Jump to content

ravejaramillo

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Results of screen317's Security Check version 0.99.49 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 20 Java 6 Update 24 Java 6 Update 31 Java version out of Date! Adobe Reader X 10.1.2 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome 20.0.1132.57 Google Chrome 21.0.1180.83 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  2. I scanned the computer using Norton and MBAM and it's free! :-) thank you so much!!!! I already left you a tip in your paypal account.
  3. RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Alison [Admin rights] Mode : Scan -- Date : 09/01/2012 19:23:23 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][sUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEVT-60A23T0 +++++ --- User --- [MBR] 0476df6d55c4890a3a272b84c0ff7d33 [bSP] fa31e8539406d376278507ad2200c4ac : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 291043 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 596465664 | Size: 13898 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Generic Flash Disk USB Device +++++ --- User --- [MBR] 031a0a0c02d84775757ddb8337d86212 [bSP] 88b592da49c22c4bbb00f2275be3c2a5 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 496 | Size: 974 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  4. Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.09.01.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Alison :: MONOCEROS [administrator] Protection: Disabled 9/1/2012 3:47:09 PM mbam-log-2012-09-01 (18-27-03).txt Scan type: Full scan (C:\|D:\|F:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 363506 Time elapsed: 1 hour(s), 23 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\FRST\Quarantine\services.exe (Rootkit.0Access) -> No action taken. C:\Users\Alison\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> No action taken. (end) I did hit the button REMOVE SELECTED. So I'm assuming that these two files were deleted.
  5. I'm running MBAM now but my Norton Internet Security is saying that Trojan.ZeroAccess!inf4 requires manual removal. I'll post the report from MBAM when it is completed. Thanks.
  6. I'm using a wireless router provided by my ISP. Is there anything else I need to worry about? I don't store or keep any important files or account information on my computer. I was planning on upgrading my HD anyways so I will probably swap out the drive next weekend.
  7. Fixlog attached. Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 31-08-2012 Ran by SYSTEM at 2012-09-01 13:30:47 Run:1 Running from H:\ ============================================== C:\Windows\assembly\GAC_32\Desktop.ini moved successfully. C:\Windows\assembly\GAC_64\Desktop.ini moved successfully. C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe ==== End of Fixlog ==== Fixlog.txt
  8. Scan result of Farbar Recovery Scan Tool Version: 31-08-2012 Ran by SYSTEM at 30-08-2012 19:29:58 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated) HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-01-20] (IDT, Inc.) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [2621440 2010-06-10] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation) HKU\Alison\...\Run: [Google Update] "C:\Users\Alison\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-24] (Google Inc.) HKU\Alison\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17355912 2012-05-03] (Skype Technologies S.A.) HKU\Alison\...\Run: [AdobeBridge] [x] Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25 Startup: C:\Users\All Users\Start Menu\Programs\Startup\Audible Download Manager.lnk ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) ==================== Services (Whitelisted) ====== 2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-04-21] (Intel® Corporation) 3 GSService; "C:\Windows\SysWOW64\GSService.exe" [466432 2011-12-19] () 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation) 2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation) 3 SMServer; "C:\Windows\SysWOW64\snmvtsvc.exe" [244736 2011-12-19] (SMServer) ==================== Drivers (Whitelisted) =================== 1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120823.007\BHDrvx64.sys [1161376 2012-06-18] (Symantec Corporation) 1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-27] (Symantec Corporation) 3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-27] (Symantec Corporation) 1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120829.001\IDSvia64.sys [512672 2012-08-25] (Symantec Corporation) 3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation) 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120829.018\ENG64.SYS [125600 2012-08-27] (Symantec Corporation) 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120829.018\EX64.SYS [2084000 2012-08-27] (Symantec Corporation) 3 rsvcdwdr; C:\Windows\System32\Drivers\rsvcdwdr.sys [45160 2012-01-03] (RapidSolution Software AG) 3 SndTAudio; C:\Windows\System32\Drivers\SndTAudio.sys [34040 2011-12-19] (Windows ® Win 7 DDK provider) 1 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation) 1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation) 0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation) 0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation) 3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-07-06] (Symantec Corporation) 1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation) 1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation) 0 ntcdrdrv; C:\Windows\System32\DRIVERS\ntcdrdrv.sys [x] ==================== NetSvcs (Whitelisted) ================= ==================== One Month Created Files and Folders ====================== 2012-08-30 19:29 - 2012-08-30 19:29 - 00000000 ____D C:\FRST 2012-08-29 19:15 - 2012-08-29 19:15 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-29 19:14 - 2012-08-29 19:14 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Alison\Downloads\mbam-setup-1.62.0.1300.exe 2012-08-29 19:06 - 2012-08-29 19:06 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys 2012-08-29 17:57 - 2012-08-29 17:57 - 04731392 ____A (AVAST Software) C:\Users\Alison\Downloads\aswMBR.exe 2012-08-29 17:57 - 2012-08-29 17:57 - 01805736 ____A (Symantec Corporation) C:\Users\Alison\Downloads\FixZeroAccess.exe 2012-08-27 18:36 - 2012-08-27 18:36 - 01448001 ____A (Farbar) C:\Users\Alison\Desktop\FRST64.exe 2012-08-26 21:12 - 2012-08-26 21:12 - 00003416 ____N C:\bootsqm.dat 2012-08-26 21:11 - 2012-08-26 21:11 - 00000000 __SHD C:\found.000 2012-08-26 20:09 - 2012-08-27 15:56 - 00000000 ____D C:\Users\Alison\AppData\Local\NPE 2012-08-26 19:41 - 2012-08-26 19:41 - 00000000 ____D C:\Users\Alison\AppData\Roaming\Tific 2012-08-26 19:41 - 2012-08-26 19:41 - 00000000 ____D C:\Users\Alison\AppData\Local\Symantec 2012-08-26 19:37 - 2012-08-26 19:37 - 00000604 ____A C:\Users\Alison\Desktop\dior hat.txt 2012-08-25 21:30 - 2012-08-25 21:30 - 00042408 ____A C:\Users\Alison\Downloads\post-to-multiple-facebook-wall.zip 2012-08-25 20:38 - 2012-08-25 20:38 - 28160450 ____A C:\Users\Alison\Downloads\B0000992-Recovered.psd 2012-08-25 20:38 - 2012-08-25 20:38 - 10150935 ____A C:\Users\Alison\Downloads\B0000061-Recovered.psd 2012-08-25 20:38 - 2012-08-25 20:38 - 05877762 ____A C:\Users\Alison\Downloads\Buster edited-Recovered.psd 2012-08-25 20:37 - 2012-08-25 20:37 - 22647311 ____A C:\Users\Alison\Downloads\DSC_4661-Recovered.psd 2012-08-23 17:18 - 2012-08-26 19:32 - 00000000 ____D C:\Users\All Users\firebird 2012-08-23 17:17 - 2012-08-23 17:17 - 00000000 ____D C:\Users\All Users\cladgenius.com 2012-08-23 17:16 - 2012-08-23 17:16 - 00000000 ____D C:\Windows\XSxS 2012-08-23 17:16 - 2012-08-23 17:16 - 00000000 ____D C:\Program Files (x86)\Xenocode 2012-08-23 17:15 - 2012-08-27 18:47 - 00000000 ____D C:\Program Files (x86)\CLADGenius 2012-08-19 18:42 - 2012-08-19 18:42 - 02536639 ____A C:\Users\Alison\Downloads\SC_CUBracketShapes.zip 2012-08-18 22:27 - 2012-08-18 22:27 - 01687640 ____A C:\Users\Alison\Downloads\Banner_Brushes_No_17_by_mutsie.zip 2012-08-18 22:26 - 2012-08-18 22:26 - 00260533 ____A C:\Users\Alison\Downloads\Vintage_Parisian_ad_brushes_by_euphoric_acid.zip 2012-08-18 21:49 - 2012-08-27 18:47 - 00000000 ____D C:\Users\Alison\Downloads\JournalFrame_by_ScrappinCop 2012-08-18 21:48 - 2012-08-18 21:48 - 00941619 ____A C:\Users\Alison\Downloads\Brushset_12__Border__n__Frames_by_Ruthenia_Alba.rar 2012-08-18 19:53 - 2012-08-18 19:53 - 01585823 ____A C:\Users\Alison\Downloads\picture-frames-2.zip 2012-08-18 19:53 - 2012-08-18 19:53 - 01585823 ____A C:\Users\Alison\Downloads\picture-frames-2 (1).zip 2012-08-18 19:51 - 2012-08-18 19:51 - 21326967 ____A C:\Users\Alison\Downloads\385-grunge-vector-line-brushset-1.rar 2012-08-18 19:51 - 2012-08-18 19:51 - 02624509 ____A C:\Users\Alison\Downloads\sample_file_destroy_arrows_banners_shield_and_frames_vector_and_photoshop_brush_39263.zip 2012-08-18 19:50 - 2012-08-18 19:50 - 00761930 ____A C:\Users\Alison\Downloads\vector_brush_40140.zip 2012-08-18 14:33 - 2012-08-18 18:45 - 00000000 ____D C:\Users\Alison\Desktop\pics from st paws 2012-08-17 22:01 - 2012-08-17 22:01 - 07838143 ____A C:\Users\Alison\Downloads\Picture_Framing_Mats_PSD_675_pixels_.zip 2012-08-17 21:53 - 2012-08-17 21:53 - 05040086 ____A C:\Users\Alison\Downloads\470-wg_free_faded_splatters.zip 2012-08-17 21:53 - 2012-08-17 21:53 - 00826320 ____A C:\Users\Alison\Downloads\ribbons.rar 2012-08-15 20:20 - 2012-08-15 20:20 - 00011597 ____A C:\Users\Alison\Downloads\k9logo.jpeg 2012-08-11 11:41 - 2012-08-11 11:41 - 00016963 ____A C:\Users\Alison\Downloads\Your review helped another customer shop for 'Oggi Splatter Guard with Folding...'.html 2012-08-10 21:20 - 2012-08-10 21:20 - 00577254 ____A C:\Users\Alison\Downloads\4.bmp 2012-08-10 21:19 - 2012-08-10 21:19 - 00577254 ____A C:\Users\Alison\Downloads\3.bmp 2012-08-10 21:17 - 2012-08-10 21:17 - 00577254 ____A C:\Users\Alison\Downloads\2.bmp 2012-08-10 21:17 - 2012-08-10 21:17 - 00577254 ____A C:\Users\Alison\Downloads\1.bmp 2012-08-10 21:15 - 2012-08-10 21:15 - 00577254 ____A C:\Users\Alison\Downloads\angel.bmp 2012-08-04 15:23 - 2012-08-04 15:23 - 00017066 ____A C:\Users\Alison\Downloads\Your review helped another customer shop for 'Solvit Sta-Put Deluxe Hammock Pet...'.html ==================== 3 Months Modified Files ================================ 2012-08-30 17:25 - 2011-08-26 18:41 - 00196608 ____A C:\Windows\System32\Ikeext.etl 2012-08-30 17:25 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-08-30 17:25 - 2009-07-13 20:51 - 00074207 ____A C:\Windows\setupact.log 2012-08-30 17:24 - 2011-05-10 00:51 - 01861540 ____A C:\Windows\WindowsUpdate.log 2012-08-30 17:20 - 2011-08-24 08:47 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3725757869-3112173875-1006648273-1004UA.job 2012-08-30 17:20 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-08-30 17:20 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-08-30 17:13 - 2011-09-11 10:00 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-08-29 20:29 - 2011-08-23 11:39 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3725757869-3112173875-1006648273-1000UA.job 2012-08-29 20:28 - 2011-08-23 11:39 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3725757869-3112173875-1006648273-1000Core.job 2012-08-29 20:11 - 2010-11-20 19:47 - 00562254 ____A C:\Windows\PFRO.log 2012-08-29 19:54 - 2011-09-11 10:00 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-08-29 19:15 - 2012-08-29 19:15 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-29 19:14 - 2012-08-29 19:14 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Alison\Downloads\mbam-setup-1.62.0.1300.exe 2012-08-29 19:06 - 2012-08-29 19:06 - 00027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys 2012-08-29 17:57 - 2012-08-29 17:57 - 04731392 ____A (AVAST Software) C:\Users\Alison\Downloads\aswMBR.exe 2012-08-29 17:57 - 2012-08-29 17:57 - 01805736 ____A (Symantec Corporation) C:\Users\Alison\Downloads\FixZeroAccess.exe 2012-08-27 19:13 - 2011-08-26 10:17 - 00000336 ____A C:\Windows\Tasks\HPCeeScheduleForAlison.job 2012-08-27 18:42 - 2009-07-13 21:13 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-27 18:36 - 2012-08-27 18:36 - 01448001 ____A (Farbar) C:\Users\Alison\Desktop\FRST64.exe 2012-08-27 17:45 - 2011-08-24 08:48 - 00002459 ____A C:\Users\Alison\Desktop\chrome.lnk 2012-08-26 21:12 - 2012-08-26 21:12 - 00003416 ____N C:\bootsqm.dat 2012-08-26 19:37 - 2012-08-26 19:37 - 00000604 ____A C:\Users\Alison\Desktop\dior hat.txt 2012-08-25 21:30 - 2012-08-25 21:30 - 00042408 ____A C:\Users\Alison\Downloads\post-to-multiple-facebook-wall.zip 2012-08-25 20:38 - 2012-08-25 20:38 - 28160450 ____A C:\Users\Alison\Downloads\B0000992-Recovered.psd 2012-08-25 20:38 - 2012-08-25 20:38 - 10150935 ____A C:\Users\Alison\Downloads\B0000061-Recovered.psd 2012-08-25 20:38 - 2012-08-25 20:38 - 05877762 ____A C:\Users\Alison\Downloads\Buster edited-Recovered.psd 2012-08-25 20:37 - 2012-08-25 20:37 - 22647311 ____A C:\Users\Alison\Downloads\DSC_4661-Recovered.psd 2012-08-19 18:42 - 2012-08-19 18:42 - 02536639 ____A C:\Users\Alison\Downloads\SC_CUBracketShapes.zip 2012-08-18 22:27 - 2012-08-18 22:27 - 01687640 ____A C:\Users\Alison\Downloads\Banner_Brushes_No_17_by_mutsie.zip 2012-08-18 22:26 - 2012-08-18 22:26 - 00260533 ____A C:\Users\Alison\Downloads\Vintage_Parisian_ad_brushes_by_euphoric_acid.zip 2012-08-18 21:48 - 2012-08-18 21:48 - 00941619 ____A C:\Users\Alison\Downloads\Brushset_12__Border__n__Frames_by_Ruthenia_Alba.rar 2012-08-18 19:53 - 2012-08-18 19:53 - 01585823 ____A C:\Users\Alison\Downloads\picture-frames-2.zip 2012-08-18 19:53 - 2012-08-18 19:53 - 01585823 ____A C:\Users\Alison\Downloads\picture-frames-2 (1).zip 2012-08-18 19:51 - 2012-08-18 19:51 - 21326967 ____A C:\Users\Alison\Downloads\385-grunge-vector-line-brushset-1.rar 2012-08-18 19:51 - 2012-08-18 19:51 - 02624509 ____A C:\Users\Alison\Downloads\sample_file_destroy_arrows_banners_shield_and_frames_vector_and_photoshop_brush_39263.zip 2012-08-18 19:50 - 2012-08-18 19:50 - 00761930 ____A C:\Users\Alison\Downloads\vector_brush_40140.zip 2012-08-17 22:01 - 2012-08-17 22:01 - 07838143 ____A C:\Users\Alison\Downloads\Picture_Framing_Mats_PSD_675_pixels_.zip 2012-08-17 21:53 - 2012-08-17 21:53 - 05040086 ____A C:\Users\Alison\Downloads\470-wg_free_faded_splatters.zip 2012-08-17 21:53 - 2012-08-17 21:53 - 00826320 ____A C:\Users\Alison\Downloads\ribbons.rar 2012-08-15 20:20 - 2012-08-15 20:20 - 00011597 ____A C:\Users\Alison\Downloads\k9logo.jpeg 2012-08-11 11:41 - 2012-08-11 11:41 - 00016963 ____A C:\Users\Alison\Downloads\Your review helped another customer shop for 'Oggi Splatter Guard with Folding...'.html 2012-08-10 21:20 - 2012-08-10 21:20 - 00577254 ____A C:\Users\Alison\Downloads\4.bmp 2012-08-10 21:19 - 2012-08-10 21:19 - 00577254 ____A C:\Users\Alison\Downloads\3.bmp 2012-08-10 21:17 - 2012-08-10 21:17 - 00577254 ____A C:\Users\Alison\Downloads\2.bmp 2012-08-10 21:17 - 2012-08-10 21:17 - 00577254 ____A C:\Users\Alison\Downloads\1.bmp 2012-08-10 21:15 - 2012-08-10 21:15 - 00577254 ____A C:\Users\Alison\Downloads\angel.bmp 2012-08-04 15:23 - 2012-08-04 15:23 - 00017066 ____A C:\Users\Alison\Downloads\Your review helped another customer shop for 'Solvit Sta-Put Deluxe Hammock Pet...'.html 2012-07-29 10:46 - 2012-07-16 15:00 - 00000492 ____A C:\Users\Alison\Desktop\1.txt 2012-07-28 19:03 - 2012-07-28 19:03 - 01656459 ____A C:\Users\Alison\Downloads\winrar-x64-420.exe 2012-07-28 18:56 - 2012-07-28 18:56 - 00895376 ____A (BitTorrent, Inc.) C:\Users\Alison\Downloads\uTorrent.exe 2012-07-28 09:20 - 2011-08-24 08:47 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3725757869-3112173875-1006648273-1004Core.job 2012-07-27 11:53 - 2011-11-10 19:15 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt 2012-07-27 11:53 - 2011-07-07 08:34 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log 2012-07-24 10:48 - 2012-07-24 10:48 - 03367672 ____A C:\Users\Alison\Downloads\gluk_znikomit.zip 2012-07-24 10:48 - 2012-07-24 10:48 - 00335947 ____A C:\Users\Alison\Downloads\4th-february_web-serveroff.zip 2012-07-24 10:48 - 2012-07-24 10:48 - 00013828 ____A C:\Users\Alison\Downloads\aaargh.zip 2012-07-24 10:48 - 2012-07-24 10:48 - 00007975 ____A C:\Users\Alison\Downloads\arro_penna.zip 2012-07-20 13:18 - 2012-07-20 13:18 - 00000139 ____A C:\Users\Alison\Desktop\info.txt 2012-07-17 18:14 - 2012-07-17 17:51 - 00000132 ____A C:\Users\Alison\AppData\Roaming\Adobe BMP Format CS6 Prefs 2012-07-16 15:22 - 2012-07-16 15:22 - 00002104 ____A C:\Users\Public\Desktop\Brother Creative Center.lnk 2012-07-16 15:10 - 2011-08-23 13:36 - 00000012 ____A C:\Windows\BRVIDEO.INI 2012-07-16 15:10 - 2011-08-23 13:35 - 00000260 ____A C:\Windows\Brownie.ini 2012-07-16 15:04 - 2009-07-13 20:45 - 05035320 ____A C:\Windows\System32\FNTCACHE.DAT 2012-07-03 11:46 - 2011-07-06 11:39 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-06-28 17:33 - 2011-08-24 08:42 - 00108840 ____A C:\Users\Alison\AppData\Local\GDIPFONTCACHEV1.DAT 2012-06-27 21:17 - 2012-06-27 21:17 - 00001031 ____A C:\Users\Public\Desktop\Adobe Download Assistant.lnk 2012-06-20 08:01 - 2011-04-21 15:50 - 00000580 ____A C:\Windows\DirectX.log 2012-06-14 09:27 - 2011-05-10 00:51 - 00024372 ____A C:\Windows\System32\RaCoInst.log 2012-06-12 19:42 - 2012-02-17 00:08 - 00002480 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk 2012-06-02 14:19 - 2012-06-18 16:26 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-06-18 16:26 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-06-18 16:26 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-06-18 16:26 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-06-18 16:26 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:15 - 2012-06-18 16:26 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:15 - 2012-06-18 16:26 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 13:19 - 2012-06-18 16:25 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 13:15 - 2012-06-18 16:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!. C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-07-27 07:52:07 Restore point made on: 2012-07-27 11:52:04 Restore point made on: 2012-07-28 19:15:32 ==================== Memory info =========================== Percentage of memory in use: 10% Total physical RAM: 8139.86 MB Available physical RAM: 7246.41 MB Total Pagefile: 8138.01 MB Available Pagefile: 7240.04 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================ 1 Drive c: () (Fixed) (Total:284.22 GB) (Free:178.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive e: (RECOVERY) (Fixed) (Total:13.57 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from reading drive)] 3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32 5 Drive h: () (Removable) (Total:0.95 GB) (Free:0.94 GB) FAT 6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 0 B Disk 1 Online 1005 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 199 MB 1024 KB Partition 2 Primary 284 GB 200 MB Partition 3 Primary 13 GB 284 GB Partition 4 Primary 103 MB 297 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 284 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E RECOVERY NTFS Partition 13 GB Healthy ================================================================================== Disk: 0 Partition 4 Type : 0C Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy ================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 974 MB 248 KB ================================================================================== Disk: 1 Partition 1 Type : 06 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 H FAT Removable 974 MB Healthy ================================================================================== Last Boot: 2012-07-17 13:57 ==================== End Of Log ============================= SEARCH.TXT Farbar Recovery Scan Tool Version: 31-08-2012 Ran by SYSTEM at 2012-08-31 19:42:49 Running from H:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC ====== End Of Search ======
  9. Thank you for the quick reply. After I get this virus off, I will probably reformat my hard drive anyways but I don't have the time to do it til Monday or next weekend. i really appreciate your help. I already have these log files as this was where another virus trouncer on the Norton forums had me do. Search.txt FRST.txt
  10. Hi, I've been trying to find help with this. I need to use my computer for some work for some non-profits this weekend. I have Norton and have ran Malware Bytes Anti Malware. I've run the Norton Power Eraser and ZeroAcess fix and it's still there. I have multiple infected files and viruses. Zeroaccess2, Zeroaccess3, Zeroaccess, Trojan.gen.2 with desktop.ini Any assistance would be very appreciate. Thanks! Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.