wolfturn

Members
  • Content Count

    16
  • Joined

  • Last visited

Everything posted by wolfturn

  1. I want it to update automatically though... I know a bit of HTML.. nothing seems to update by itself
  2. Thanks for helping me out! Your help is extremely appreciated.
  3. OTL logfile created on: 9/21/2010 12:26:05 AM - Run 6 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop\Virus Stuff Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %
  4. The kaspersky scanner didin't work, i didin't have the system requierments to run the program. And i downloaded safari just for that! Heres what it looked like when i ran it (www.wolfturn.nrgs.org/Pictures/2010-09-20_1658.png) OTL logfile created on: 9/20/2010 4:24:37 PM - Run 5 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop\Virus Stuff Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Availab
  5. Here you are kind sir, thanks again for helping me out with this problem btw. ComboFix 10-09-19.01 - Gerell 09/20/2010 8:32.2.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.2039.1058 [GMT -4:00] Running from: c:\users\Gerell\Desktop\ComboFix.exe Command switches used :: c:\users\Gerell\Desktop\CFScript.txt SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} . ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))
  6. Ok, I ran the program. It did some restart boot-scan type deal, and found an infected file. I think it auto-deleted it or something. I hope whatever it did shows in this log. It also didn't ask me to install the recovery console, so i'm assuming i already have it. By the way, i'm using a program called "oceanis change background w7" to change my background on windows 7 starter. Would that be another reason why i'm getting problems? LOG HERE | V ComboFix 10-09-19.01 - Gerell 09/19/2010 22:49:58.1.2 - x86 Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.2039.1330 [GMT -4:00] Running from
  7. OTL logfile created on: 9/18/2010 5:01:46 PM - Run 4 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop\Virus Stuff Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %P
  8. OTL logfile created on: 9/17/2010 6:55:48 PM - Run 3 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop\Virus Stuff Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %P
  9. OTL logfile created on: 9/17/2010 4:55:10 PM - Run 2 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop\Virus Stuff Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %P
  10. Is it possible to have everything thats on (www.wolfturn.nrgs.org/Pictures) Display on a website instead of that bland spot? And is it possible to have it put thumbnails? This is a friends site, he gave me a subdomain, so i only have access to the FTP.
  11. When i finished running the fix with OTL it gave me this log. All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16480c6-8706-11df-b4fb-002243ff77a0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a16480c6-8706-11df-b4fb-002243ff77a0}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16480c6-8706-11df-b4fb-002243ff77a0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a16480c6-8706-11df-b4fb-00
  12. Here are the TDSSkiller logs. Not sure if i copied two of the same one... I kinda got confused. Tell me if i did, i'll post the 3rd one. 2010/09/15 19:14:28.0193 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44 2010/09/15 19:14:28.0194 ================================================================================ 2010/09/15 19:14:28.0194 SystemInfo: 2010/09/15 19:14:28.0194 2010/09/15 19:14:28.0194 OS Version: 6.1.7600 ServicePack: 0.0 2010/09/15 19:14:28.0195 Product type: Workstation 2010/09/15 19:14:28.0195 ComputerName: GERELL-PC 2010/09/15 19:14:28.0199 UserName: Gerell 2010/09/
  13. OTL logfile created on: 9/16/2010 5:54:42 PM - Run 1 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles%
  14. OTL logfile created on: 9/16/2010 5:54:42 PM - Run 1 OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Gerell\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles%
  15. Ok, i've done everything up to the MBAM Part. Heres the scan info: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4610 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/16/2010 4:50:04 PM mbam-log-2010-09-16 (16-50-04).txt Scan type: Quick scan Objects scanned: 133917 Time elapsed: 10 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (N
  16. I have Avast! antivirus on my computer. I'm not sure what the heck i did, but it seems i have a virus. I ran a boot-scan on my computer and avast picked up 7 items which i "moved to chest" I also ran malwarebytes quick scan and picked up nothing. whenever i search something on google it says www.wolfturn.nrgs.org/Pictures/2010-09-13_1828.png and sometimes, randomly one comes up that say something about a game(somthing) site, and one comes up that says something about svchost or something like that. Anyone have an idea what it is, or can help me diagnose and remove this? (Edit:) Sorry for Posti