Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Do I have a Virus?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Do I have a Virus?

Unread postby askey127 » January 21st, 2012, 11:25 am

blah9,
I am fairly sure you have a serious infection of the Master Boot record on the hard drive.
We will do a double check by sending a copy of it to an antivirus analytical site.
First we will get a copy and save it as a file we can transmit.
In the meantime, under no circumstances should you use this machine for anything personal or financial.
I will give you a rundown on the issues after we get test results.
---------------------------------------------
Run MBR Backup
Download MBR Backup from the link below, and save it on your desktop
http://www.trojanhunter.com/products/mbr-backup/
Notice what the page will look like when you run the program.

Plug a Flash drive into the usual socket. If you have an empty flash drive, use it.

On your desktop, right click the progarm icon labeled MBRbackup.exe and choose "Run as administrator".
After a very short delay, a screen like the one you saw on the website will appear.
Click on Save MBR.. and choose the desktop as the location.
Click on Save MBR.. again and choose to save a copy to your drive F:\ flash
Leave the Flash drive plugged in and perform the sequence below.
---------------------------------------------
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: Select all
    :dir
    %Userprofile%\desktop /s
    F:\ /s
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Re: Do I have a Virus?

Unread postby blah9 » January 21st, 2012, 9:05 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 20:02 on 21/01/2012 by theodore trueheart
Administrator - Elevation successful

========== dir ==========

C:\Users\theodore trueheart\desktop - Parameters: "/s"

---Files---
Best Buy Games.url --a---- 138 bytes [23:54 21/10/2009] [22:00 13/01/2011]
BigTrue.lnk --a---- 943 bytes [18:42 28/11/2009] [18:42 28/11/2009]
desktop.ini --ahs-- 282 bytes [03:58 30/08/2009] [03:58 30/08/2009]
Favorites - Shortcut.lnk --a---- 387 bytes [01:38 16/12/2011] [01:38 16/12/2011]
Google Chrome.lnk --a---- 1931 bytes [00:49 10/01/2012] [00:49 10/01/2012]
MBRBackup.exe --a---- 1452824 bytes [01:00 22/01/2012] [00:58 22/01/2012]
MBR_2012-01-21.bin --a---- 512 bytes [01:01 22/01/2012] [01:01 22/01/2012]
slook code.txt --a---- 38 bytes [01:00 22/01/2012] [01:00 22/01/2012]
Slots Oasis.lnk --a---- 1657 bytes [03:00 20/12/2009] [03:00 20/12/2009]
SystemLook.exe --a---- 139264 bytes [01:00 22/01/2012] [01:02 19/01/2012]
SystemLook.txt --a---- 0 bytes [01:02 22/01/2012] [01:02 22/01/2012]
tdsskiller.exe --a---- 2054448 bytes [00:34 20/01/2012] [00:26 20/01/2012]

C:\Users\theodore trueheart\desktop\New Folder d------ [01:30 06/05/2011]
990303770_217_0232.jpg --a---- 7792763 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6427_0229.jpg --a---- 2214194 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6429_0228.jpg --a---- 2190951 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6431_0227.jpg --a---- 2280968 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6432_0225.jpg --a---- 2124400 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6432_1_0226.jpg --a---- 788958 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6433_0224.jpg --a---- 2107169 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6434_0222.jpg --a---- 2063566 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6434_1_0223.jpg --a---- 700677 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6435_0221.jpg --a---- 2311746 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6437_0220.jpg --a---- 2118187 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6438_0219.jpg --a---- 2277267 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6439_0217.jpg --a---- 2165941 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6439_1_0218.jpg --a---- 1231267 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6440_0216.jpg --a---- 2190808 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6441_0215.jpg --a---- 2054612 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6442_0214.jpg --a---- 2251803 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6443_0213.jpg --a---- 2248359 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6444_0212.jpg --a---- 2177612 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6445_0211.jpg --a---- 2326493 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6446_0209.jpg --a---- 2109429 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6446_1_0210.jpg --a---- 798188 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6448_0208.jpg --a---- 2153233 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6449_0207.jpg --a---- 2293161 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6451_0206.jpg --a---- 2171674 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6452_0205.jpg --a---- 2218681 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6454_0204.jpg --a---- 2257112 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6455_0203.jpg --a---- 2251891 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6456_0202.jpg --a---- 2186257 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6457_0201.jpg --a---- 2132809 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6459_0200.jpg --a---- 2223499 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6461_0199.jpg --a---- 2221946 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6462_0198.jpg --a---- 2351198 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6463_0197.jpg --a---- 2329340 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6464_0196.jpg --a---- 2202422 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6465_0195.jpg --a---- 2087467 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6466_0194.jpg --a---- 2124250 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6467_0193.jpg --a---- 2324014 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6468_0191.jpg --a---- 2263897 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6468_1_0192.jpg --a---- 800305 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6469_0190.jpg --a---- 2249101 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6471_0189.jpg --a---- 2130598 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6472_0188.jpg --a---- 2302680 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6473_0187.jpg --a---- 2243893 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6474_0186.jpg --a---- 2189054 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6475_0185.jpg --a---- 2210172 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6476_0184.jpg --a---- 2263149 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6477_0183.jpg --a---- 2296062 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6478_0182.jpg --a---- 2161967 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6479_0181.jpg --a---- 2109802 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6480_0179.jpg --a---- 2011665 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6480_1_0180.jpg --a---- 703703 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6481_0178.jpg --a---- 2256755 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6482_0177.jpg --a---- 2165075 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6483_0176.jpg --a---- 2176051 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6484_0175.jpg --a---- 2099980 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6485_0174.jpg --a---- 2017486 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6486_0173.jpg --a---- 2160538 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6487_0172.jpg --a---- 2350712 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6488_0171.jpg --a---- 2260702 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6490_0170.jpg --a---- 2116359 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6491_0169.jpg --a---- 2187470 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6492_0168.jpg --a---- 2261769 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6493_0167.jpg --a---- 2203516 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6494_0166.jpg --a---- 2128897 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6495_0165.jpg --a---- 2339912 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6496_0164.jpg --a---- 2288087 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6497_0163.jpg --a---- 2220134 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6498_0162.jpg --a---- 2153183 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6499_0161.jpg --a---- 2327829 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6500_0160.jpg --a---- 2148333 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6501_0159.jpg --a---- 2275205 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6502_0158.jpg --a---- 2143573 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6503_0157.jpg --a---- 2032639 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6504_0156.jpg --a---- 2381328 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6505_0154.jpg --a---- 2111643 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6505_1_0155.jpg --a---- 986085 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6506_0153.jpg --a---- 2202462 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6507_0152.jpg --a---- 2097124 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6508_0151.jpg --a---- 2296539 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6509_0150.jpg --a---- 2150229 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6510_0149.jpg --a---- 2095509 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6511_0148.jpg --a---- 2325847 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6512_0147.jpg --a---- 2097848 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6513_0146.jpg --a---- 2281404 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6514_0145.jpg --a---- 2264175 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6515_0144.jpg --a---- 2148170 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6516_0143.jpg --a---- 2085373 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6517_0142.jpg --a---- 2116794 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6518_0141.jpg --a---- 2125297 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6519_0140.jpg --a---- 2272008 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6520_0139.jpg --a---- 2192936 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6521_0138.jpg --a---- 2245482 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6522_0137.jpg --a---- 2258040 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6523_0135.jpg --a---- 2176343 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6523_1_0136.jpg --a---- 894221 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6524_0133.jpg --a---- 2174498 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6524_1_0134.jpg --a---- 874912 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6525_0132.jpg --a---- 2129843 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6526_0131.jpg --a---- 2259772 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6527_0130.jpg --a---- 2268003 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6528_0129.jpg --a---- 2125196 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6529_0127.jpg --a---- 2229269 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6529_1_0128.jpg --a---- 745233 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6530_0126.jpg --a---- 2237864 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6531_0125.jpg --a---- 2181201 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6532_0124.jpg --a---- 2267806 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6533_0123.jpg --a---- 2170141 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6534_0122.jpg --a---- 2278804 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6535_0120.jpg --a---- 2211242 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6535_1_0121.jpg --a---- 1306808 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6536_0119.jpg --a---- 2274440 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6537_0118.jpg --a---- 2321050 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6538_0117.jpg --a---- 2103687 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6539_0116.jpg --a---- 2103260 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6540_0115.jpg --a---- 2203649 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6541_0114.jpg --a---- 2308743 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6542_0113.jpg --a---- 2131409 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6543_0112.jpg --a---- 2221668 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6544_0111.jpg --a---- 2282653 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6545_0110.jpg --a---- 2124598 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6546_0109.jpg --a---- 2205292 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6547_0108.jpg --a---- 2171051 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6549_0107.jpg --a---- 2326163 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6550_0106.jpg --a---- 2208721 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6551_0105.jpg --a---- 2273998 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6552_0104.jpg --a---- 2130888 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6553_0103.jpg --a---- 2198600 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6554_0102.jpg --a---- 2234189 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6555_0101.jpg --a---- 2249230 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6556_0100.jpg --a---- 2180440 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6557_0099.jpg --a---- 2132088 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6558_0098.jpg --a---- 2288021 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6559_0097.jpg --a---- 2141601 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6560_0096.jpg --a---- 2107778 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6562_0095.jpg --a---- 2065952 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6563_0094.jpg --a---- 2311059 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6564_0093.jpg --a---- 2103745 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6565_0092.jpg --a---- 2224171 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6567_0091.jpg --a---- 2074139 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6568_0090.jpg --a---- 2126006 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6570_0089.jpg --a---- 2311327 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6571_0088.jpg --a---- 2155165 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6572_0087.jpg --a---- 2220338 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6574_0086.jpg --a---- 2131226 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6575_0085.jpg --a---- 2071634 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6576_0084.jpg --a---- 2273920 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6577_0083.jpg --a---- 2067912 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6578_0082.jpg --a---- 2039418 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6579_0081.jpg --a---- 2232272 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6581_0080.jpg --a---- 2239780 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6582_0079.jpg --a---- 2275097 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6584_0078.jpg --a---- 2105438 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6585_0077.jpg --a---- 2222663 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6587_0076.jpg --a---- 2260144 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6588_0075.jpg --a---- 2018667 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6589_0074.jpg --a---- 2219964 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6590_0073.jpg --a---- 2214378 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6591_0072.jpg --a---- 2190799 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6592_0071.jpg --a---- 2107231 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6593_0070.jpg --a---- 2159607 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6595_0069.jpg --a---- 2224522 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6596_0068.jpg --a---- 2235534 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6597_0067.jpg --a---- 2250790 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6598_0066.jpg --a---- 2160209 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6599_0065.jpg --a---- 2214960 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6600_0064.jpg --a---- 2133652 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6603_0062.jpg --a---- 2322914 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6603_1_0063.jpg --a---- 786927 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6604_0061.jpg --a---- 2303680 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6606_0060.jpg --a---- 2276280 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6607_0059.jpg --a---- 2258536 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6608_0058.jpg --a---- 2205418 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6609_0057.jpg --a---- 2137658 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6610_0056.jpg --a---- 2322793 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6611_0055.jpg --a---- 2166814 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6613_0054.jpg --a---- 2121466 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6614_0053.jpg --a---- 2226787 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6615_0052.jpg --a---- 2232034 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6618_0051.jpg --a---- 2264640 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6619_0050.jpg --a---- 2089918 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6622_0049.jpg --a---- 2097426 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6623_0048.jpg --a---- 2275639 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6625_0046.jpg --a---- 2331762 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6625_1_0047.jpg --a---- 1030733 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6626_0045.jpg --a---- 2172512 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6627_0044.jpg --a---- 2164951 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6628_0043.jpg --a---- 2112547 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6629_0042.jpg --a---- 2152432 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6630_0041.jpg --a---- 2068212 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6631_0040.jpg --a---- 2189300 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6632_0039.jpg --a---- 2317135 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6633_0038.jpg --a---- 2250922 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6634_0037.jpg --a---- 2146499 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6635_0036.jpg --a---- 2195589 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6638_0035.jpg --a---- 2071583 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6639_0034.jpg --a---- 2113666 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6641_0033.jpg --a---- 2250622 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6646_0032.jpg --a---- 2244588 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6647_0031.jpg --a---- 2173243 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6648_0030.jpg --a---- 2122553 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6649_0029.jpg --a---- 2097562 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6650_0028.jpg --a---- 2138569 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6651_0027.jpg --a---- 2135984 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6652_0026.jpg --a---- 2259958 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6653_0025.jpg --a---- 2142463 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6654_0024.jpg --a---- 2268693 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6655_0023.jpg --a---- 2119024 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6656_0022.jpg --a---- 2052418 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6657_0021.jpg --a---- 2092251 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6658_0020.jpg --a---- 2134729 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6660_0019.jpg --a---- 2280924 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6661_0018.jpg --a---- 2127744 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6662_0017.jpg --a---- 2151028 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6663_0016.jpg --a---- 2284468 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6664_0015.jpg --a---- 2172256 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6665_0014.jpg --a---- 2108824 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6666_0013.jpg --a---- 2213374 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6668_0012.jpg --a---- 2170034 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6671_0011.jpg --a---- 2292247 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6672_0010.jpg --a---- 2325738 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6673_0008.jpg --a---- 2029353 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6673_1_0009.jpg --a---- 805568 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6674_0007.jpg --a---- 2026642 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6675_0006.jpg --a---- 2049315 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6676_0005.jpg --a---- 2090197 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6677_0004.jpg --a---- 2224831 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6678_0003.jpg --a---- 2337410 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6679_0002.jpg --a---- 2194323 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6680_0001.jpg --a---- 2198599 bytes [01:34 06/05/2011] [13:41 03/05/2011]
DSCN6680_1_0231.jpg --a---- 764536 bytes [01:34 06/05/2011] [13:41 03/05/2011]
FSCN6090_0230.jpg --a---- 2343383 bytes [01:34 06/05/2011] [13:41 03/05/2011]

C:\Users\theodore trueheart\desktop\New Folder\New Folder d------ [01:34 06/05/2011]

F: - Parameters: "/s"

---Files---
MBR_2012-01-21.bin --a---- 512 bytes [01:02 22/01/2012] [01:02 22/01/2012]

No folders found.

-= EOF =-
blah9
Regular Member
 
Posts: 19
Joined: January 14th, 2012, 8:50 pm

Re: Do I have a Virus?

Unread postby askey127 » January 22nd, 2012, 8:16 am

blah9,
-----------------------------------------------------------
Submit a file to Jotti
Please go here : http://virusscan.jotti.org/
On top of the page there is a field to add the filepath.
Copy and paste this single line filepath:
F:\MBR_2012-01-21.bin

Then hit Submit or Upload, depending on the scanner.
The scan will take a while before the result comes up so please be patient.
Then copy and/or save the result and post it here in this thread.

If Jotti's service load is too high, you can use the following scanner instead:
http://www.virustotal.com/xhtml/index_en.html
or virus.org here: http://scanner.virus.org/

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Do I have a Virus?

Unread postby blah9 » January 22nd, 2012, 5:47 pm

http://virusscan.jotti.org/en/scanresul ... d98c5bd075

Status:
Scan finished. 0 out of 20 scanners reported malware.

Additional info
File size: 512 bytes
Filetype: x86 boot sector
MD5: a0ae051ee01c3c6f4bcd6d3713225073
SHA1: b413d8e2b97f4408c148d74853a9bff0e424ecb9
blah9
Regular Member
 
Posts: 19
Joined: January 14th, 2012, 8:50 pm

Re: Do I have a Virus?

Unread postby askey127 » January 23rd, 2012, 9:17 am

blah9,
Looks like your Master Boot Record is OK after all. That's good.
We need to be sure there are no visible malicious files remaining.
----------------------------------------------------------------------------------
Download and Run MalwareBytes' Anti-Malware It is free for non-business use.
Please go here to the Download Location, click on Download in the Free column..
When the next page comes up, click on the Download Now button.
  • After clicking on the download and choosing Save, the "Save to location" dialog will come up.
  • Click the browse folders button, then click on Desktop on the left as the location for the installer and click Save again. Close the dialog when the download is complete.
  • You should now have a desktop icon named mbam-setup.exe. (If the download was saved somewhere else, locate it and copy or move it to your desktop).
  • Right click it, choose Run as administrator and Continue
  • Let it install where it wants to, with the default settings, and click Finish.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
    (You can Decline any Offer for a Trial if you don't want the paid version)
  • Once the program has started up, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.
-------------------------------------------------
Run the ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
You will, however, need to disable your current installed Anti-Virus.
TO DISABLE AVAST
Right click on the avast! icon in system tray (looks like this: Image) and choose (Stop On-Access Protection)
Avast On-Access Protection is now disabled.
Reverse the procedure to re-enable the On-Access Protection.


Vista/Windows 7 users: You will need to to right-click on the either the Internet Explorer or FireFox icon in the Start Menu or Quick Launch Bar and select Run as Administrator.

  • Please go here to run the scan.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

So we would like to see the log from malwarebytes Anti-Malware and the log from ESET.
You can post replies separately as you do each task if you wish
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Do I have a Virus?

Unread postby blah9 » January 25th, 2012, 8:37 pm

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.25.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
theodore trueheart :: THEODORETRUE-PC [administrator]

1/25/2012 1:02:36 PM
mbam-log-2012-01-25 (13-02-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 171697
Time elapsed: 9 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=7351df103316164a9d6cae091f1a8749
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-01-25 11:48:44
# local_time=2012-01-25 06:48:44 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1793 16774142 0 20 59808567 113091580 0 0
# compatibility_mode=5892 16776574 100 95 5063198 164137163 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=230777
# found=1
# cleaned=0
# scan_time=5688
C:\Program Files\Slots Oasis\casino.dll a variant of Win32/CasOnline application (unable to clean) 00000000000000000000000000000000 I
blah9
Regular Member
 
Posts: 19
Joined: January 14th, 2012, 8:50 pm

Re: Do I have a Virus?

Unread postby askey127 » January 26th, 2012, 7:33 pm

blah9,
I think your machine is OK.
To be completely clean you probably should go in and delete the folder under C:\Program Files\ called Slots Oasis
Virtually all Casino, Poker, and Gambling sites have some lack of transparency or ethics. Avoiding them is a good idea.

I think you are good to go.
You can open OTL.exe on your desktop and click the Clean UP button to remove most of our tools.

Good luck.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Do I have a Virus?

Unread postby blah9 » January 27th, 2012, 8:05 am

Great! thank you askey.
blah9
Regular Member
 
Posts: 19
Joined: January 14th, 2012, 8:50 pm

Re: Do I have a Virus?

Unread postby askey127 » January 27th, 2012, 8:17 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 106 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware