Jump to content

NarrowMeade

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by NarrowMeade

  1. Done. I think it is clean now. Nothing alerting. Browsers still hanging. Yet there are a lot of windows updates now. Assuming it wasn't accepting Windows updates during infection time.
  2. As of now MSE functioning yet browser still seems to hang when commands, clicks, or URLs are entered. Both Firefox and Chrome. mbar-log-2012-12-01 (19-10-07).txt system-log.txt JRT.txt AdwCleanerS1.txt
  3. Uninstalled MSE and reinstalled. Seems to be working now. Also DLing all updates for Windows.
  4. Restarted and Firefox started now. Microsoft Security Essentials is still NOT functioning . Error code: 0x80070424 I forgot to mention this from the start. Logs below. Fixlog.txt combofixlog.txt
  5. Here it is. Thank you. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2012 (ATTENTION: FRST version is 8 days old) Ran by SYSTEM at 01-12-2012 10:17:23 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [] [x] HKLM\...\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [8312352 2009-11-02] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x] HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x] HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x] HKLM\...\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x] HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x] HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [x] HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [x] HKLM\...\Run: [ThpSrv] "C:\windows\system32\thpsrv" /logon [x] HKLM\...\Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [709976 2009-11-05] (TOSHIBA Corporation) HKLM\...\Run: [HDMICtrlMan] %ProgramFiles%\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [x] HKLM\...\Run: [smartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x] HKLM\...\Run: [TosVolRegulator] "C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [x] HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [x] HKLM\...\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1931024 2010-07-19] (Intel® Corporation) HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation) HKLM-x32\...\Run: [TUSBSleepChargeSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [x] HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-07-12] () HKLM-x32\...\Run: [iAStorIcon] "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [284696 2009-10-02] (Intel Corporation) HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1295736 2011-02-11] (TOSHIBA Corporation) HKLM-x32\...\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2454840 2009-11-21] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] () HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.) HKU\Micah L Mathis\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-01] (Google Inc.) HKU\Micah L Mathis\...\Run: [Google Update] "C:\Users\Micah L Mathis\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-12] (Google Inc.) HKU\Micah L Mathis\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{91CEC3AD-FAD1-47E8-9225-72EC3A31E65A}: [NameServer]0.0.0.0 Startup: C:\Users\Default\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) Startup: C:\Users\Default User\Start Menu\Programs\Startup\Best Buy Software Installer.lnk ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (Best Buy®) ==================== Services (Whitelisted) =================== 2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation) 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation) 3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-07-19] () 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation) 2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () ==================== Drivers (Whitelisted) ===================== 3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation) 0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation) 3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation) 3 RTL8187Se; C:\Windows\System32\Drivers\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation ) ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-12-01 10:16 - 2012-12-01 10:16 - 00000000 ____D C:\FRST 2012-12-01 07:50 - 2012-12-01 07:50 - 01461039 ____A (Farbar) C:\Users\Micah L Mathis\Downloads\FRST64.exe 2012-12-01 07:36 - 2012-12-01 07:43 - 00002331 ____A C:\Users\Micah L Mathis\Downloads\index.php.txt 2012-12-01 04:47 - 2012-12-01 04:47 - 00000146 ____A C:\Users\Micah L Mathis\Desktop\Virus.url 2012-12-01 03:56 - 2012-12-01 03:56 - 00023612 ____A C:\Users\Micah L Mathis\Desktop\DDS.txt 2012-12-01 03:55 - 2012-12-01 03:55 - 00010117 ____A C:\Users\Micah L Mathis\Desktop\Attach.txt 2012-11-27 15:53 - 2012-11-27 15:53 - 00006884 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121127.175303.txt 2012-11-26 02:58 - 2012-11-26 02:58 - 00000000 ____A C:\Users\Micah L Mathis\Documents\ts3_clientui-win64-1351504843-2012-11-26 04_58_26.096821.dmp 2012-11-25 14:51 - 2012-11-25 14:51 - 00006789 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121125.165134.txt 2012-11-23 22:02 - 2012-11-23 22:16 - 764790473 ____A C:\Users\Micah L Mathis\Desktop\_Episodes 5&6_ - Battlestar Galactica_ Blood & Chrome.mp4 2012-11-20 17:25 - 2012-11-20 17:25 - 23921701 ____A (Igor Pavlov) C:\Users\Micah L Mathis\Downloads\tor-browser-2.2.39-5_en-US.exe 2012-11-15 08:45 - 2012-11-15 08:45 - 00006791 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121115.104552.txt 2012-11-09 13:44 - 2012-11-09 13:51 - 401298517 ____A C:\Users\Micah L Mathis\Desktop\_Episode 2_ - Battlestar Galactica_ Blood and Chrome.mp4 2012-11-09 13:25 - 2012-11-09 13:34 - 492040389 ____A C:\Users\Micah L Mathis\Desktop\_Episode 1_ - Battlestar Galactica_ Blood and Chrome.mp4 2012-11-09 12:11 - 2012-11-09 12:11 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\New folder 2012-11-03 17:59 - 2012-11-03 17:59 - 16450830 ____A C:\Users\Micah L Mathis\Desktop\Daren Bates' Nasty Stiff Arm.mp4 ==================== One Month Modified Files and Folders ======= 2012-12-01 10:16 - 2012-12-01 10:16 - 00000000 ____D C:\FRST 2012-12-01 08:04 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-12-01 08:04 - 2009-07-13 20:51 - 00153072 ____A C:\Windows\setupact.log 2012-12-01 07:52 - 2011-12-12 18:03 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\TS3Client 2012-12-01 07:50 - 2012-12-01 07:50 - 01461039 ____A (Farbar) C:\Users\Micah L Mathis\Downloads\FRST64.exe 2012-12-01 07:50 - 2011-12-29 09:49 - 00787590 ____A C:\Windows\System32\PerfStringBackup.INI 2012-12-01 07:43 - 2012-12-01 07:36 - 00002331 ____A C:\Users\Micah L Mathis\Downloads\index.php.txt 2012-12-01 07:18 - 2010-08-23 10:37 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-12-01 07:11 - 2012-07-03 05:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-12-01 07:06 - 2011-12-12 16:40 - 00000944 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-892447014-2351559839-3818858411-1000UA.job 2012-12-01 07:06 - 2011-12-12 16:40 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-892447014-2351559839-3818858411-1000Core.job 2012-12-01 04:58 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-01 04:58 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-01 04:57 - 2010-08-23 10:37 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-12-01 04:49 - 2009-12-01 19:00 - 00373438 ____A C:\Windows\PFRO.log 2012-12-01 04:47 - 2012-12-01 04:47 - 00000146 ____A C:\Users\Micah L Mathis\Desktop\Virus.url 2012-12-01 03:58 - 2012-01-06 04:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-12-01 03:56 - 2012-12-01 03:56 - 00023612 ____A C:\Users\Micah L Mathis\Desktop\DDS.txt 2012-12-01 03:56 - 2012-01-22 20:55 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\Skype 2012-12-01 03:55 - 2012-12-01 03:55 - 00010117 ____A C:\Users\Micah L Mathis\Desktop\Attach.txt 2012-11-28 20:40 - 2012-03-05 21:44 - 00000000 ____D C:\Program Files (x86)\Steam 2012-11-28 18:27 - 2011-12-15 20:47 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\Mumble 2012-11-27 18:09 - 2012-03-22 04:43 - 00000000 ____D C:\Users\Micah L Mathis\AppData\Roaming\vlc 2012-11-27 15:53 - 2012-11-27 15:53 - 00006884 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121127.175303.txt 2012-11-26 03:13 - 2010-08-22 14:43 - 00000000 ____D C:\Users\Micah L Mathis\Documents\Outlook Files 2012-11-26 02:58 - 2012-11-26 02:58 - 00000000 ____A C:\Users\Micah L Mathis\Documents\ts3_clientui-win64-1351504843-2012-11-26 04_58_26.096821.dmp 2012-11-25 14:51 - 2012-11-25 14:51 - 00006789 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121125.165134.txt 2012-11-23 22:16 - 2012-11-23 22:02 - 764790473 ____A C:\Users\Micah L Mathis\Desktop\_Episodes 5&6_ - Battlestar Galactica_ Blood & Chrome.mp4 2012-11-20 17:25 - 2012-11-20 17:25 - 23921701 ____A (Igor Pavlov) C:\Users\Micah L Mathis\Downloads\tor-browser-2.2.39-5_en-US.exe 2012-11-20 11:35 - 2009-12-01 18:51 - 00000000 ____D C:\Users\All Users\Adobe 2012-11-20 10:56 - 2012-04-14 01:28 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-11-20 10:56 - 2011-07-07 16:41 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-11-15 08:45 - 2012-11-15 08:45 - 00006791 ____A C:\Users\Micah L Mathis\AppData\Local\PDLSetup.20121115.104552.txt 2012-11-11 10:13 - 2012-08-30 06:00 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\The Fall Of Hyperion 2012-11-09 13:51 - 2012-11-09 13:44 - 401298517 ____A C:\Users\Micah L Mathis\Desktop\_Episode 2_ - Battlestar Galactica_ Blood and Chrome.mp4 2012-11-09 13:34 - 2012-11-09 13:25 - 492040389 ____A C:\Users\Micah L Mathis\Desktop\_Episode 1_ - Battlestar Galactica_ Blood and Chrome.mp4 2012-11-09 12:11 - 2012-11-09 12:11 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\New folder 2012-11-08 13:52 - 2012-01-20 09:40 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\battlestar galactica 2012-11-05 04:47 - 2012-05-09 07:26 - 00000000 ____D C:\Users\Micah L Mathis\Desktop\Hyperion 2012-11-03 17:59 - 2012-11-03 17:59 - 16450830 ____A C:\Users\Micah L Mathis\Desktop\Daren Bates' Nasty Stiff Arm.mp4 ZeroAccess: C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34} C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\00000004.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\201d3dde C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\4cce1f70 C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\L\55490ac4 C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000004.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000008.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\000000cb.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000000.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000032.@ C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\80000064.@ ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ZeroAccess: C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34} C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\@ C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\L C:\Users\Micah L Mathis\AppData\Local\{8c7abcee-489c-da28-bb7b-297551f70b34}\U ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!. C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-11-25 02:16:33 ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 3894.78 MB Available physical RAM: 3323.61 MB Total Pagefile: 3892.93 MB Available Pagefile: 3314.47 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: (TI105512W0E) (Fixed) (Total:456.78 GB) (Free:59.36 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[system with boot components (obtained from reading drive)] 4 Drive f: (USB20FD) (Removable) (Total:3.8 GB) (Free:3.79 GB) FAT32 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 0 B Disk 1 Online 3894 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Recovery 1500 MB 1024 KB Partition 2 Primary 456 GB 1501 MB Partition 3 Primary 7701 MB 458 GB ================================================================================== Disk: 0 Partition 1 Type : 27 Hidden: Yes Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 D System NTFS Partition 1500 MB Healthy Hidden ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C TI105512W0E NTFS Partition 456 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 17 (Suspicious Type) Hidden: Yes Active: No There is no volume associated with this partition. ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 3894 MB 28 KB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F USB20FD FAT32 Removable 3894 MB Healthy ========================================================= Last Boot: 2012-11-25 02:09 ==================== End Of Log ============================= FRST.txt
  6. Hi. I was wondering if i could get some help with this. 2 of my browsers redirect on searches and have become very slow and stagnant. These hits on malware will not go away after cleaning. Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.01.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Micah L Mathis :: TROJANXHORSEACT [administrator] 12/1/2012 06:05:32 mbam-log-2012-12-01 (06-05-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 213483 Time elapsed: 12 minute(s), 28 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully. C:\Windows\Installer\{8c7abcee-489c-da28-bb7b-297551f70b34}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully. (end) DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.