Jump to content

Recommended Posts

For some reason I am not able to remove these viruses from my PC or many others on my network. I have tried several other antivirus programs and they aren't detecting them. any ideas ? please see log file below

Thanks

Ryan

Malwarebytes' Anti-Malware 1.39

Database version: 2475

Windows 5.1.2600 Service Pack 3

7/21/2009 2:43:50 PM

mbam-log-2009-07-21 (14-43-42).txt

Scan type: Full Scan (C:\|)

Objects scanned: 121708

Time elapsed: 16 minute(s), 20 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 88

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\svchosts.exe (Worm.AutoRun) -> No action taken.

C:\Program Files\SAV\Uninstall.exe (Rogue.SystemAntiVirus) -> No action taken.

C:\WINDOWS\c.exe (Trojan.Agent) -> No action taken.

C:\Program Files\1\1.exe (Trojan.Agent) -> No action taken.

C:\Program Files\2\2.exe (Trojan.Agent) -> No action taken.

C:\Program Files\3\3.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\Administrator\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\BURLES~1~SJH\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\Default User\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\LocalService\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\NetworkService\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\TEMP\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\svchosts.exe (Trojan.Agent) -> No action taken.

C:\RECYCLER\S-1-5-21-0982818026-0792038349-964117139-9221\service.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\rundll.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\logon.exe (Trojan.Agent) -> No action taken.

C:\1.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\inf\svchosts.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\service.exe (Backdoor.Bot) -> No action taken.

C:\WINDOWS\lsas.exe (Backdoor.Bot) -> No action taken.

C:\WINDOWS\system32\lsas.exe (Backdoor.Bot) -> No action taken.

C:\WINDOWS\system32\win32ini\svchosts.exe (Backdoor.Bot) -> No action taken.

C:\WINDOWS\system32\service.exe (Backdoor.Bot) -> No action taken.

C:\Program Files\rundll.exe (Spyware.OnlineGames) -> No action taken.

C:\Program Files\PornCleanser\svchosts.exe (Rogue.PornCleanser) -> No action taken.

C:\Program Files\pc\svchosts.exe (Rogue.PornCleanser) -> No action taken.

C:\WINDOWS\system32\svchosts.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\svchosts.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\1.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\2.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\3.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\System\helper.exe (Trojan.Agent) -> No action taken.

C:\c.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\Drivers\Security\service.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\Administrator\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\All Users\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\BURLES~1~SJH\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\Default User\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\LocalService\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\NetworkService\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\TEMP\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\burlesonrn\1.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\1.exe (Trojan.Dropper) -> No action taken.

C:\WINDOWS\system32\Com\rundll.exe (Trojan.Sramler) -> No action taken.

C:\WINDOWS\system32\taskmon.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\taskmon.exe (Proxy.Agent) -> No action taken.

C:\WINDOWS\rundll.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\svchosts.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\taskmon.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\taskmon.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\rundll.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\rundll.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\service.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\service.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\sound.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\sound.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\upnpsvc.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\upnpsvc.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\lsas.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\lsas.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\logon.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\logon.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\helper.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\helper.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\event.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\event.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\dumpreport.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\dumpreport.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\All Users\Application Data\msiexeca.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Application Data\msiexeca.exe (Trojan.Agent) -> No action taken.

C:\Program Files\videosoft\Uninstall.exe (Trojan.DNSChanger) -> No action taken.

C:\RECYCLER\S-1-5-21-1292832515-2685961851-318933812-6215\service.exe (Trojan.Agent) -> No action taken.

C:\Uninstall.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\Media\sound.exe (Trojan.Downloader) -> No action taken.

C:\Documents and Settings\3.exe (Trojan.Dropper) -> No action taken.

C:\Program Files\Common Files\Win Config\service.exe (Backdoor.Bot) -> No action taken.

C:\WINDOWS\Cursors\svchosts.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\1\1.exe (Backdoor.Bifrose) -> No action taken.

C:\Documents and Settings\Administrator\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\Default User\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\LocalService\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\NetworkService\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\burlesonrn.SJHS-NT\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\burlesonrn\Local Settings\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

C:\WINDOWS\Temp\lsas.exe (Trojan.Dropper) -> No action taken.

Link to post
Share on other sites

  • Root Admin

The log shows you did not tell MBAM to fix the problem. Please make sure you have MBAM fix the issues as shown below.

Update and Scan with Malwarebytes' Anti-Malware

  • Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
  • Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
    • Update Malwarebytes' Anti-Malware
    • Select the Update tab
    • Click Update

    [*]When the update is complete, select the Scanner tab

    [*]Select Perform quick scan, then click Scan.

    [*]When the scan is complete, click OK, then Show Results to view the results.

    [*]Be sure that everything is checked, and click Remove Selected.

    [*]When completed, a log will open in Notepad. please copy and paste the log into your next reply

    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Then post back the MBAM log and a new Hijackthis log.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.