Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by empire1012

  1. I could use some assistance. I have ran MalwareBytes multiple times from safemode on my computer and this same virus keeps reappearing. thanks in advance for any help. Below are the mbam, Attach.txt and DDS.txt Here is the mbam log: Malwarebytes Anti-Malware www.malwarebytes.org Database version: v2012.09.24.09 Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 Madrid :: MADRID-PC [administrator] 9/24/2012 12:40:33 PM mbam-log-2012-09-24 (12-40-33).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File
  2. Just sent a token of my appreciation. Thanks again for your help.
  3. Everything is running great now! Thanks, MrCharlie!!! Malwarebytes Anti-Malware www.malwarebytes.org Database version: v2012.08.09.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 PhilR :: KIHEI [administrator] 8/9/2012 9:59:23 AM mbam-log-2012-08-09 (09-59-23).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 268152 Time elapsed: 1 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modul
  4. Here are the results of the ComboFix.txt: ComboFix 12-08-09.01 - PhilR 08/09/2012 9:46.2.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8073.6435 [GMT -10:00] Running from: c:\users\PhilR\Desktop\ComboFix.exe AV: AVG Internet Security Network Edition *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security Network Edition *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-09 to 2012-08-09 )))))))))))))
  5. Fixlog.txt results: Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 08-08-2012 02 Ran by SYSTEM at 2012-08-09 09:18:39 Run:1 Running from F:\ ============================================== C:\Windows\Installer\{b84a1084-4e70-1310-1954-64390743a0ea} moved successfully. ==== End of Fixlog ====
  6. Here are the results of the FRST.txt and search.txt: FRST.txt Scan result of Farbar Recovery Scan Tool Version: 08-08-2012 02 Ran by SYSTEM at 09-08-2012 08:49:03 Running from F:\ Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2010-10-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-04-12] (Intel Corporation) HKLM\...\Run: [HotKeysCm
  7. Thanks for the quick response, MrCharlie. Here are the results: RogueKiller V7.6.5 [08/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: PhilR [Admin rights] Mode: Scan -- Date: 08/08/2012 17:27:42 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 5 ¤¤¤ [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKCU\[...
  8. I just read that I should have posted the contents of the logs instead of attaching then... so sorry and here they are: Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/29/2011 9:20:35 PM System Uptime: 8/8/2012 3:08:25 PM (1 hours ago) . Motherboard: Dell Inc. | | 06D7TR Processor: Intel® Core i5-2400 CPU @ 3.10GHz | CPU 1 | 3101/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total,
  9. I have been infected with the Trojan.Dropper.BCMiner virus on my work computer. It happened a couple of weeks ago and I have noticed IE redirecting after the infection. I ran MalwareBytes from safe mode but the virus was not successfully cleaned. I have been reading about this virus and it seems that it may not be an easy one to get rid of yet. I have attached the DDS, Attach and mbam logs and would really appreciate any help with this issue. Thanks in advance. Attach.txt DDS.txt mbam-log-2012-08-08 (16-23-20).txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.