Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm not sure if I have a BOT...


  • Please log in to reply
5 replies to this topic

#1 kittykat11

kittykat11

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 08 October 2011 - 09:02 PM

Hi! This is my first time posting...and although I've been using a computer for ages, it seems I can't keep up! My ISP called and left a phone message saying that I "may" have a BOT. Well, I wasn't even sure what that was, so I followed their instructions but can't find anything on my computer. I know it's not a virus, but ran the suggested security stuff, and sure enough, I don't have any viruses showing up. The most noticeable symptoms started~after~the virus scans. I have been using Firefox, but I can't even open that now. I can't get to links from my email, so to register here I cut and paste the info into Explorer. An anti-virus program appeared on my desktop today (Kaspersky) that I didn't download (and my Husband says he doesn't think he did!) and I couldn't get on the internet at all until I uninstalled it. After a little searching I have a basic understanding of what a BOT is, but I'm not sure what to do about it. Before all this happened I didn't have too much trouble, it was running a little slower so I thought it might be time to clean up a bit, but as soon as I started looking into what my ISP told me it's been all downhill. I made sure I was on the legit ISP website(Comcast)because I was a little suspicious. I'll admit it, I've been dumb and trusting before and have fallen for downloading things to "help" and gotten junk on my computer so I tried to be careful but I'm not sure if I made things worse. Any advice on where to go from here? Thanks! Kat

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 08 October 2011 - 09:25 PM

Hello kittykat11
backdoor Trojans, Botnets, and IRC Bots are very dangerous because they compromise system integrity by making changes that allow it to by used by the attacker for malicious purposes.

If we find one i'll give more info on it.

Let's run a few tools and see.
Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.6.4.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
[color=green]Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 kittykat11

kittykat11
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 08 October 2011 - 11:25 PM

ok, here's what I got...


Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG 2011
AVG PC Tuneup 2011
AVG 2011
McAfee Security Scan Plus
```````````````````````````````
Anti-malware/Other Utilities Check:

Secunia PSI (2.0.0.3003)
AVG PC Tuneup 2011
Java™ 6 Update 26
Out of date Java installed!
Adobe Flash Player 10.3.183.10
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````


MiniToolBox by Farbar
Ran by Owner (administrator) on 08-10-2011 at 22:47:20
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : owner-e37e17069

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : hsd1.pa.comcast.net.

Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection

Physical Address. . . . . . . . . : 00-19-B9-35-8F-12

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 75.75.76.76

75.75.75.75

Lease Obtained. . . . . . . . . . : Saturday, October 08, 2011 9:09:21 PM

Lease Expires . . . . . . . . . . : Sunday, October 09, 2011 9:09:21 PM

Server: cdns02.comcast.net
Address: 75.75.76.76

Name: google.com
Addresses: 72.14.204.147, 72.14.204.105, 72.14.204.103, 72.14.204.104
72.14.204.99



Pinging google.com [72.14.204.103] with 32 bytes of data:



Reply from 72.14.204.103: bytes=32 time=31ms TTL=52

Reply from 72.14.204.103: bytes=32 time=29ms TTL=52



Ping statistics for 72.14.204.103:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 29ms, Maximum = 31ms, Average = 30ms

Server: cdns02.comcast.net
Address: 75.75.76.76

Name: yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 67.195.160.76
72.30.2.43



Pinging yahoo.com [98.137.149.56] with 32 bytes of data:



Reply from 98.137.149.56: bytes=32 time=104ms TTL=48

Reply from 98.137.149.56: bytes=32 time=103ms TTL=48



Ping statistics for 98.137.149.56:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 103ms, Maximum = 104ms, Average = 103ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 b9 35 8f 12 ...... Intel® PRO/1000 MT Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.101 192.168.1.101 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/08/2011 06:38:03 PM) (Source: MsiInstaller) (User: Owner)Owner
Description: Product: Kaspersky Security Scan -- ERROR: Script failed - 0x80070002 (-2147024894)


The install has aborted!

AfterU: USER_CloseKSSApplication() - User function starting...
AfterL:

Error: (10/07/2011 11:00:17 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected an inconsistency in its internal state. The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (09/30/2011 11:24:43 PM) (Source: Application Hang) (User: )
Description: Hanging application AcroRd32.exe, version 10.1.1.33, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/27/2011 00:50:28 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 7.0.0.4282, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/25/2011 09:16:01 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\TEMPLATES.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/25/2011 09:16:01 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\TEMPLATES.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/21/2011 09:00:40 AM) (Source: CNET TechTracker) (User: Owner)Owner
Description: result: Scan Failed - General scan failure
computer: owner-e37e17069
scanned on: 9/20/2011 9:54 AM

Error: (09/21/2011 09:00:38 AM) (Source: CNET TechTracker) (User: Owner)Owner
Description: Unable to complete request due to error:

The server name or address could not be resolved

Error: (09/17/2011 08:50:54 AM) (Source: CNET TechTracker) (User: Owner)Owner
Description: result: Scan Failed - Error getting update information from server
computer: owner-e37e17069
scanned on: 9/16/2011 2:12 PM

Error: (09/16/2011 01:57:23 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 6.0.2.4262, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (10/08/2011 09:12:11 PM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service hung on starting.

Error: (10/08/2011 07:07:26 PM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service hung on starting.

Error: (10/08/2011 06:38:15 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/08/2011 06:38:14 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================


7-Zip 9.20
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 10 Plugin (Version: 10.3.183.10)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ArcadeWeb
Ask Toolbar (Version: 1.12.2.0)
AVG 2011 (Version: 10.0.1410)
AVG 2011 (Version: 10.0.1520)
AVG PC Tuneup 2011 (Version: 10.0.0.24)
Big Fish Games: Game Manager (Version: 3.0.1.60)
CA Pest Patrol Realtime Protection (Version: 001.001.0034)
Canon Easy-PhotoPrint EX
Canon Easy-PhotoPrint Pro
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG6100 series MP Drivers
Canon MG6100 series User Registration
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Cooking Academy 2: World Cuisine (Version: 32.0.0.0)
Coupon Printer for Windows (Version: 5.0.0.0)
Dark Tales: Edgar Allan Poe's Murders in the Rue Morgue (Version: 32.0.0.0)
Dragon Keeper (Version: 32.0.0.0)
Dream Chronicles®: The Book of Water™ (Version: 32.0.0.0)
Dream Chronicles®: The Chosen Child™ (Version: 32.0.0.0)
Dream Chronicles™ (Version: 32.0.0.0)
Dream Chronicles™ 2: The Eternal Maze (Version: 32.0.0.0)
EA Download Manager (Version: 7.0.0.74)
eMusic Download Manager 5.0.1
eMusic Download Manager v5.0.2 (Version: 5.0.2)
Farmscapes™ Collector's Edition (Version: 32.0.0.0)
Goddess Chronicles (Version: 32.0.0.0)
Google Chrome (Version: 14.3.17354)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.69)
Intel® PRO Network Connections Drivers
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Letters from Nowhere (Version: 32.0.0.0)
McAfee Security Scan Plus (Version: 2.0.181.2)
Media Wizard 3.0 for SGH-I617 (Version: 3.0)
MeFeedia (Version: 1.0.0.1)
Memory Stick / Floppy Disk Adaptor
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Money 2006 (Version: 15)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mishap 2: An Intentional Haunting (Version: 32.0.0.0)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
Mystery Case Files &reg;: 13th Skull ™ Collector's Edition
Nero Suite
NetAssistant (Version: 3.6.5)
NotePadSync (Version: 1.01.000)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA nView Desktop Manager (Version: 6.14.10.13527)
Peggle™ Nights (Version: 32.0.0.0)
Personal Ancestral File 5
Puppy Sanctuary (Version: 32.0.0.0)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody
Secunia PSI (2.0.0.3003)
SierraHome Print Artist 8.0
SoundMAX
swMSM (Version: 12.0.0.1)
The Mysterious Case of Dr. Jekyll and Mr. Hyde (Version: 32.0.0.0)
The Sims™ 3 (Version: 1.19.44)
The Sims™ 3 Fast Lane Stuff (Version: 5.5.4)
The Sims™ 3 High-End Loft Stuff (Version: 3.9.6)
The Sims™ 3 World Adventures (Version: 2.13.6)
WD SmartWare (Version: 1.2.0.8)
Web Games Player Plugin
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile® Device Handbook (Version: 1.0)
WinZip 14.5 (Version: 14.5.9095)
WinZip Self-Extractor
WYO Home Inventory 4.16 (Version: 4.16)
XFINITY Toolbar (Version: 3.5.1.10)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 2046.98 MB
Available physical RAM: 978.89 MB
Total Pagefile: 3942.44 MB
Available Pagefile: 2906 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.54 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.24 GB) (Free:4.03 GB) NTFS
5 Drive f: (Local Disk) (Fixed) (Total:74.53 GB) (Free:31.14 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-E37E17069

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7906

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/9/2011 12:13:57 AM
mbam-log-2011-10-09 (00-13-57).txt

Scan type: Quick scan
Objects scanned: 171709
Time elapsed: 1 hour(s), 14 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I also did TDSSKiller.exe with nothing found.

Thanks =-)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 09 October 2011 - 06:25 PM

Looks clean now. You need to update to Java 7,this is a weakness for malware to exploit.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 kittykat11

kittykat11
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:56 AM

Posted 10 October 2011 - 10:01 PM

Ok, Thanks! I still can't use Firefox or use links in my email. Not sure what that's about, but I'll update to Java 7 next.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 10 October 2011 - 10:10 PM

As your Firefox is Out of Date from log above. You can try updating and seeing or un and Re install it.


I'm not sure I can help with this as I do not understand it.
use links in my email

You nay need to ask here woth info about is and your mail program/
http://www.bleepingcomputer.com/forums/forum14.html
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users