New Posts  All Forums:Forum Nav:

Virus help - Page 4

post #31 of 36
Quote:
Originally Posted by nukefission View Post
UAC was disabled the day I built my rig
if gmner comes up clean. Run mgtools. When its done just ringing Ccleaner and you should be clean update your av and scan.
Did your pc slow down or your cpu usage is abnormal or is it running fine? A great app to use if you surf the net is sandboxie. Its just over 2mb. Just start your browser in it. If you hit malware on the net it runs only within the sandboxie. All you do is delete the sandboxie and the malware will be gone. Your system untouched. Its a awesome app.
post #32 of 36
Thread Starter 
Pc is fine
netscan is also fine
Whats classified as a threat in gmer?
also define disable of deamon tools pls
remove from startup? disable virtual drive?
AzuraChan
(13 items)
 
Haruna
(7 items)
 
 
CPUMotherboardGraphicsRAM
Phenom II x6 1055T Asus M4A88TD-V Evo/Usb3 EVGA GTX460 1GB SC + 9800GT Phsyx 2x2GB Corsair 1333MHZ 
Hard DriveOSMonitorPower
6.8TB Total w7 + ubuntu 19" something Seasonic S12II 520W 
Case
modded antec 902 
CPUGraphicsRAMHard Drive
I7 3630QM GTX660M 2GB + HD4000 8GB 1600Mhz 1TB  
Optical DriveOSCase
Blu Ray thing Win8 64bit Lenovo Y580 
  hide details  
Reply
AzuraChan
(13 items)
 
Haruna
(7 items)
 
 
CPUMotherboardGraphicsRAM
Phenom II x6 1055T Asus M4A88TD-V Evo/Usb3 EVGA GTX460 1GB SC + 9800GT Phsyx 2x2GB Corsair 1333MHZ 
Hard DriveOSMonitorPower
6.8TB Total w7 + ubuntu 19" something Seasonic S12II 520W 
Case
modded antec 902 
CPUGraphicsRAMHard Drive
I7 3630QM GTX660M 2GB + HD4000 8GB 1600Mhz 1TB  
Optical DriveOSCase
Blu Ray thing Win8 64bit Lenovo Y580 
  hide details  
Reply
post #33 of 36
do this

Go to the search box enter msconfig right click run as admin.
Go to services tab. Tick on hide ms services and click on disable all.
Go to startup items and untick all the startup items.
Now press apply reboot.
Run gmner.
That's a clean boot so your av nor damon tools would be loaded to interfere. just the legal services will be running if there's some application running then we will spot it easily and have it checked out
post #34 of 36
Reformat to be on the safe side.
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
post #35 of 36
Thread Starter 
:|
Win32/pdfjsc.FG came up and got removed by mse
Reformat and switching to linux is really tempting

would mp3 mkv mp4 ect be infected?

Currently running opera in sandboxie

did with other services disabled
here is gmer log
GMER 1.0.15.15572 - http://www.gmer.net
Rootkit quick scan 2011-05-10 17:44:14
Windows 6.1.7600 Harddisk0\\DR0 -> \\Device\\Ide\\IdeDeviceP0T1L0-3 ST340014A rev.8.01
Running: gmer.exe; Driver: C:\\Users\\Mansoor\\AppData\\Local\\Temp\\pxldrpow .sys


---- Devices - GMER 1.0.15 ----

Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP2T0L0-4 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort0 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort1 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort2 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort3 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort4 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort5 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort6 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdePort7 8741E1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel0 8741F1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel1 8741F1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel2 8741F1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel3 8741F1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel4 8741F1E8
Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP6T0L0-8 8741E1E8
Device \\Driver\\msahci \\Device\\Ide\\PciIde1Channel5 8741F1E8
Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP4T0L0-6 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP0T1L0-3 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP3T0L0-5 8741E1E8
Device \\Driver\\atapi \\Device\\Ide\\IdeDeviceP7T0L0-9 8741E1E8
Device \\Driver\\auydukbt \\Device\\Scsi\\auydukbt1 87C64430
Device \\FileSystem\\Ntfs \\Ntfs 874221E8

AttachedDevice \\Driver\\kbdclass \\Device\\KeyboardClass0 VMkbd.sys
AttachedDevice \\Driver\\kbdclass \\Device\\KeyboardClass1 VMkbd.sys

---- EOF - GMER 1.0.15 ----

Edited by nukefission - 5/10/11 at 8:53am
AzuraChan
(13 items)
 
Haruna
(7 items)
 
 
CPUMotherboardGraphicsRAM
Phenom II x6 1055T Asus M4A88TD-V Evo/Usb3 EVGA GTX460 1GB SC + 9800GT Phsyx 2x2GB Corsair 1333MHZ 
Hard DriveOSMonitorPower
6.8TB Total w7 + ubuntu 19" something Seasonic S12II 520W 
Case
modded antec 902 
CPUGraphicsRAMHard Drive
I7 3630QM GTX660M 2GB + HD4000 8GB 1600Mhz 1TB  
Optical DriveOSCase
Blu Ray thing Win8 64bit Lenovo Y580 
  hide details  
Reply
AzuraChan
(13 items)
 
Haruna
(7 items)
 
 
CPUMotherboardGraphicsRAM
Phenom II x6 1055T Asus M4A88TD-V Evo/Usb3 EVGA GTX460 1GB SC + 9800GT Phsyx 2x2GB Corsair 1333MHZ 
Hard DriveOSMonitorPower
6.8TB Total w7 + ubuntu 19" something Seasonic S12II 520W 
Case
modded antec 902 
CPUGraphicsRAMHard Drive
I7 3630QM GTX660M 2GB + HD4000 8GB 1600Mhz 1TB  
Optical DriveOSCase
Blu Ray thing Win8 64bit Lenovo Y580 
  hide details  
Reply
post #36 of 36
Tell me how long have you been running opera in sandboxie?

Now this your problem. That's a Adobe flash exploit. it comes with a pdf or you viewed a pdf thru your browser on a site. Now that site is unsafe and your Adobe is out of date. If it picked it up while you were in the sandboxie mode then you don't have to worry. Sandboxie don't stop malware but it will keep it running from on your system. malware will run like normal but inside the sandboxie. So everytime you use the sandboxie it will be there. Remember you have to delete the sandbox when your finished with it. That will remove any malware. Just right click on sandboxie and click on delete contents.
Then run Ccleaner and update your Adobe flash and your pdf viewer from Adobes site. If you don't update it it will exploit the vulnerability in Adobe again. If Adobe is updated it can't touch your system.
Edited by Spooony - 5/10/11 at 3:34pm
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security