Jump to content

Change Mode

Connor3400

Advanced Member
  • Content Count

    981
  • Joined

  • Last visited

About Connor3400

  • Rank
    Advanced Member
  • Birthday 06/03/1992

Contact Methods

Profile Information

  • Location
    Cincinnati, Ohio
  • Interests
    Soccer, basketball, football, volleyball, computers, pc & console games.<br /><br />Xfire, AIM, Steam = Connor3400<br />Give me a holler.

Previous Fields

  • System Specifications:
    Antec 900 e8400 3.0GHz FSP 450W Gigabyte GA-EP35-DS3L eVGA 7600gt Corsiar XMS2 1GB DDR2 800 WD Caviar 250GB Sata II Lite-On DVD Burner LG 19 Flatron
  • Teams:
    PC Builders Club
  1. Sorry for no update on the issue yesterday, I was away all day. But I think the two AVs running definitely could have been the main culprit here. I'm going to try out the tools you suggested and post a response shortly.
  2. MBAM Log Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7226 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 7/22/2011 12:54:26 PM mbam-log-2011-07-22 (12-54-26).txt Scan type: Quick scan Objects scanned: 162930 Time elapsed: 5 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infe
  3. No luck with GMER at all, blue screened trying both ways. Here's the Rootkit Report RkU Version: 3.8.389.593, Type LE (SR2) ============================================== OS Name: Windows Vista Version 6.0.6002 (Service Pack 2) Number of processors #2 ============================================== >Drivers ============================================== 0x8F004000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7610368 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 177.13 ) 0x8263D000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft
  4. aswMBR log aswMBR version 0.9.7.777 Copyright© 2011 AVAST Software Run date: 2011-07-20 14:51:29 ----------------------------- 14:51:29.763 OS Version: Windows 6.0.6002 Service Pack 2 14:51:29.763 Number of processors: 2 586 0x6801 14:51:29.765 ComputerName: MATT-PC UserName: Matt 14:51:31.963 Initialize success 14:51:32.135 AVAST engine defs: 11072001 14:51:47.643 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061 14:51:47.648 Disk 0 Vendor: Hitachi_ SB2O Size: 76319MB BusType: 6 14:51:47.659 Disk 0 MBR read successfully 14:51:47.663 Disk
  5. All the scans went through okay, except the GMER one and the computer went to a blue screen and said something along the lines of a registry dump and then just restarted. But here are the other two scans; DDS.txt DDS (Ver_11-05-19.01) - NTFSx86 Internet Explorer: 8.0.6001.19088 Run by Matt at 14:31:50 on 2011-07-20 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.958.281 [GMT -4:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender
  6. Thanks for your response JonTom. I removed AVG and restarted the system. I didn't notice any difference in speed though.
  7. Takes sometime to open any program and initial start up is painfully slow. I ran system defrag, disk clean up, ccleaner, and went into msconfig and took off multiple programs to try and speed things up. Also uninstalled a handful of programs which were of no use. Doing all those things helped a little, but it's still not running quite like how it should be. Here's the HJT Log Thanks! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:16:27 PM, on 7/18/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: No
  8. I went ahead and reformatted, but I saved some documents that my family wanted to another partition of my hard drive, and everything seemed to be good as new, but when I got home a few minutes ago there was a pop-up saying your machine is infected so download this, (blah blah blah), so do you think it could still be on here and infected the files on the other partition that I didn't reformat? I'll edit in a HJT log of the machine right now if that might help show if it's still infected or not. HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:06:29 PM, on 4/20/2009 Pl
  9. That would be excellent, I'm not too up-to-date on the AVs out there. Do you know anything about that NOD32 Anti Virus? I got a ton of windows errors, but HJT and Combo-Fixer still worked. Time for the logs. HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:51:48 PM, on 4/19/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32
  10. This is what I was worried about! Every time I would run spybot or a similar program, it would try and clean up what it could, but then it would BSOD in about 5 minutes. I'll go get to work on what you posted Jacee, and thanks for that info Mutt. I had a feeling it looked like reformatting time... Oh, and there was an anti virus installed at one point, but not sure what my family was up to. They sort of just try to get rid of pop-up messages instead of reading them, so who knows what could have happened. Will be back to post logs ASAP.
  11. My family isn't so good with technology... In one ear and out the other. HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:04:45 PM, on 4/18/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
  12. HJT Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:46:01 PM, on 2/22/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.ex
  13. The computer has been great, much better than our old gateway we used to have from the dawn of time. Hasn't had a problem until now when I installed Avira and ran a system scan and there were system beeps all over the place lol. Here is Kaspersky Log: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, February 22, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, February 22, 200
  14. Combo-Fix Log: ComboFix 09-02-15.01 - Carson 2009-02-16 9:10:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1512 [GMT -5:00] Running from: c:\documents and settings\Carson\Desktop\Combo-Fix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\AdJSuBeg.ini c:\windows\system32\AdJSuBeg.ini2 c:\windows\system32\cgwongyj.ini c:\windows\system32\dlygnxoo.ini c:\windows\system32\emyyupfb.ini c:\windows\system32\geBuSJdA.dll c:\w
×
×
  • Create New...