Jump to content

ahmedbadenjki

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by ahmedbadenjki

  1. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 17/02/2016 Scan Time: 15:53 Logfile: Administrator: Yes Version: 2.2.0.1024 Malware Database: v2016.02.17.07 Rootkit Database: v2016.02.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Ahmed Scan Type: Threat Scan Result: Completed Objects Scanned: 473515 Time Elapsed: 1 hr, 9 min, 40 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 21 Trojan.Bedep.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{279A6B6B-CC7C-490B-8FA4-BFD80F1CF2AA}, Delete-on-Reboot, [b8132f324653a09692e1fcf7827ffc04], Trojan.Bedep.Generic, HKU\S-1-5-21-3886721561-2564760882-2778430979-1000_Classes\CLSID\{279A6B6B-CC7C-490B-8FA4-BFD80F1CF2AA}, Delete-on-Reboot, [b8132f324653a09692e1fcf7827ffc04], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [7259c29f5b3e12243e73034519e9d12f], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 7 Trojan.Bedep.Generic, C:\ProgramData\{2F752DAC-F812-4497-9E91-D8701A4745CB}\qwave.dll, Delete-on-Reboot, [b8132f324653a09692e1fcf7827ffc04], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDB53F.tmp.1455750466\HTA\install.1455750466.zip, Quarantined, [bc0fd0912d6ce452436eaf99ab57718f], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDB53F.tmp.1455750466\HTA\3rdparty\OCComSDK.dll, Quarantined, [3e8db1b0a4f5c1755c550b3d738f8779], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDB53F.tmp.1455750466\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [814aa1c0e7b29f97bc3e976814f01ce4], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDCC38.tmp.1455750538\HTA\install.1455750538.zip, Quarantined, [c803f26f07928aacbdf4b3953bc77789], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDCC38.tmp.1455750538\HTA\3rdparty\OCComSDK.dll, Quarantined, [7259c29f5b3e12243e73034519e9d12f], PUP.Optional.OpenCandy, C:\Users\Ahmed\AppData\Local\Temp\HYDCC38.tmp.1455750538\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [c308bda4148561d5c535c83727ddac54], Physical Sectors: 0 (No malicious items detected) (end)
  2. Hi, A few days ago I noticed cpu-usage levels were extremely high (100% most of the time). I closed all apps and restarted, computer starts out fine but as soon as I turn on wifi a Notepad launches by itself and computer starts getting really slow. Been noticing several cmd.exe processes open in task manager even tho I haven't launched command prompt. Same thing with conhost.exe msiexec.exe and notepad.exe and more than one explorer.exe Tried to run virus scan, nothing was found - althought Avast Antivirus keeps notifying me that it blocked a threat and that urls were being blocked such as: reannewscomm.com and other spammy-sounding websites. Please let me know if there is any other information you need from me at this point. P.S. I'm running Windows 7 with Avast Antivirus Any help is appreciated. Ahmed
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.