Pop ups on certain words on page as well as pop ups on webpage

Status
Not open for further replies.
drewnath1 said:
View attachment 11568View attachment 11567
Click to expand...

Results of screen317's Security Check version 0.99.84
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ECHO is off.
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````
IObit IObit Malware Fighter IMFsrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 
drewnath1 said:
Results of screen317's Security Check version 0.99.84
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ECHO is off.
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````
IObit IObit Malware Fighter IMFsrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
Click to expand...
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-06-14 12:00:00
-----------------------------
12:00:00.543 OS Version: Windows 5.1.2600 Service Pack 3
12:00:00.543 Number of processors: 2 586 0xE08
12:00:00.543 ComputerName: OFFICE UserName: Drew
12:00:01.043 Initialize success
12:13:07.715 AVAST engine defs: 14061401
12:13:14.308 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:13:14.355 Disk 0 Vendor: ST980825AS 8.02 Size: 74881MB BusType: 3
12:13:14.355 Disk 2 \Device\Harddisk2\SR0 -> \Device\SdBus-0
12:13:14.371 Disk 2 Vendor: ( Size: 3781MB BusType: 12
12:13:14.621 Disk 0 MBR read successfully
12:13:14.621 Disk 0 MBR scan
12:13:15.996 Disk 0 Windows XP default MBR code
12:13:16.043 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
12:13:17.246 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70064 MB offset 96390
12:13:18.215 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 143605035
12:13:18.590 Disk 0 scanning sectors +153340425
12:13:19.199 Disk 0 scanning C:\WINDOWS\system32\drivers
12:14:01.590 Service scanning
12:14:35.371 Modules scanning
12:14:43.418 Disk 0 trace - called modules:
12:14:43.449 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
12:14:43.449 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f7a030]
12:14:43.465 3 CLASSPNP.SYS[f7631fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f55940]
12:14:44.652 AVAST engine scan C:\WINDOWS
12:15:07.902 AVAST engine scan C:\WINDOWS\system32
12:19:06.543 AVAST engine scan C:\WINDOWS\system32\drivers
12:19:28.621 AVAST engine scan C:\Documents and Settings\Drew
12:23:19.371 File: C:\Documents and Settings\Drew\Application Data\Sun\Java\Deployment\cache\6.0\33\764778a1-4b8d2e90 **INFECTED** Win32:MalOb-IF [Cryp]
12:27:34.965 File: C:\Documents and Settings\Drew\Local Settings\Temp\1867A879-BAB0-7891-9B3C-3D2DC9DC6FF1\Latest\MyDeltaTB.exe **INFECTED** Win32:Adware-gen [Adw]
12:31:02.730 File: C:\Documents and Settings\Drew\Local Settings\Temp\POS58.tmp **INFECTED** Win32:MalOb-IF [Cryp]
12:31:02.996 File: C:\Documents and Settings\Drew\Local Settings\Temp\POS59.tmp **INFECTED** Win32:MalOb-IF [Cryp]
12:40:03.683 AVAST engine scan C:\Documents and Settings\All Users
12:43:12.949 Scan finished successfully
12:44:30.668 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Drew\Desktop\MBR.dat"
12:44:30.715 The log file has been saved successfully to "C:\Documents and Settings\Drew\Desktop\aswMBR.txt"
 
View attachment MBR.zip
drewnath1 said:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-06-14 12:00:00
-----------------------------
12:00:00.543 OS Version: Windows 5.1.2600 Service Pack 3
12:00:00.543 Number of processors: 2 586 0xE08
12:00:00.543 ComputerName: OFFICE UserName: Drew
12:00:01.043 Initialize success
12:13:07.715 AVAST engine defs: 14061401
12:13:14.308 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:13:14.355 Disk 0 Vendor: ST980825AS 8.02 Size: 74881MB BusType: 3
12:13:14.355 Disk 2 \Device\Harddisk2\SR0 -> \Device\SdBus-0
12:13:14.371 Disk 2 Vendor: ( Size: 3781MB BusType: 12
12:13:14.621 Disk 0 MBR read successfully
12:13:14.621 Disk 0 MBR scan
12:13:15.996 Disk 0 Windows XP default MBR code
12:13:16.043 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
12:13:17.246 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 70064 MB offset 96390
12:13:18.215 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 143605035
12:13:18.590 Disk 0 scanning sectors +153340425
12:13:19.199 Disk 0 scanning C:\WINDOWS\system32\drivers
12:14:01.590 Service scanning
12:14:35.371 Modules scanning
12:14:43.418 Disk 0 trace - called modules:
12:14:43.449 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
12:14:43.449 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f7a030]
12:14:43.465 3 CLASSPNP.SYS[f7631fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f55940]
12:14:44.652 AVAST engine scan C:\WINDOWS
12:15:07.902 AVAST engine scan C:\WINDOWS\system32
12:19:06.543 AVAST engine scan C:\WINDOWS\system32\drivers
12:19:28.621 AVAST engine scan C:\Documents and Settings\Drew
12:23:19.371 File: C:\Documents and Settings\Drew\Application Data\Sun\Java\Deployment\cache\6.0\33\764778a1-4b8d2e90 **INFECTED** Win32:MalOb-IF [Cryp]
12:27:34.965 File: C:\Documents and Settings\Drew\Local Settings\Temp\1867A879-BAB0-7891-9B3C-3D2DC9DC6FF1\Latest\MyDeltaTB.exe **INFECTED** Win32:Adware-gen [Adw]
12:31:02.730 File: C:\Documents and Settings\Drew\Local Settings\Temp\POS58.tmp **INFECTED** Win32:MalOb-IF [Cryp]
12:31:02.996 File: C:\Documents and Settings\Drew\Local Settings\Temp\POS59.tmp **INFECTED** Win32:MalOb-IF [Cryp]
12:40:03.683 AVAST engine scan C:\Documents and Settings\All Users
12:43:12.949 Scan finished successfully
12:44:30.668 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Drew\Desktop\MBR.dat"
12:44:30.715 The log file has been saved successfully to "C:\Documents and Settings\Drew\Desktop\aswMBR.txt"
Click to expand...


This was the post from earliers recommendations.
 
Hello drewnath1,

To request assistance in this forum the FAQ includes guidelines in post #1 and instructions in post #2 on how to provide the preliminary DDS and aswMBR logs used for analysis.

http://forums.spybot.info/showthread.php?t=288

Then start a new topic providing only the logs requested, in a single post, so a volunteer analyst may advise when available. :)

Best regards.
 
Status
Not open for further replies.
Back
Top