Jump to content

blu3gh0st

Members
  • Content Count

    19
  • Joined

  • Last visited

About blu3gh0st

  • Rank
    Member

Previous Fields

  • System Specifications:
    Intel Pentium 3.0GHz, 1GB RAM, 2x 320GB HD SATA
  1. Could the freezing be because of a new Hard Drive I have recently bought? I have disconnected the Hard Drive and until now it did not freeze. If it is because of the Hard Drive, could I do something about it or I just have to sell it? Here is the Combo Fix: ComboFix 10-03-18.02 - Blu 25.03.2010 5:04.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.701 [GMT 2:00] Running from: c:\documents and settings\Blu\Desktop\ComboFix.exe AV: Eset NOD32 antivirus system 2.51 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} F
  2. The speed is fine but the PC keeps crashing and freezing. Here is ark.txt: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-03-21 17:08:06 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\WINDOWS\TEMP\pxtdqpow.sys ---- System - GMER 1.0.15 ---- SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwAllocateVirtualMemory [0xF7704B30] SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwCreateThread [0xF77046F0] SSDT \??\C:\WINDOWS\system32\drive
  3. Hello! Thank you for the P2P advice! The scanned file: File zxcdyt.dat received on 2010.03.20 12:28:47 (UTC) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/42 (0%) Loading server information... Your file is queued in position: ___. Estimated start time is between ___ and ___ . Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend
  4. as an update, the pc speed is kinda ok but I had 2 events when the system just got frozen, not doing anything special. thank you
  5. The system runs ok now, no visible problems. Here is the ComboFix log: ComboFix 10-03-18.02 - Blu 19.03.2010 14:50:24.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.710 [GMT 2:00] Running from: c:\documents and settings\Blu\Desktop\ComboFix.exe AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} * Created a new restore point * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletio
  6. HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:25:25, on 18.03.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceSer
  7. Malwarebytes' Anti-Malware 1.44 Database version: 3880 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 18.03.2010 16:18:21 mbam-log-2010-03-18 (16-18-21).txt Scan type: Quick Scan Objects scanned: 131463 Time elapsed: 4 minute(s), 59 second(s) Memory Processes Infected: 2 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 3 Registry Data Items Infected: 7 Folders Infected: 0 Files Infected: 11 Memory Processes Infected: C:\Documents and Settings\LocalService\Local Settings\Application Data\av.exe (ROGUE.
  8. OTM: All processes killed ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Regedit32 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\syncman deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Blu ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 660794345 bytes ->Java cache
  9. Ok, first, the story line: Got home, started up the PC, got a few trojan alerts from Nod32. Ran a check on all hard drives and went to bed. The next day, the PC was off (dad shut it down) and would not get into Win. It would get to the screen with "Win XP loading" and then get a blue screen for a split second and restart. I got the Win Boot Disk and kinda fixed the boot problem with chkdsk /p - as I got into Win. I still get lots of alerts that some programs try to access the internet but the firewall blocks them. Now the internet runs very slow, the applications load very slow.
  10. This is the ComboFix log: ComboFix 09-02-21.01 - Blu 2009-02-24 1:20:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.436 [GMT 2:00] Running from: c:\documents and settings\Blu\Desktop\ComboFix.exe AV: Eset NOD32 antivirus system 2.51 *On-access scanning disabled* (Updated) FW: Sygate Personal Firewall *disabled* * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\dbfb.dll c:\windows\system32\nsprs.dll c:\windows\system32\sera
  11. Hey! I got a file (mp4) and tried to open it with quicktime. It didn't open and provided an error that the file could not be run. Since then (aprox 20 min) the computer is runnin' slower. This is the HijackThis log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:54:06, on 23.02.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.
  12. Good evening! I'm posting for a friend of mine who mostly can't run too many programs or access web pages.
  13. odc.exe is a program I installed. I couldn't figure out how to disable Tea Time because I did what you said but when exiting, a pop-up in the down-right corner of the screen told me that I wasn't allowed to do that, so I uninstalled it. I will install it after finishing if you say it's good. That "trojan error" I was talking about in my first post is gone. I can't see any more wrong things around (besides my desktop being full of icons). I would like to thank you VERY much for helping me. If you ever come to Romania, maybe we'll have a beer, my treat. The HJT log: Logfile of T
  14. Right after finishing with the SDFix: SDFix: Version 1.168 Run by Blu on 10.04.2008 at 00:36 Microsoft Windows XP [Version 5.1.2600] Running From: C:\sdfix\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\smp.bat - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-1
  15. Good evening! I could use a little help. The story is: I entered a site and tried to see a movie posted on that site but it said that I don't have a certain codec to do that and it asked me to download one. I did and as soon as I double-clicked the file it started "screaming" about trojans and other stuff. When I did a Nod32 (updated to day) check it found nothing wrong but in the log said that it can't access some files because they are blocked and so on. I also noticed that doing a Nod32 scan today again, there were much more files that were "blocked". After the first scan with the Nod32
×
×
  • Create New...