Jump to content

Change Mode

EternitySky

Members
  • Content Count

    16
  • Joined

  • Last visited

About EternitySky

  • Rank
    Member
  1. Nope, Everything seems fine now, Thank you
  2. The Baidu Thing isn't coming back anymore , well there is this one problem i just remembered while restarting from OTL, when i restart my laptop shuts down instead and it almost seems like it crashes when it shutdowns for the restart .... dunno if this is the cause of something, and there's also that my Laptop's Back light for the monitor doesn't work anymore... last time i reformatted from trojan cinmus cause of time troubles the screen worked for 2 weeks before i updated then it stop working again... i dunno if its fixable... All processes killed ========== OTL ========== Registry key
  3. Double checking would be great! OTL.txt OTL logfile created on: 05/03/2011 10:56:22 AM - Run 3 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\Ken Chan\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1,015.00 Mb Total Physical Memory | 357.00 Mb Available Physical Memory | 35.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 53.00% Paging File free Paging file location(s): ?
  4. Hmm... I see... Well besides this problem nothing else on my Laptop is acting weird, so i don't think there is any other problems with it right now, so lets continue
  5. Well the thing that worries me currently is... My sister uses this program called QVOD player, she uses it to stream things from china's stream sites, and then somehow she got this thing called "Baidu", i talked to a friend about it and apparently theres a virus with it, and it was infected last time i posted here too ( Trojan Cinmus was the thing that came up ), and well she removed the toolbar from IE, But it tries to change my Homepage on IE to baidu but microsoft redirects me to a website saying about malicious websites, and also it keeps reappearing on my favorites bar / folder when
  6. QuickScan Beta 32-bit v0.9.9.52 ------------------------------- Scan date: Thu Mar 03 15:56:44 2011 Machine ID: F8E555FD System32\Drivers\sptd.sys - could not be scanned --> HKLM\System\ControlSet002\services\sptd\"ImagePath" No infection found. ------------------- Processes --------- (verified) avast! Antivirus 3332 C:\Program Files\Alwil Software\Avast5\AvastUI.exe (verified) DivX Update 3544 C:\Program Files\DivX\DivX Update\DivXUpdate.exe (verified) Firefox 2204 C:\P
  7. No not yet, because i wasn't sure about it yet if it messes up this process, if i actually need to i'll go delete now. [EDIT] so i just deleted the 2 things, Log before Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5908 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 01/03/2011 4:10:13 PM mbam-log-2011-03-01 (16-10-13).txt Scan type: Quick scan Objects scanned: 179986 Time elapsed: 7 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1
  8. My IE didnt let me connect to that site, it said something about being loged in... >.<;; MbaM log Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5908 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 01/03/2011 9:10:04 AM mbam-log-2011-03-01 (09-09-52).txt Scan type: Quick scan Objects scanned: 179893 Time elapsed: 4 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 File
  9. log.txt ComboFix 11-02-27.01 - Ken Chan 28/02/2011 4:15.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.1015.196 [GMT 9:00] Running from: c:\users\Ken Chan\Desktop\schrauber.exe AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\desktop.i
  10. Thanks for helping me Tom OTL.txt OTL logfile created on: 24/02/2011 11:14:52 AM - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\Ken Chan\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1,015.00 Mb Total Physical Memory | 109.00 Mb Available Physical Memory | 11.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free Paging file location(s): ?:\pag
  11. hi, i'm sorry for bothering all you good people here, but last time with my Trojan Cinmus problem i saw in the virus scan that Baidu was involved and now my Sister had somehow gotten baidu back on my laptop, the trojan isn't here though, and we tried to get rid of it but it keeps coming back onto internet explorer( i use firefox, its my sister who uses IE) and i asked a friend about it, apparently it has something in the registry and she said to do a mbam + HJT scan and post it here, please help me again thank you ~ I delete it off the favrites folder/bar form internet explorer but when i
  12. Thank you for helping me, but because of time problems i have, i had already reformatted my laptop...... but i really like to thank you for taking your time trying to help me ^^
  13. GMER results ____________ GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-06-15 16:48:24 Windows 6.0.6002 Service Pack 2 Running: 4y3imvwn.exe; Driver: C:\Users\HPUSER~1\AppData\Local\Temp\ufryrpoc.sys ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\Explorer.EXE[1096] ntdll.dll!NtProtectVirtualMemory 77C54D34 5 Bytes JMP 00CC000A .text C:\Windows\Explorer.EXE[1096] ntdll.dll!NtWriteVirtualMemory 77C55674 5 Bytes JMP 00CD000A .text C:\Windows\Explorer.EXE[1096] ntdll.dll!KiUserExceptionDispatcher 77C55DC8 5 Bytes JMP 00CB000A .text
  14. Hi Tom, Thank you for helping me OTL.txt ________ OTL logfile created on: 15/06/2010 3:32:53 PM - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Hp User\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1,015.00 Mb Total Physical Memory | 137.00 Mb Available Physical Memory | 14.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 43.00% Paging File free Paging file locat
  15. As i have posted in this thread : http://forums.pcpitstop.com/index.php?showtopic=186539&pid=1686914&st=0entry1686914 a kind person had directed me to here here is my HJT log ________________________ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:16:19 PM, on 14/06/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Pro
×
×
  • Create New...