Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

keylogged? hacked? Zaccess rootkit?


  • This topic is locked This topic is locked
25 replies to this topic

#16 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 09 May 2012 - 08:56 AM

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

BC AdBot (Login to Remove)

 


#17 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:20 PM

Posted 09 May 2012 - 07:01 PM

here you go...

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 2 x64
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Out of date HijackThis installed!
Spybot - Search & Destroy
HijackThis 1.99.1
Hijackthis 1.99.1
Java™ 6 Update 31
Adobe Reader X (10.1.2)
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#18 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 10 May 2012 - 07:32 AM

HijacThis is not ready for the 64 bit system. You should remove these programs using the Add/Remove Programs list.

HijackThis 1.99.1
Hijackthis 1.99.1

===

For your information.
There's no SP3 for the 64-bit version of Windows XP. If you're running the 64-bit version of Windows XP with SP2, you have the latest service pack and will continue to be eligible for support and receive updates until April 8, 2014.
<<<>>>

Internet Explorer 6 Out of date!
You may not be using IE but this old version is till vulnerable to infection.
I suggest you update to IE 7 and when all is well get version 8.

#19 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:20 PM

Posted 10 May 2012 - 05:36 PM

It's weird because hijackthis still works, as in, it runs and does everything it always has done...

And as far as IE6, you guessed right that I don't use it, but I can update it I guess.

If that is all you have to suggest, then I thank you for the help all this time.

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#20 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 11 May 2012 - 08:32 AM

It's weird because hijackthis still works, as in, it runs and does everything it always has done...

It runs ok but does not provide accurate information on 64 bit systems.

This is the tool that most forum use from now on.

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.

If needed.
The scan will also create this Attach.txt log I would also like to see the content.
Please post it in a other post for my review, do not attach the file.

Posted Image

#21 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:20 PM

Posted 11 May 2012 - 06:05 PM

DDS is saying that XP 64 bit is not supported, sorry...

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#22 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 12 May 2012 - 08:01 AM

Sorry about that I forgot.

Your logs are clean.

Surf Safely, and Think Prevention!

p.s. If you use ComboFix on your system do not remove any items that is marked as - no file found.
It's a false positive and will only get you in trouble.
That is why I suggest you remove them using the Add/Remove programs list.

Edited by nasdaq, 14 May 2012 - 07:47 AM.


#23 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:20 PM

Posted 12 May 2012 - 05:46 PM

Haha thanks, I usually don't do anything unless you guys tell me too. trust the experts right?

anyways, I see you guys recommend malwarebits, should I use that and not avast, or spybot, or use it with those 2 programs? like is it worth it over those 2, the free or paid version?

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#24 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 13 May 2012 - 08:20 AM

Keep Avast and Spybot. You can also run Malwarebytes on occasion or when some problem indicate that you may have some malware or unwanted programs on board.

#25 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:20 PM

Posted 13 May 2012 - 09:23 AM

Ok, great. :thumbup2:

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#26 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:20 PM

Posted 19 May 2012 - 09:00 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users