Jump to content

horn

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Today run full scan of C:\ and all was clean. Here is log file: -Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4142 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 10-05-26 13:12:57 mbam-log-2010-05-26 (13-12-57).txt Scan type: Quick scan Objects scanned: 171 Time elapsed: 37 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) After run SFC /Scannow and MBAM reported three malwares - this is the log file: -protection-log-2010-05-26 12:46:31 user MESSAGE Protection started successfully 12:46:46 user MESSAGE IP Protection started successfully 13:56:19 user IP-BLOCK 95.168.183.18 13:56:22 user IP-BLOCK 95.168.183.18 13:56:28 user IP-BLOCK 95.168.183.18 14:16:39 user IP-BLOCK 83.133.97.246 14:16:42 user IP-BLOCK 83.133.97.246 14:16:48 user IP-BLOCK 83.133.97.246 14:32:06 user DETECTION C:\WINDOWS\System32\dllcache\beep.sys Fake.Beep.sys ALLOW 14:32:38 user DETECTION C:\WINDOWS\System32\dllcache\cdrom.sys Trojan.Patched ALLOW 14:37:26 user DETECTION C:\WINDOWS\System32\dllcache\setup.exe Trojan.Dropper ALLOW Run again SFC /Scannow and try to quarantine problematic files, rebooted , run again SFC /Scannow, but problematic files appear again. Here is log file: -protection-log-2010-05-26 12:46:31 user MESSAGE Protection started successfully 12:46:46 user MESSAGE IP Protection started successfully 13:56:19 user IP-BLOCK 95.168.183.18 13:56:22 user IP-BLOCK 95.168.183.18 13:56:28 user IP-BLOCK 95.168.183.18 14:16:39 user IP-BLOCK 83.133.97.246 14:16:42 user IP-BLOCK 83.133.97.246 14:16:48 user IP-BLOCK 83.133.97.246 14:32:06 user DETECTION C:\WINDOWS\System32\dllcache\beep.sys Fake.Beep.sys ALLOW 14:32:38 user DETECTION C:\WINDOWS\System32\dllcache\cdrom.sys Trojan.Patched ALLOW 14:37:26 user DETECTION C:\WINDOWS\System32\dllcache\setup.exe Trojan.Dropper ALLOW 15:36:21 user MESSAGE IP Protection stopped 15:37:16 user MESSAGE Database updated successfully 15:37:26 user MESSAGE IP Protection started successfully 15:37:39 user MESSAGE IP Protection stopped 15:37:50 user MESSAGE IP Protection started successfully 16:21:58 user DETECTION C:\WINDOWS\System32\dllcache\beep.sys Fake.Beep.sys QUARANTINE 16:21:59 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 16:22:14 user DETECTION C:\WINDOWS\System32\dllcache\cdrom.sys Trojan.Patched QUARANTINE 16:22:15 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 16:26:01 user DETECTION C:\WINDOWS\System32\dllcache\setup.exe Trojan.Dropper QUARANTINE 16:26:03 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 16:31:03 user MESSAGE Protection started successfully 16:31:29 user MESSAGE IP Protection started successfully 16:32:59 user DETECTION C:\WINDOWS\System32\dllcache\beep.sys Fake.Beep.sys QUARANTINE 16:33:00 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 16:33:20 user DETECTION C:\WINDOWS\System32\dllcache\cdrom.sys Trojan.Patched QUARANTINE 16:33:21 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 16:37:18 user DETECTION C:\WINDOWS\System32\dllcache\setup.exe Trojan.Dropper QUARANTINE 16:37:19 user ERROR Quarantine failed: UtilityReadFile failed with error code 2 Please advice me what I can do to sole this problem. Search these three files in system32/dllcashe folder, but can not locate any of them.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.