Jump to content

seafoodhouse

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. My computer is infected with a PUP.BitMiner that I cannot delete and trojans that keep re-appearing after removal. This is the latest log I have. Could someone please help me remove these once and for all. Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.03.05 Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) Internet Explorer 8.0.7601.17514 Elly :: OFFICEELLYPC [administrator] 4/01/2012 10:54:55 AM mbam-log-2012-01-04 (10-54-55).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 449517 Time elapsed: 34 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{64354801-E9AA-80A1-369C-D5CCCFA49AF5} (Trojan.Downloader.BH) -> Data: C:\Users\Elly\AppData\Roaming\Epabka\seyw.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 168 C:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> No action taken. C:\Users\Elly\AppData\Roaming\Epabka\seyw.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\ProgramData\7Ds4AYfW.exe (Trojan.Email) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ilot.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\odofca.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\peem.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ususk.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wimes.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Datapel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wyexf.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Elly\AppData\Roaming\Almaho\ygyvs.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Elly\AppData\Roaming\Gake\noely.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Users\Elly\AppData\Roaming\Moqoa\qyte.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Elly\AppData\Roaming\Owasw\hihyt.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\imbabe.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\miefp.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nuyvi.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\oneloc.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taad.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\yhhef.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Biasev\egko.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Hyagys\ruziz.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dakyx.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eveswa.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iramy.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully. C:\Users\SW\AppData\Roaming\Oxdoyb\zedye.exe (Malware.Packer) -> Quarantined and deleted successfully. C:\Windows\System32\12520437t.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\12520850q.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\aacliente.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\accessibilitycpll.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acleditd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acleditk.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acleditn.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acleditt.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acledittr.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acledittrl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acledittrlc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acluic.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acluiu.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acluiuq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acluiur.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acppagek.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acppageka.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acppagekn.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\acppagekny.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLfb.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLfbo.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLfd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLlv.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLqb.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterCPLqbf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\ActionCenterx.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsa.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsir.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsirf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\activedsp.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdapterTroubleshooterg.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdapterTroubleshootergm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\admparsek.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\admparsekh.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\admparsex.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmpla.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplag.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplagc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplagt.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplco.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplcox.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmplcq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\AdmTmpln.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpce.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpcm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpib.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpibi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpibin.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpibix.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsldpibl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsmsextf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adsmsexty.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adtschemaq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\adtschemas.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\advapi32o.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\advpackc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\aecachei.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\aeevtsd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\aeevtsw.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\api-ms-win-core-console-l1-1-0k.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0d.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\System32\obJD0QVl.com (Trojan.Email) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\admparsekhd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\12520437t.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\12520850q.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\aacliente.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\accessibilitycpll.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acleditd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acleditk.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acleditn.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acleditt.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acledittr.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acledittrl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acledittrlc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acluic.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acluiu.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acluiuq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acluiur.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acppagek.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acppageka.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acppagekn.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\acppagekny.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLfb.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLfbo.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLfd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLlv.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLqb.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterCPLqbf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\ActionCenterx.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsa.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsir.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsirf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\activedsp.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdapterTroubleshooterg.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdapterTroubleshootergm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\admparsek.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\admparsekh.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\admparsex.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmpla.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplag.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplagc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplagt.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplco.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplcox.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmplcq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdmTmpln.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpce.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpcm.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpib.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpibi.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpibin.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpibix.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsldpibl.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsmsextf.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adsmsexty.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adtschemaq.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\adtschemas.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\advapi32o.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\advpackc.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\aecachei.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\aeevtsd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\aeevtsw.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0k.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0d.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\obJD0QVl.com (Trojan.Email) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\config\systemprofile\AppData\Local\admparsekhd.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. C:\Windows\Temp\vcerpg\setup.exe (Trojan.Agent.BH) -> Quarantined and deleted successfully. (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.