Jump to content

EthrinOfCygnus

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by EthrinOfCygnus

  1. I booted up my computer this evening and was promptly informed by my Avast anti-virus that c:\programdata\api-ms-win-core-memory-l1-1-032exe, a trojan horse had been blocked. I decided to run a malwarebytes scan since in the past it's had a better track record of removing viruses from my computer. It found 5 objects, removed them and I was prompted to restart my computer, which I did. When my computer rebooted, I was still being informed that there is a trojan horse of the same name on the computer. I've attempted to follow the directions for this forum, I hope I haven't missed anything, any help with this problem would be much appreciated. . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Ethrin at 20:48:26 on 2011-07-27 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8176.5789 [GMT -7:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\SysWOW64\ncryptui32.exe C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Ethrin\Desktop\p81skp1r.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\ProgramData\api-ms-win-core-memory-l1-1-032.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360211e706p04h5v165k4631r25r mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360211e706p04h5v165k4631r25r mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360211e706p04h5v165k4631r25r uInternet Settings,ProxyOverride = *.local uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: {0d40a95d-2449-4062-9528-6d72498cf65b} - C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-032.dll BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: ToolbarBHO Class: {9519af7e-638d-4933-bad6-d33d23c79fe5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB: RAW Thumbnail Viewer: {f301665a-12f8-4331-804a-5bcbd379668c} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce: [innoSetupRegFile.0000000001] "C:\Windows\is-UMH08.exe" /REG /REGSVRMODE StartupFolder: C:\Users\Ethrin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html IE: Read EXIF - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{1D2654AD-338C-404B-89F3-7B789355E940} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{1D2654AD-338C-404B-89F3-7B789355E940}\E4F44454D223 : DhcpNameServer = 24.248.130.30 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-032.dll BHO-X64: IEPlugin Class: {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: ToolbarBHO Class: {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB-X64: RAW Thumbnail Viewer: {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce-x64: [innoSetupRegFile.0000000001] "C:\Windows\is-UMH08.exe" /REG /REGSVRMODE . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Ethrin\AppData\Roaming\Mozilla\Firefox\Profiles\zkrwmaly.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\components\coFFPlgn.dll FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\components\IPSFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 ahcix64s;ahcix64s;C:\Windows\system32\DRIVERS\ahcix64s.sys --> C:\Windows\system32\DRIVERS\ahcix64s.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20110309.001\BHDrvx64.sys [2011-3-10 1124472] R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20110330.001\IDSviA64.sys [2011-3-30 476792] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS [?] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1108000.005\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1108000.005\SYMTDIV.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-6-29 42184] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe [2011-2-4 126392] R2 ShellHWDetection32;Shell Hardware Detection ;C:\Windows\System32\ncryptui32.exe [2011-7-25 786432] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-12 243232] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-2-3 132656] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R4 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-29 366640] S2 AppIDSvc32;Application Identity ;C:\Windows\system32\mprdim32.exe --> C:\Windows\system32\mprdim32.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664] S2 Winmgmt32;Windows Management Instrumentation ;C:\Windows\system32\typelib32.exe --> C:\Windows\system32\typelib32.exe [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2011-07-28 03:47:59 786432 ----a-w- C:\ProgramData\trzC1CF.tmp 2011-07-28 03:46:59 786432 ----a-w- C:\ProgramData\trzD6A8.tmp 2011-07-28 03:45:59 786432 ----a-w- C:\ProgramData\trzEB47.tmp 2011-07-28 03:44:59 786432 ----a-w- C:\ProgramData\trzFCCD.tmp 2011-07-28 03:43:59 786432 ----a-w- C:\ProgramData\trz1351.tmp 2011-07-28 03:42:59 786432 ----a-w- C:\ProgramData\trz27E4.tmp 2011-07-28 03:41:58 786432 ----a-w- C:\ProgramData\trz3556.tmp 2011-07-28 03:40:59 786432 ----a-w- C:\ProgramData\trz5097.tmp 2011-07-28 03:39:59 786432 ----a-w- C:\ProgramData\trz64B4.tmp 2011-07-28 03:38:59 786432 ----a-w- C:\ProgramData\trz79AB.tmp 2011-07-28 03:37:59 786432 ----a-w- C:\ProgramData\trz8D2C.tmp 2011-07-28 03:36:59 786432 ----a-w- C:\ProgramData\trzA239.tmp 2011-07-28 03:35:59 786432 ----a-w- C:\ProgramData\trzB86E.tmp 2011-07-28 03:34:58 786432 ----a-w- C:\ProgramData\trzC7A5.tmp 2011-07-28 03:33:59 786432 ----a-w- C:\ProgramData\trzE18E.tmp 2011-07-28 03:32:59 786432 ----a-w- C:\ProgramData\trzF5C4.tmp 2011-07-28 03:31:59 786432 ----a-w- C:\ProgramData\trzA71.tmp 2011-07-28 03:30:59 786432 ----a-w- C:\ProgramData\trz1E1C.tmp 2011-07-28 03:29:59 786432 ----a-w- C:\ProgramData\trz32FD.tmp 2011-07-28 03:28:55 786432 ----a-w- C:\ProgramData\trz366D.tmp 2011-07-28 03:27:59 786432 ----a-w- C:\ProgramData\trz5C3B.tmp 2011-07-28 03:26:59 786432 ----a-w- C:\ProgramData\trz6FC4.tmp 2011-07-28 03:25:59 786432 ----a-w- C:\ProgramData\trz8539.tmp 2011-07-28 03:24:59 786432 ----a-w- C:\ProgramData\trz98C9.tmp 2011-07-28 03:23:59 786432 ----a-w- C:\ProgramData\trzADF2.tmp 2011-07-28 03:22:59 786432 ----a-w- C:\ProgramData\trzC1B9.tmp 2011-07-28 03:21:59 786432 ----a-w- C:\ProgramData\trzD6BD.tmp 2011-07-28 03:20:59 786432 ----a-w- C:\ProgramData\trzEAF1.tmp 2011-07-28 03:19:58 786432 ----a-w- C:\ProgramData\trzFAFF.tmp 2011-07-28 03:18:59 786432 ----a-w- C:\ProgramData\trzFC3.tmp 2011-07-28 03:17:59 786432 ----a-w- C:\ProgramData\trz2782.tmp 2011-07-28 03:16:59 786432 ----a-w- C:\ProgramData\trz3BBA.tmp 2011-07-28 03:15:59 786432 ----a-w- C:\ProgramData\trz4FFA.tmp 2011-07-28 03:14:59 786432 ----a-w- C:\ProgramData\trz6477.tmp 2011-07-28 03:13:59 786432 ----a-w- C:\ProgramData\trz7885.tmp 2011-07-28 03:12:59 786432 ----a-w- C:\ProgramData\trz8D2E.tmp 2011-07-28 03:11:59 786432 ----a-w- C:\ProgramData\trzA139.tmp 2011-07-28 03:10:59 786432 ----a-w- C:\ProgramData\trzB56E.tmp 2011-07-28 03:09:59 786432 ----a-w- C:\ProgramData\trzCA0E.tmp 2011-07-28 03:08:59 786432 ----a-w- C:\ProgramData\trzDD77.tmp 2011-07-28 03:07:59 786432 ----a-w- C:\ProgramData\trzF269.tmp 2011-07-28 03:06:59 786432 ----a-w- C:\ProgramData\trz762.tmp 2011-07-28 03:05:59 786432 ----a-w- C:\ProgramData\trz1BBE.tmp 2011-07-28 03:04:59 786432 ----a-w- C:\ProgramData\trz302F.tmp 2011-07-28 03:03:59 786432 ----a-w- C:\ProgramData\trz4424.tmp 2011-07-28 03:02:57 786432 ----a-w- C:\ProgramData\trz50CB.tmp 2011-07-28 03:01:59 786432 ----a-w- C:\ProgramData\trz6D02.tmp 2011-07-28 03:00:59 786432 ----a-w- C:\ProgramData\trz7F42.tmp 2011-07-28 02:59:59 786432 ----a-w- C:\ProgramData\trz9559.tmp 2011-07-28 02:58:59 786432 ----a-w- C:\ProgramData\trzA922.tmp 2011-07-28 02:57:59 786432 ----a-w- C:\ProgramData\trzBDD4.tmp 2011-07-28 02:56:59 786432 ----a-w- C:\ProgramData\trzD10F.tmp 2011-07-28 02:55:59 786432 ----a-w- C:\ProgramData\trzE67F.tmp 2011-07-28 02:54:59 786432 ----a-w- C:\ProgramData\trzFA63.tmp 2011-07-28 02:53:59 786432 ----a-w- C:\ProgramData\trzE91.tmp 2011-07-28 02:52:59 786432 ----a-w- C:\ProgramData\trz22B7.tmp 2011-07-28 02:51:59 786432 ----a-w- C:\ProgramData\trz36D1.tmp 2011-07-28 02:50:59 786432 ----a-w- C:\ProgramData\trz4AD1.tmp 2011-07-28 02:49:59 786432 ----a-w- C:\ProgramData\trz5F18.tmp 2011-07-28 02:48:59 786432 ----a-w- C:\ProgramData\trz734A.tmp 2011-07-28 02:47:59 786432 ----a-w- C:\ProgramData\trz874E.tmp 2011-07-28 02:46:59 786432 ----a-w- C:\ProgramData\trz9BAC.tmp 2011-07-28 02:45:59 786432 ----a-w- C:\ProgramData\trzAF7C.tmp 2011-07-28 02:44:59 786432 ----a-w- C:\ProgramData\trzC3DF.tmp 2011-07-28 02:43:59 786432 ----a-w- C:\ProgramData\trzD7D8.tmp 2011-07-28 02:42:59 786432 ----a-w- C:\ProgramData\trzEBE8.tmp 2011-07-28 02:41:59 786432 ----a-w- C:\ProgramData\trzFF62.tmp 2011-07-28 02:40:59 786432 ----a-w- C:\ProgramData\trz1466.tmp 2011-07-28 02:39:59 786432 ----a-w- C:\ProgramData\trz28A2.tmp 2011-07-28 02:38:59 786432 ----a-w- C:\ProgramData\trz3C56.tmp 2011-07-28 02:37:59 786432 ----a-w- C:\ProgramData\trz50BF.tmp 2011-07-28 02:36:59 786432 ----a-w- C:\ProgramData\trz6505.tmp 2011-07-28 02:35:59 786432 ----a-w- C:\ProgramData\trz794F.tmp 2011-07-28 02:34:59 786432 ----a-w- C:\ProgramData\trz8D2F.tmp 2011-07-28 02:33:58 786432 ----a-w- C:\ProgramData\trz9C11.tmp 2011-07-28 02:32:59 786432 ----a-w- C:\ProgramData\trzB533.tmp 2011-07-28 02:31:59 786432 ----a-w- C:\ProgramData\trzC951.tmp 2011-07-28 02:30:59 786432 ----a-w- C:\ProgramData\trzDD69.tmp 2011-07-28 02:29:58 786432 ----a-w- C:\ProgramData\trzED93.tmp 2011-07-28 02:28:59 786432 ----a-w- C:\ProgramData\trz5C4.tmp 2011-07-28 02:27:59 786432 ----a-w- C:\ProgramData\trz19D6.tmp 2011-07-28 02:26:59 786432 ----a-w- C:\ProgramData\trz2DE2.tmp 2011-07-28 02:25:59 786432 ----a-w- C:\ProgramData\trz421E.tmp 2011-07-28 02:24:59 786432 ----a-w- C:\ProgramData\trz569C.tmp 2011-07-28 02:23:59 786432 ----a-w- C:\ProgramData\trz6A45.tmp 2011-07-28 02:22:59 786432 ----a-w- C:\ProgramData\trz7ECB.tmp 2011-07-28 02:21:58 786432 ----a-w- C:\ProgramData\trz8E29.tmp 2011-07-28 02:20:59 786432 ----a-w- C:\ProgramData\trzA73D.tmp 2011-07-27 00:57:28 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{30EC6EDA-98D0-40E1-B63B-18017B0D670E}\mpengine.dll 2011-07-26 02:50:18 786432 ----a-w- C:\Windows\SysWow64\ncryptui32.exe 2011-07-25 00:42:07 786432 ----a-w- C:\ProgramData\api-ms-win-core-memory-l1-1-032.exe 2011-07-25 00:42:07 358912 ----a-w- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-032.dll 2011-07-12 06:04:08 -------- d-----w- C:\Users\Ethrin\AppData\Local\FeedDemon 2011-07-12 06:03:58 -------- d-----w- C:\Program Files (x86)\FeedDemon 2011-07-04 06:33:26 -------- d-----w- C:\Users\Ethrin\AppData\Roaming\Acreon 2011-07-04 06:33:23 -------- d-----w- C:\Users\Ethrin\AppData\Local\._Revolution_ 2011-07-02 18:58:03 -------- d-----w- C:\Program Files\iPod 2011-07-02 18:58:00 -------- d-----w- C:\Program Files\iTunes 2011-07-02 18:58:00 -------- d-----w- C:\Program Files (x86)\iTunes 2011-06-30 00:46:02 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-06-30 00:46:00 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-06-30 00:45:27 40112 ----a-w- C:\Windows\avastSS.scr 2011-06-30 00:45:22 -------- d-----w- C:\Users\Ethrin\AppData\Roaming\Malwarebytes 2011-06-30 00:45:21 -------- d-----w- C:\ProgramData\AVAST Software 2011-06-30 00:45:21 -------- d-----w- C:\Program Files\AVAST Software 2011-06-30 00:45:06 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-06-30 00:45:05 -------- d-----w- C:\ProgramData\Malwarebytes 2011-06-30 00:45:02 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-06-30 00:45:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2011-07-28 02:35:00 709968 ----a-w- C:\Windows\is-UMH08.exe 2011-06-17 01:55:42 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys 2011-06-02 06:45:22 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-06-02 06:45:22 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-06-02 06:45:22 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-06-02 06:44:54 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-06-02 06:42:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-02 06:35:56 338944 ----a-w- C:\Windows\System32\conhost.exe 2011-06-02 05:59:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-06-02 05:56:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-06-02 05:54:51 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-02 03:51:00 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-06-02 03:50:59 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-05-25 02:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-05-24 11:21:59 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:34:20 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:34:20 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:34:00 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:32:46 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-10 15:06:08 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2011-05-10 15:06:08 4517664 ----a-w- C:\Windows\System32\usbaaplrc.dll 2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll 2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll 2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll 2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll 2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll 2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll 2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe 2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll 2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll 2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll 2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe 2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll . ============= FINISH: 20:53:50.15 =============== Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7035 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 7/27/2011 11:29:04 PM mbam-log-2011-07-27 (23-29-04).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Objects scanned: 393365 Time elapsed: 2 hour(s), 31 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{0D40A95D-2449-4062-9528-6D72498CF65b} (Trojan.Tracur.Gen) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D40A95D-2449-4062-9528-6D72498CF65B} (Trojan.Tracur.Gen) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\System32\api-ms-win-core-memory-l1-1-032.dll (Trojan.Tracur.Gen) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-032.dll (Trojan.Tracur.Gen) -> Quarantined and deleted successfully. ark.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.