -- F:WindowsSystem32RaCoInst.dat [2011/11/09 19:55:48 | 000,000,566 | ---- | C] () -- F:WindowsSystem32SP7302.INI [2011/07/27 08:53:38 | 000,000,000 | ---- | C] () -- F:UsersTTArmstrongAppDataLocal{DEB393EC-9D07-4AAF-B6DE-442513357526} [2011/03/24 22:02:01 | 000,029,008 | ---- | C] () -- F:WindowsSystem32SmartDefragBootTime.exe [2011/03/24 22:02:01 | 000,016,184 | ---- | C] () -- F:WindowsSystem32driversSmartDefragDriver.sys [2011/01/30 05:30:55 | 000
-
OTL logfile created on: 7/30/2012 9:57:44 PM - Run 2 OTL by OldTimer - Version 3.2.54.1 Folder = F:UsersTTArmstrongDesktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.66% Memory free 3.98 Gb Paging File | 2.34 Gb Available in Paging File | 58.92% Paging File free Paging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = F: | %SystemR
-
Here you go All processes killed ========== OTL ========== File HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensions{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: F:Program FilesPriceGong2.1.0FF not found. F:UsersTTArmstron[email protected]OneClickDownload.comskin folder moved successfully. F:UsersTTArmstron[email protected]OneClickDownload.comlocaleen-US folder moved successfully. F:UsersTTArmstron[email protected]OneClickDownload.comlocale fold
-
yet this one was a real nasty one that i could not get rid of>>>Is there any other progam that i can put with and work with the other ones i have to protect me from this again ??I will run the scan when I get back to system in trouble..Thanks alot
-
https://www.virustotal.com/file/6aab9ce51d0aad73f64e2159e32f541cf4b95b5a05f0a50655eb70e91a5cf1ba/analysis/1343527972/
-
16:24:42.0798 4192 VSS (209a3b1901b83aeb8527ed211cce9e4c) F:Windowssystem32vssvc.exe 16:24:42.0814 4192 VSS - ok 16:24:42.0845 4192 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) F:Windowssystem32DRIVERSvwifibus.sys 16:24:42.0845 4192 vwifibus - ok 16:24:42.0860 4192 vwififlt (7090d3436eeb4e7da3373090a23448f7) F:Windowssystem32DRIVERSvwififlt.sys 16:24:42.0876 4192 vwififlt - ok 16:24:42.0907 4192 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) F:Windowssystem32DRIVERSvwifimp.sys 16:24:42.0907 4192 vwifimp - ok 16:24:42.0954 4192 W32Time (55187
-
========== LOP Check ========== [2011/08/13 15:53:50 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingApowersoft [2010/10/23 09:09:08 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingBackTalk [2012/07/22 18:25:11 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingBitTorrent [2010/10/23 20:17:56 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingdBpoweramp [2010/10/02 11:17:50 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingDisk Cleaner [2012/02/01 23:36:24 | 000,000,000 | ---D | M] -- F:UsersTTArmstrongAppDataRoamingDVDFab [201
-
16:23:03.0231 4288 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 16:23:04.0042 4288 ============================================================ 16:23:04.0042 4288 Current date / time: 2012/07/26 16:23:04.0042 16:23:04.0042 4288 SystemInfo: 16:23:04.0042 4288 16:23:04.0042 4288 OS Version: 6.1.7601 ServicePack: 1.0 16:23:04.0042 4288 Product type: Workstation 16:23:04.0042 4288 ComputerName: TTARMSTRONG-PC 16:23:04.0042 4288 UserName: TTArmstrong 16:23:04.0042 4288 Windows directory: F:Windows 16:23:04.0042 4288 System windows directory: F:Windows 16:23:04.004
-
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-26 15:39:12 ----------------------------- 15:39:12.760 OS Version: Windows 6.1.7601 Service Pack 1 15:39:12.760 Number of processors: 2 586 0x170A 15:39:12.760 ComputerName: TTARMSTRONG-PC UserName: TTArmstrong 15:39:13.852 Initialize success 15:47:07.175 AVAST engine defs: 12072601 15:47:17.611 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIAAStorageDevice-1 15:47:17.611 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 8 15:47:17.627 Disk 0 MBR read successfully 15:4
-
Ok Here is the OTL OTL logfile created on: 7/26/2012 3:26:09 PM - Run 1 OTL by OldTimer - Version 3.2.54.1 Folder = F:UsersTTArmstrongDesktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 68.26% Memory free 3.98 Gb Paging File | 2.61 Gb Available in Paging File | 65.70% Paging File free Paging file location(s): ?:pagefile.sys [binary data]
-
I update ComboFix and this is what i got ComboFix 12-07-27.01 - TTArmstrong 07/26/2012 8:10.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2036.1001 [GMT -4:00] Running from: f:usersTTArmstrongDesktopComboFix.exe Command switches used :: f:usersTTArmstrongDesktopCFScript.txt AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C} FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: COMODO Defense+ *Enabled/Updated*
-
I did acouple of times and i didnt see anything like log comes up atall after Combofix>>> maybe im doing something wrong
-
https://www.virustotal.com/file/e432d688852c27d2c3df460311f5170235908c08c54bec3ae33b238aba37fbe9/analysis/1343091368/ https://www.virustotal.com/file/3c61584d439739489a02314c2649847d6f19ac56e2319beae87f4bc77605eeee/analysis/1343091589/ F:UsersTTArmstrongAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupLvbicEQ.exe This one say >>>LvbicEQ.exe file not found
-
ComboFix 12-07-21.01 - TTArmstrong 07/22/2012 19:52:23.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2036.1031 [GMT -4:00] Running from: f:usersTTArmstrongDesktopComboFix.exe AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C
-
ok JonTom thanks