Jump to content

Change Mode

Stu1407

Members
  • Content Count

    21
  • Joined

  • Last visited

About Stu1407

  • Rank
    Member

Previous Fields

  • System Specifications:
    Toshiba L450D,
  1. Thanks for all your help JonTom.
  2. It's running fine thanks JonTom, AVG is still not detecting any threats since it upgraded yesterday.
  3. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Parent at 15:37:34 on 2012-04-20 Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.2814.1006 [GMT 1:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe C:Windowssystem
  4. C:_OTLMovedFiles04192012_182140c_usersParentAppDataLocalMSMSIMEIMEPad.dll.del a variant of Win32/Sefnit.AR trojan
  5. All processes killed ========== OTL ========== No active process named explorer.exe was found! Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{923ec3bd-61a9-4d9e-bfb6-37e3857c40ae} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{923ec3bd-61a9-4d9e-bfb6-37e3857c40ae} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} not found. Registry valu
  6. All processes killed Error: Unable to interpret <:OTL PRC - C:WINDOWSexplorer.exe (Microsoft Corporation) IE - HKLM..SearchScopes{923ec3bd-61a9-4d9e-bfb6-37e3857c40ae}: "URL" = http://search.mywebs...or={searchTerms} IE - HKLM..SearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...&q={searchTerms} IE - HKCU..URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKCU..SearchScopes{923ec3bd-61a9-4d9e-bfb6-37e3857c40ae}: "URL" = http://search.mywebs...or={searchTerms} FF - user.js - File not found O3 - HK
  7. https://www.virustotal.com/file/4d3edd52d7a88a749d03c20251aa75a15e87d1fcaff26bdffa613a09193b53fe/analysis/1334821762/ SystemLook 30.07.11 by jpshortstuff Log created at 08:55 on 19/04/2012 by Parent Administrator - Elevation successful ========== dir ========== C:UsersParentAppDataLocal{6644FC2A-8A72-4E81-9B5C-4FEF127CA0B8} - Parameters: "/sub" ---Files--- None found. No folders found. C:UsersParentAppDataLocal{ADE635C2-121D-42E3-A02E-AF4255FB28C8} - Parameters: "/sub" ---Files--- None found. No folders found. -= EOF =- N.B AVG updated itself last night to a new a new v
  8. OTL. txt OTL logfile created on: 4/18/2012 5:20:30 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:UsersParentDesktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.75 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 66.33% Memory free 5.50 Gb Paging File | 4.40 Gb Available in Paging File | 79.98% Paging File free Paging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = C: | %SystemR
  9. Extras.txt OTL Extras logfile created on: 4/18/2012 5:20:30 PM - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:UsersParentDesktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.75 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 66.33% Memory free 5.50 Gb Paging File | 4.40 Gb Available in Paging File | 79.98% Paging File free Paging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = C: |
  10. As you know I'm currently using AVG. In your expert opinion, what do you consider to be the best FREE AV program currently availale?
  11. ComboFix 12-04-16.02 - Parent 18/04/2012 13:50:38.5.1 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.2814.1852 [GMT 1:00] Running from: c:usersParentDesktopComboFix.exe Command switches used :: c:usersParentDesktopCFScript.txt SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 ))))))))))))))))))))))))))))))) . . 2012-04-18 13:00 . 2012-04-18 13:00 -------- d-----w- c:usersDefaultAppDataLocaltemp 2012-04-16 07:55 . 2012-04-17 14:08 -------- d-----w
  12. After draging CFScript file into combofix, I get the following message : 'c.bat' is not recognized as an internal or external command, operable program or batch file. C:combofix>
  13. https://www.virustotal.com/file/f01cd9f111ab86101f5115331bc4b2a592ef59df0b958e97889b6aff6bcc2ca4/analysis/1334588671/ link to c:usersParentAppDataLocalMSMSIMEIMEPad.dll https://www.virustotal.com/file/5f53d9cadb445e26d4da62930824009847c492595bb43e3f7a551bb99e066fc7/analysis/1334593747/ link to c:usersParentAppDataLocalMSMSIMEIMEPad.dll.del c:usersParentAppDataLocalIO2trLCkr3zpka6oPoqDdX.cpl file not found
  14. ComboFix 12-04-15.02 - Parent 16/04/2012 8:02.2.1 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.2814.1581 [GMT 1:00] Running from: c:usersParentDesktopComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:usersParentApp
  15. The G drive is indeed an external hard drive. ------------------------------------------------------------------ aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-04-15 19:21:48 ----------------------------- 19:21:48.104 OS Version: Windows 6.1.7601 Service Pack 1 19:21:48.104 Number of processors: 1 586 0x301 19:21:48.104 ComputerName: TOSH UserName: 19:21:50.490 Initialize success 19:23:04.452 AVAST engine defs: 12041501 19:24:11.565 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIdeDeviceP1T0L0-1 19:24:11.565 Disk 0 Vendor:
×
×
  • Create New...