Jump to content

musicslife77

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Im sorry it was a really busy month for me and i was just able to get a reinstallation dvd i reinstalled windows but it said it was going to keep my old files in something called windows.old (or something to that effect) is this okay?
  2. MBAM Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8309 Windows 6.0.6000 Internet Explorer 7.0.6000.17037 12/4/2011 1:20:05 PM mbam-log-2011-12-04 (13-20-00).txt Scan type: Quick scan Objects scanned: 162584 Time elapsed: 5 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} (Backdoor.Bot) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken. Registry Values Infected: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\Billy\AppData\Roaming\ahst.lni (Malware.Trace) -> No action taken. DDS . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_27 Run by Billy at 13:28:19 on 2011-12-04 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2037.815 [GMT -5:00] . . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Auslogics\AusLogics BoostSpeed\BoostSpeed.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe C:\Users\Billy\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4070809 uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local>;*.local uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\klwtbbho.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [Auslogics BoostSpeed 4] c:\program files\auslogics\auslogics boostspeed\boostspeed.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [VMM Mode Selection] c:\program files\htc\modeselection\VMMModeSelection.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2012\avp.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\common files\VistaRunApp.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ievkbd.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2012\klwtbbho.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 68.87.73.246 68.87.71.230 TCP: Interfaces\{5313D471-72ED-4A3F-B9A3-C19BFD6D9B30} : DhcpNameServer = 68.87.73.246 68.87.71.230 TCP: Interfaces\{AF49AD8C-0C8D-4072-9AE4-E6B28E16D22F} : DhcpNameServer = 192.168.1.1 71.252.0.12 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://gamebox.my-quick-search.com/?hp=df FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q= FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\ff4\kavlinkfilter4.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\ff5\kavlinkfilter5.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\ff6\kavlinkfilter6.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\ff7\kavlinkfilter7.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\ff8\kavlinkfilter8.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ff4\ffvkplugin4.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ff5\ffvkplugin5.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ff6\ffvkplugin6.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ff7\ffvkplugin7.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ff8\ffvkplugin8.dll FF - component: c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualkeyboard@kaspersky.ru\components\ffvkplugin.dll FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{52794457-af6c-4c50-9def-f2e24f4c8889}\components\dtTransparency.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{52794457-af6c-4c50-9def-f2e24f4c8889}\components\dtTransparency3.5.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{52794457-af6c-4c50-9def-f2e24f4c8889}\components\dtTransparency3.6.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll FF - component: c:\users\billy\appdata\roaming\mozilla\firefox\profiles\24xsnhsx.default\extensions\gamebox@toolbar\components\toolbarhomewmp.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\users\billy\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru_bak2 - c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2 FF - Ext: Ant Video Downloader: anttoolbar@ant.com - %profile%\extensions\anttoolbar@ant.com FF - Ext: GameBox: gamebox@toolbar - %profile%\extensions\gamebox@toolbar FF - Ext: NetVideoHunter: netvideohunter@netvideohunter.com - %profile%\extensions\netvideohunter@netvideohunter.com FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: WhiteSmokeToolbar: {52794457-af6c-4c50-9def-f2e24f4c8889} - %profile%\extensions\{52794457-af6c-4c50-9def-f2e24f4c8889} FF - Ext: Media Converter: {6e764c17-863a-450f-bdd0-6772bd5aaa18} - %profile%\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18} FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Kaspersky Virtual Keyboard: virtualKeyboard@kaspersky.ru - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\virtualKeyboard@kaspersky.ru FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\kaspersky lab\kaspersky anti-virus 2012\ffext\linkfilter@kaspersky.ru . ============= SERVICES / DRIVERS =============== . R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2007-8-27 21728] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2011-3-10 23856] R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2012\avp.exe [2011-4-24 202296] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-10-23 366152] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-11-29 24652] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2008-10-23 22216] R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2007-2-9 213216] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-8-8 30192] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] . =============== Created Last 30 ================ . 2011-12-04 18:00:44 644368 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll 2011-11-23 01:02:40 -------- d-sh--w- C:\$RECYCLE.BIN 2011-11-23 01:02:37 -------- d-----w- c:\users\billy\appdata\local\temp 2011-11-23 00:30:04 98816 ----a-w- c:\windows\sed.exe 2011-11-23 00:30:04 518144 ----a-w- c:\windows\SWREG.exe 2011-11-23 00:30:04 256000 ----a-w- c:\windows\PEV.exe 2011-11-23 00:30:04 208896 ----a-w- c:\windows\MBR.exe 2011-11-23 00:29:55 -------- d-----w- C:\ComboFix 2011-11-22 04:20:37 -------- d-----w- c:\users\billy\appdata\roaming\ZwkIVrlONx0c1b3 2011-11-22 04:20:37 -------- d-----w- c:\users\billy\appdata\roaming\jnG4amH6sJfLg 2011-11-22 04:07:25 -------- d-----w- c:\users\billy\appdata\roaming\Ov2obF3pm5Q6W8R 2011-11-22 04:07:25 -------- d-----w- c:\users\billy\appdata\roaming\AhTXqjUCeIrOyAu 2011-11-22 04:05:16 97961 ----a-w- c:\windows\system32\drivers\klick.dat 2011-11-22 04:05:16 115369 ----a-w- c:\windows\system32\drivers\klin.dat 2011-11-22 04:05:12 147856 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2\components\kavlinkfilter.dll 2011-11-22 04:02:19 -------- d-----w- c:\program files\Kaspersky Lab 2011-11-22 04:02:18 -------- d-----w- c:\programdata\Kaspersky Lab 2011-11-22 03:39:42 -------- d-----w- c:\users\billy\appdata\roaming\LnG4amH6sJfLZj 2011-11-22 03:39:42 -------- d-----w- c:\users\billy\appdata\roaming\JrlONxP0uSb3n4m 2011-11-21 15:14:10 -------- d-----w- c:\users\billy\appdata\roaming\06F14 2011-11-21 15:13:40 -------- d-----w- c:\users\billy\appdata\roaming\dFF44pmmHsQJ7E8 2011-11-21 15:13:39 -------- d-----w- c:\users\billy\appdata\roaming\pyyycAA1ivDo 2011-11-21 15:13:36 -------- d-----w- c:\users\billy\appdata\roaming\68F06 2011-11-21 15:13:30 -------- d-----w- c:\users\billy\appdata\roaming\wEK9hYwUVltzNyA 2011-11-21 15:13:28 -------- d-----w- c:\users\billy\appdata\roaming\ZnnGG4aaQ 2011-11-21 15:13:28 -------- d-----w- c:\users\billy\appdata\roaming\xYYYCwkkVrONP0c . ==================== Find3M ==================== . 2007-01-06 12:09:26 208896 ----a-w- c:\program files\common files\VistaRunApp.exe . ============= FINISH: 13:28:55.89 ===============
  3. well my anti virus software ran out and i didnt really think much of it (fatal mistake i know now) and i ended up with a few viruses and trojans it was able to clean everything up with a program downloaded for temporary use to try and save my pc, however, it is unable to remove one and the only option is to ignore it the file name is rootkit.win32.zaccess.k i tried following this forum but i am unsure of what to do after running the combofix because that didnt seem to help. I could really use your guys expertise on this. please help! thank you very much
  4. well my anti virus software ran out and i didnt really think much of it (fatal mistake i know now) and i ended up with a few viruses and trojans i was able to clean everything up with kaspersky (i downloaded it for temporary use to try and save my pc)however it is unable to remove one and the only option is to ignore it the file name is rootkit.win32.zaccess.k i tried following thisforum but i am unsure of what to do after running the combofix because that didnt seem to help. I could really use your guys expertise on this. please help! thank you very much
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.