Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
scareware lock computer
Message
<blockquote data-quote="amandamcpherson" data-source="post: 108537" data-attributes="member: 6393"><p>TDSSkiller , OTL logs attached. </p><p></p><p><span style="color: #FF0000">JRT log: </span></p><p></p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p>Junkware Removal Tool (JRT) by Thisisu</p><p>Version: 4.6.6 (02.27.2013:1)</p><p>OS: Microsoft Windows XP x86</p><p>Ran by xx on Sun 03/03/2013 at 10:33:42.73</p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p>~~~ Services</p><p>~~~ Registry Values</p><p>Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName</p><p>Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL</p><p></p><p>~~~ Registry Keys</p><p></p><p>Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}</p><p></p><p>~~~ Files</p><p></p><p>~~~ Folders</p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p>Scan was completed on Sun 03/03/2013 at 10:41:06.75</p><p>End of JRT log</p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p><span style="color: #FF0000"></span></p><p><span style="color: #FF0000">Malwarebytes log: </span></p><p></p><p>Malwarebytes Anti-Malware (Trial) 1.70.0.1100</p><p>www.malwarebytes.org</p><p></p><p>Database version: v2013.03.03.07</p><p></p><p>Windows XP Service Pack 3 x86 NTFS</p><p>Internet Explorer 8.0.6001.18702</p><p>xx :: xx [administrator]</p><p></p><p>Protection: Enabled</p><p></p><p>3/3/2013 10:49:30 AM</p><p>mbam-log-2013-03-03 (10-49-30).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM</p><p>Scan options disabled: P2P</p><p>Objects scanned: 267512</p><p>Time elapsed: 7 minute(s), 38 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Values Detected: 1</p><p>HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Hijack.Shell.Gen) -> Data: C:\Documents and Settings\xx\Application Data\ldr.mcb,explorer.exe -> Quarantined and deleted successfully.</p><p></p><p>Registry Data Items Detected: 1</p><p>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 2</p><p>C:\RECYCLER\S-1-5-18\Dc1.exe (Trojan.Medfos) -> Quarantined and deleted successfully.</p><p>C:\RECYCLER\S-1-5-21-790525478-1343024091-1801674531-414923\Dc2.exe (PUP.Offerware) -> Quarantined and deleted successfully.</p><p></p><p>(end)</p><hr /><p></p><p>Am I all look good now?</p></blockquote><p></p>
[QUOTE="amandamcpherson, post: 108537, member: 6393"] TDSSkiller , OTL logs attached. [color=#FF0000]JRT log: [/color] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.6.6 (02.27.2013:1) OS: Microsoft Windows XP x86 Ran by xx on Sun 03/03/2013 at 10:33:42.73 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990} ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 03/03/2013 at 10:41:06.75 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [color=#FF0000] Malwarebytes log: [/color] Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.03.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 xx :: xx [administrator] Protection: Enabled 3/3/2013 10:49:30 AM mbam-log-2013-03-03 (10-49-30).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 267512 Time elapsed: 7 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Hijack.Shell.Gen) -> Data: C:\Documents and Settings\xx\Application Data\ldr.mcb,explorer.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\RECYCLER\S-1-5-18\Dc1.exe (Trojan.Medfos) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-790525478-1343024091-1801674531-414923\Dc2.exe (PUP.Offerware) -> Quarantined and deleted successfully. (end) [hr] Am I all look good now?[/hr] [/QUOTE]
Insert quotes…
Verification
Post reply
Top