Jump to content

scottlad

Members
 View Profile  See their activity

  • Posts

    57

  • Joined

  • Last visited

Tech Info

  • Experience
    beginner
  • System: windows_vista_home_2

scottlad's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. scottlad
    cheers ill check size nd order one .might be better with dearer one,dont trust those cheap ones.once again thank you
  2. scottlad
    emachines d620
  3. scottlad
    brillaint your a star matey.one last thing lol wheres the cheapest place for chargers.the one i got with it is a cheap chinese one,and you could light ***s off the thing lol it cuts out yoiu need to unplug it and wait till it cools down before usiong it hhaha
  4. scottlad
    right did that and downloaded firefox.is that it now?also did that last thing make a new restore point?
  5. scottlad
    my files or every file its asking to clean up.its clicked automaticlly on my files,will i change that to all
  6. scottlad
    yea just found run i checked it pressesd ok its there on start
  7. scottlad
    step 4 i dont have system protection in left hand tool bar.sorry for being dense,but i honestly dont know about pcs lol but im getting there lol
  8. scottlad
    also i have microsooft security essentials im just going to keep that one.so what yourt saying is get another fire wall so ill have 2?
  9. scottlad
    ok im doing this,but hit snag cant find the customise button for step 2 bud
  10. scottlad
    ok did new account.yea its running great bud,cant thank you enough.i was worried when u said it had a lot of locked files.i was telling my friend and he said better watch its not kiddy porn.was worried all bloody day about that lol guess thats the downside to buying second hand.im just glad and very gratefull for all the help i recieved.ive kept all those links in desktop.not got a clue how to use them,but ill keep them and if i have probs and you dont mind and have the time im sure you will guide me in the right direction.once again cheers your a gentleman :D
  11. scottlad
    ComboFix 12-11-19.02 - Administrator 19/11/2012 19:17:37.1.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.1789.843 [GMT 0:00] Running from: c:\users\Administrator\Desktop\ComboFix.exe Command switches used :: c:\users\Administrator\Desktop\CFScript (1).txt AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-10-19 to 2012-11-19 ))))))))))))))))))))))))))))))) . . 2012-11-19 19:33 . 2012-11-19 19:33 -------- d-----w- c:\users\Toni_Babee\AppData\Local\temp 2012-11-19 19:33 . 2012-11-19 19:33 -------- d-----w- c:\users\Demi\AppData\Local\temp 2012-11-19 19:33 . 2012-11-19 19:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-19 19:10 . 2012-11-19 19:10 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-11-19 17:03 . 2012-08-07 16:18 740784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A25177A-78F1-E2C9-6259-ADEF04B02947}\GapaEngine.dll 2012-11-19 10:21 . 2012-10-17 01:32 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4022F371-25A7-4CE4-AC67-6A7DC0FC5602}\mpengine.dll 2012-11-18 20:28 . 2012-08-07 16:18 740784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-11-18 20:28 . 2012-08-07 16:18 740784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B493DB2-8CDC-46E6-A529-C904879DB2F6}\gapaengine.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-11-18 20:20 . 2012-11-18 20:20 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-11-18 20:17 . 2012-11-18 20:20 -------- d-----w- c:\program files\QuickTime 2012-11-18 20:09 . 2012-11-18 20:09 -------- d-----w- c:\program files\Apple Software Update 2012-11-17 19:39 . 2012-10-17 01:32 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-11-17 19:30 . 2012-11-17 19:31 -------- d-----w- c:\program files\Microsoft Security Client 2012-11-17 19:29 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys 2012-11-17 14:49 . 2012-11-17 14:48 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-11-17 14:48 . 2012-11-17 14:48 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-11-17 14:29 . 2012-11-17 14:29 -------- d-----w- C:\_OTL 2012-11-16 14:53 . 2012-11-16 14:53 -------- d-----w- c:\programdata\Malwarebytes 2012-11-16 14:53 . 2012-11-16 14:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-16 14:53 . 2012-09-29 19:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-16 08:25 . 2012-10-08 07:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-15 22:36 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll 2012-11-15 22:36 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-12 01:44 . 2012-11-12 01:44 -------- d-----w- c:\programdata\BlueStacks 2012-11-09 17:01 . 2012-10-12 19:09 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-11-08 17:49 . 2012-11-08 17:49 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2012-11-07 01:27 . 2012-11-07 01:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-07 01:27 . 2012-11-07 01:27 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-05 14:20 . 2012-11-05 14:20 -------- d--h--w- c:\programdata\Common Files 2012-11-05 14:17 . 2012-11-05 14:17 -------- d-----w- c:\programdata\Uniblue 2012-11-05 14:09 . 2012-11-17 14:17 -------- d-----w- c:\programdata\MFAData 2012-11-05 13:59 . 2012-11-05 13:59 -------- d-----w- c:\program files\Vittalia 2012-11-05 13:53 . 2012-10-17 01:32 6918632 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4A0236FD-A1A9-4BBC-9D29-822F83DC4A7A}\mpengine.dll 2012-10-25 22:58 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-10-25 22:58 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-10-25 22:58 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-10-25 22:21 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-10-25 22:21 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-10-25 22:21 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-10-25 22:20 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll 2012-10-25 22:20 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-10-25 22:20 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-10-25 22:20 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll 2012-10-25 22:20 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-10-25 22:20 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-10-25 22:20 . 2012-03-30 12:39 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-10-25 22:20 . 2012-03-29 13:39 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-10-25 22:20 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-10-25 22:07 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-10-25 22:07 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-10-25 22:07 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-10-25 22:07 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-10-25 22:07 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll 2012-10-25 22:07 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe 2012-10-25 22:06 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-10-25 22:06 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-10-25 22:01 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll 2012-10-25 22:01 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax 2012-10-25 22:01 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2012-10-25 22:01 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2012-10-25 21:56 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll 2012-10-25 21:55 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2012-10-25 21:55 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll 2012-10-25 21:55 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll 2012-10-25 21:55 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2012-10-25 21:55 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll 2012-10-25 21:52 . 2012-10-25 21:52 -------- d-----w- c:\program files\Citrix 2012-10-25 20:49 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-10-25 20:49 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-10-25 20:49 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-10-25 20:49 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-10-25 20:49 . 2012-11-09 17:12 -------- d-----w- c:\users\Administrator 2012-10-25 20:49 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-10-25 20:49 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-10-25 20:48 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-10-25 20:48 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-10-25 20:48 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-10-25 03:12 . 2012-10-25 03:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 03:12 . 2012-10-25 03:12 69632 ----a-w- c:\windows\system32\QuickTime.qts . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-17 14:48 . 2010-06-09 21:04 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-30 22:03 . 2012-08-30 22:03 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-08-30 22:03 . 2012-08-30 22:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-14 6253088] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "WarReg_PopUp"=c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe "Skytel"=Skytel.exe . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2012-11-13 10:02 1625192 ----a-w- c:\program files\Google\Chrome\Application\25.0.1323.1\Installer\setup.exe . Contents of the 'Scheduled Tasks' folder . 2012-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 01:27] . 2012-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-25 21:56] . 2012-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-25 21:56] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=d620 TCP: DhcpNameServer = 192.168.1.1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-19 19:33 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1637069621-280892266-1607673933-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . [HKEY_USERS\S-1-5-21-1637069621-280892266-1607673933-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice] @Denied: (2) (Administrator) "Progid"="WMP11.AssocFile.AIFF" . Completion time: 2012-11-19 19:37:13 ComboFix-quarantined-files.txt 2012-11-19 19:37 ComboFix2.txt 2012-11-18 23:08 . Pre-Run: 101,247,930,368 bytes free Post-Run: 101,781,016,576 bytes free . - - End Of File - - 002539681FD4DCB19BCBFB4ABD59A59B
  12. scottlad
    brillaint mate:)
  13. scottlad
    ok did that but when it goes to scan i get this box with message were you trying to run cfscript the name cfscript appears to be incorrectly spelt. i copied it exactly as u wrote it mate
  14. scottlad
    ok one last point.i did all you said but when i open the saved file on desktop.its blank thats after me saving it and renmaing it.shoiuld it be blank?i defo copied and pasted into notepad.or should i just drag it down to combo without opening it first.just want to be sure im doing the right thing mate p
  15. scottlad
    ok but i dont understand wht you mean;i cant find the note pad thing to paste that into.sorry for being dense lol i deleted the last two
×
×
  • Create New...