dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
17
share rss forum feed


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to vzDE

Re: Spamming issue - Logs Included

I see MBAM did its usual excellent job. Yuk, what a mess.

I want to check for rootkits before we go any further. It's more of an exploratory run rather than looking for anything specific.

Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found.

You find link(s) and instructions here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum

vzDE

join:2006-11-23
Newark, DE

1 edit
Thanks for the help. Went over to the in-law's house today, disabled Avast and Windows Defender and ran Sophos as admin with internet unplugged.
Only one file popped up in the upper panel but it wasn't readily identified and no deletion was recommended. Thus, no reboot occured automatically but I did reboot manually before copying the Sophos log.

Sophos log

Sophos Anti-Rootkit Version 1.5.20 (c) 2009 Sophos Plc
Started logging on 6/5/2012 at 10:39:08 AM
User "Ron" on computer "RON-PC"
Windows version 6.0 SP 2.0 Service Pack 2 build 6002 SM=0x300 PT=0x1 Win32
Info: Starting process scan.
Info: Starting registry scan.
Info: Starting disk scan of C: (NTFS).
Hidden: file C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QWS2XLTM\r3ap1n.ver.5.app.3ie33cpgj6dhi.ver.46.app.62dhh6thj8cb3.ver.31.app.66c9i6pj32d33.ver.17.app.68ohh6com6c1h.ver.8.app.6ae32cgp68pb6.ver.19.app.6cdj26sq3cdb6.ver[1].8
Info: Starting disk scan of D: (NTFS).
Info: Starting disk scan of J: (FAT).
Stopped logging on 6/5/2012 at 11:22:33 AM

My brother-in-law states PC seems to be running much better since my running the pre-required tests recommended at start of forum. No further instances of spam being sent.

Will await your reply and once again thanks.