Jump to content

Can't run MBE

1bjg1

By 1bjg1
in Resolved Malware Removal Logs

 Share

Recommended Posts

1bjg1

1bjg1

Posted
  • Author
Posted

Launched quick scan, as usual, no infections-

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4401

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

7/08/2010 9:23:56 AM

mbam-log-2010-08-07 (09-23-56).txt

Scan type: Quick scan

Objects scanned: 133353

Time elapsed: 6 minute(s), 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Then did full scan, usual problem, windows shut down program ( could still see 3 infected objects)

Next, ran Avira scan again-

Avira AntiVir Personal

Report file date: Saturday, 7 August 2010 09:44

Scanning for 2682432 virus strains and unwanted programs.

The program is running as an unrestricted full version.

Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows Vista

Windows version : (Service Pack 2) [6.0.6002]

Boot mode : Normally booted

Username : SYSTEM

Computer name : DAVID-PC

Version information:

BUILD.DAT : 10.0.0.567 32097 Bytes 19/04/2010 15:07:00

AVSCAN.EXE : 10.0.3.0 433832 Bytes 1/04/2010 05:37:38

AVSCAN.DLL : 10.0.3.0 46440 Bytes 1/04/2010 05:57:04

LUKE.DLL : 10.0.2.3 104296 Bytes 7/03/2010 11:33:04

LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 16:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 6/11/2009 02:05:36

VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 12:27:49

VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 10:37:42

VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 09:37:42

VBASE004.VDF : 7.10.4.203 1579008 Bytes 5/03/2010 04:29:03

VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 10:17:49

VBASE006.VDF : 7.10.7.218 2294784 Bytes 2/06/2010 10:20:44

VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 10:26:53

VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 10:26:56

VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 10:26:58

VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 10:27:00

VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 10:27:01

VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 10:27:03

VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 10:27:21

VBASE014.VDF : 7.10.9.255 997888 Bytes 29/07/2010 10:28:51

VBASE015.VDF : 7.10.10.28 139264 Bytes 2/08/2010 10:29:04

VBASE016.VDF : 7.10.10.52 127488 Bytes 3/08/2010 10:29:16

VBASE017.VDF : 7.10.10.84 137728 Bytes 6/08/2010 10:29:34

VBASE018.VDF : 7.10.10.85 1536 Bytes 6/08/2010 10:29:37

VBASE019.VDF : 7.10.10.86 1536 Bytes 6/08/2010 10:29:43

VBASE020.VDF : 7.10.10.87 1536 Bytes 6/08/2010 10:29:44

VBASE021.VDF : 7.10.10.88 1536 Bytes 6/08/2010 10:29:46

VBASE022.VDF : 7.10.10.89 1536 Bytes 6/08/2010 10:29:47

VBASE023.VDF : 7.10.10.90 1536 Bytes 6/08/2010 10:29:48

VBASE024.VDF : 7.10.10.91 1536 Bytes 6/08/2010 10:29:50

VBASE025.VDF : 7.10.10.92 1536 Bytes 6/08/2010 10:29:51

VBASE026.VDF : 7.10.10.93 1536 Bytes 6/08/2010 10:29:53

VBASE027.VDF : 7.10.10.94 1536 Bytes 6/08/2010 10:29:56

VBASE028.VDF : 7.10.10.95 1536 Bytes 6/08/2010 10:29:57

VBASE029.VDF : 7.10.10.96 1536 Bytes 6/08/2010 10:29:58

VBASE030.VDF : 7.10.10.97 1536 Bytes 6/08/2010 10:30:00

VBASE031.VDF : 7.10.10.99 9728 Bytes 6/08/2010 10:30:02

Engineversion : 8.2.4.32

AEVDF.DLL : 8.1.2.1 106868 Bytes 6/08/2010 10:36:21

AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 6/08/2010 10:36:13

AESCN.DLL : 8.1.6.1 127347 Bytes 6/08/2010 10:35:46

AESBX.DLL : 8.1.3.1 254324 Bytes 6/08/2010 10:36:31

AERDL.DLL : 8.1.8.2 614772 Bytes 6/08/2010 10:35:37

AEPACK.DLL : 8.2.3.3 471414 Bytes 6/08/2010 10:35:01

AEOFFICE.DLL : 8.1.1.8 201081 Bytes 6/08/2010 10:34:47

AEHEUR.DLL : 8.1.2.10 2830711 Bytes 6/08/2010 10:34:38

AEHELP.DLL : 8.1.13.2 242039 Bytes 6/08/2010 10:31:56

AEGEN.DLL : 8.1.3.18 393589 Bytes 6/08/2010 10:31:31

AEEMU.DLL : 8.1.2.0 393588 Bytes 6/08/2010 10:30:50

AECORE.DLL : 8.1.16.2 192887 Bytes 6/08/2010 10:30:36

AEBB.DLL : 8.1.1.0 53618 Bytes 6/08/2010 10:30:27

AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 05:03:38

AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 05:03:35

AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 09:47:40

AVREG.DLL : 10.0.3.0 53096 Bytes 1/04/2010 05:35:46

AVSCPLR.DLL : 10.0.3.0 83816 Bytes 1/04/2010 05:39:51

AVARKT.DLL : 10.0.0.14 227176 Bytes 1/04/2010 05:22:13

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 02:53:30

SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 05:57:58

AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 08:38:56

NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 07:41:00

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 06:10:20

RCTEXT.DLL : 10.0.53.0 97128 Bytes 9/04/2010 07:14:29

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: C:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:, D:,

Process scan........................: on

Extended process scan...............: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Start of the scan: Saturday, 7 August 2010 09:44

Starting search for hidden objects.

The scan of running processes will be started

Scan process 'svchost.exe' - '30' Module(s) have been scanned

Scan process 'vssvc.exe' - '49' Module(s) have been scanned

Scan process 'avscan.exe' - '81' Module(s) have been scanned

Scan process 'avscan.exe' - '29' Module(s) have been scanned

Scan process 'avcenter.exe' - '72' Module(s) have been scanned

Scan process 'mobsync.exe' - '35' Module(s) have been scanned

Scan process 'WUDFHost.exe' - '33' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '66' Module(s) have been scanned

Scan process 'svchost.exe' - '7' Module(s) have been scanned

Scan process 'svchost.exe' - '53' Module(s) have been scanned

Scan process 'SeaPort.exe' - '68' Module(s) have been scanned

Scan process 'svchost.exe' - '42' Module(s) have been scanned

Scan process 'avshadow.exe' - '33' Module(s) have been scanned

Scan process 'avguard.exe' - '64' Module(s) have been scanned

Scan process 'sidebar.exe' - '82' Module(s) have been scanned

Scan process 'avgnt.exe' - '53' Module(s) have been scanned

Scan process 'svchost.exe' - '57' Module(s) have been scanned

Scan process 'MSASCui.exe' - '39' Module(s) have been scanned

Scan process 'taskeng.exe' - '49' Module(s) have been scanned

Scan process 'Explorer.EXE' - '132' Module(s) have been scanned

Scan process 'taskeng.exe' - '80' Module(s) have been scanned

Scan process 'DriverCure.exe' - '47' Module(s) have been scanned

Scan process 'Dwm.exe' - '32' Module(s) have been scanned

Scan process 'taskeng.exe' - '25' Module(s) have been scanned

Scan process 'sched.exe' - '56' Module(s) have been scanned

Scan process 'spoolsv.exe' - '82' Module(s) have been scanned

Scan process 'svchost.exe' - '96' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '36' Module(s) have been scanned

Scan process 'svchost.exe' - '86' Module(s) have been scanned

Scan process 'SLsvc.exe' - '23' Module(s) have been scanned

Scan process 'svchost.exe' - '37' Module(s) have been scanned

Scan process 'svchost.exe' - '150' Module(s) have been scanned

Scan process 'svchost.exe' - '96' Module(s) have been scanned

Scan process 'svchost.exe' - '64' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '33' Module(s) have been scanned

Scan process 'svchost.exe' - '54' Module(s) have been scanned

Scan process 'svchost.exe' - '38' Module(s) have been scanned

Scan process 'svchost.exe' - '40' Module(s) have been scanned

Scan process 'winlogon.exe' - '31' Module(s) have been scanned

Scan process 'lsm.exe' - '22' Module(s) have been scanned

Scan process 'lsass.exe' - '59' Module(s) have been scanned

Scan process 'services.exe' - '33' Module(s) have been scanned

Scan process 'csrss.exe' - '14' Module(s) have been scanned

Scan process 'wininit.exe' - '26' Module(s) have been scanned

Scan process 'csrss.exe' - '14' Module(s) have been scanned

Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '963' files ).

Starting the file scan:

Begin scan in 'C:\' <OS>

Begin scan in 'D:\' <RECOVERY>

End of the scan: Saturday, 7 August 2010 13:24

Used time: 3:40:16 Hour(s)

The scan has been done completely.

50867 Scanned directories

986598 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

986598 Files not concerned

75849 Archives were scanned

0 Warnings

0 Notes

725404 Objects were scanned with rootkit scan

0 Hidden objects were found

So reinstalled Dr Web, did Express Scan-no viruses, ran Complete Scan,

this time it found 44 infected objects & after I clicked "yes to all" to cure or move the files, it scanned or something, completely different to last time.

Any way, 20 hrs & 7 mins later-

7d751f52f35a0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d751f52f35a0.bup;Adware.Comet;;

7d751f52f35a0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d881913621f0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881913621f0.bup;Probably Trojan.Packed.Based;;

7d881913621f0.bup\stream001;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881913621f0.bup;Probably Trojan.Packed.Based;;

7d881913621f0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d881d733191340.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881d733191340.bup;Probably Trojan.Packed.Based;;

7d881d733191340.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d888411c1660.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d888411c1660.bup;Probably Trojan.Packed.Based;;

7d888411c1660.bup\stream001;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d888411c1660.bup;Probably Trojan.Packed.Based;;

7d888411c1660.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d88f7112bd60.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d88f7112bd60.bup;Probably Trojan.Packed.Based;;

7d88f7112bd60.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d89137272e6b0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d89137272e6b0.bup;Probably Trojan.Packed.Based;;

7d89137272e6b0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d891ac13416b0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d891ac13416b0.bup;Probably Trojan.Packed.Based;;

7d891ac13416b0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8a11720c2460.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8a11720c2460.bup;Probably Trojan.Packed.Based;;

7d8a11720c2460.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8a1fa3421a10.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8a1fa3421a10.bup;Probably Trojan.Packed.Based;;

7d8a1fa3421a10.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8b1b1111112bb0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8b1b1111112bb0.bup;Probably Trojan.Packed.Based;;

7d8b1b1111112bb0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8b1c81319790.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8b1c81319790.bup;Probably Trojan.Packed.Based;;

7d8b1c81319790.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8c1341fa30.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8c1341fa30.bup;Probably Trojan.Packed.Based;;

7d8c1341fa30.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d91178151e4a0.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d91178151e4a0.bup;Probably Trojan.Packed.Based;;

7d91178151e4a0.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210e2b1c1c00.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210e2b1c1c00.bup;Probably Trojan.Packed.Based;;

7d9210e2b1c1c00.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210e2e1a2610.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210e2e1a2610.bup;Probably Trojan.Packed.Based;;

7d9210e2e1a2610.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210f631060.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210f631060.bup;Probably Trojan.Packed.Based;;

7d9210f631060.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210fc1e1510.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210fc1e1510.bup;Probably Trojan.Packed.Based;;

7d9210fc1e1510.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9214818332d00.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9214818332d00.bup;Probably Trojan.Packed.Based;;

7d9214818332d00.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

mcupdat0.exe;C:\Documents and Settings\David\DoctorWeb\Quarantine;Probably DLOADER.Trojan;Incurable.Moved.;

mcupdate.exe;C:\Documents and Settings\David\DoctorWeb\Quarantine;Probably DLOADER.Trojan;Incurable.Moved.;

7d751f52f35a1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d751f52f35a1.bup;Adware.Comet;;

7d751f52f35a1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d881913621f1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881913621f1.bup;Probably Trojan.Packed.Based;;

7d881913621f1.bup\stream001;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881913621f1.bup;Probably Trojan.Packed.Based;;

7d881913621f1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d881d733191341.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d881d733191341.bup;Probably Trojan.Packed.Based;;

7d881d733191341.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d888411c1661.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d888411c1661.bup;Probably Trojan.Packed.Based;;

7d888411c1661.bup\stream001;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d888411c1661.bup;Probably Trojan.Packed.Based;;

7d888411c1661.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d88f7112bd61.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d88f7112bd61.bup;Probably Trojan.Packed.Based;;

7d88f7112bd61.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d89137272e6b1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d89137272e6b1.bup;Probably Trojan.Packed.Based;;

7d89137272e6b1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d891ac13416b1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d891ac13416b1.bup;Probably Trojan.Packed.Based;;

7d891ac13416b1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8a11720c2461.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8a11720c2461.bup;Probably Trojan.Packed.Based;;

7d8a11720c2461.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8a1fa3421a11.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8a1fa3421a11.bup;Probably Trojan.Packed.Based;;

7d8a1fa3421a11.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8b1b1111112bb1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8b1b1111112bb1.bup;Probably Trojan.Packed.Based;;

7d8b1b1111112bb1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8b1c81319791.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8b1c81319791.bup;Probably Trojan.Packed.Based;;

7d8b1c81319791.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d8c1341fa31.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d8c1341fa31.bup;Probably Trojan.Packed.Based;;

7d8c1341fa31.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d91178151e4a1.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d91178151e4a1.bup;Probably Trojan.Packed.Based;;

7d91178151e4a1.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210e2b1c1c01.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210e2b1c1c01.bup;Probably Trojan.Packed.Based;;

7d9210e2b1c1c01.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210e2e1a2611.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210e2e1a2611.bup;Probably Trojan.Packed.Based;;

7d9210e2e1a2611.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210f631061.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210f631061.bup;Probably Trojan.Packed.Based;;

7d9210f631061.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9210fc1e1511.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9210fc1e1511.bup;Probably Trojan.Packed.Based;;

7d9210fc1e1511.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

7d9214818332d01.bup\stream000;C:\Documents and Settings\David\DoctorWeb\Quarantine\7d9214818332d01.bup;Probably Trojan.Packed.Based;;

7d9214818332d01.bup;C:\Documents and Settings\David\DoctorWeb\Quarantine;Container contains infected objects;Moved.;

mcupdat0.exe;C:\Documents and Settings\David\DoctorWeb\Quarantine;Probably DLOADER.Trojan;;

mcupdat1.exe;C:\Documents and Settings\David\DoctorWeb\Quarantine;Probably DLOADER.Trojan;;

Just about ready to buy a new computer!!!!!!!

Thanks for your help so far, :)

Beth

Link to post
Share on other sites
1bjg1

1bjg1

Posted
  • Author
Posted

Microsoft Windows [Version 6.0.6002]

Copyright © 2006 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sfc/scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\Windows\system32>

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Run a Disk Check on your C: drive in Windows Vista or Windws 7:

  • Click the Start vista-7-start.png button and select Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so

Please let me know how it goes.

Link to post
Share on other sites
1bjg1

1bjg1

Posted
  • Author
Posted

Yay!!

Ran full scan, completed.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4475

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18943

25/08/2010 9:18:09 PM

mbam-log-2010-08-25 (21-18-09).txt

Scan type: Full scan (C:\|)

Objects scanned: 540045

Time elapsed: 2 hour(s), 41 minute(s), 3 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Thank you so much. Is that it??

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Yes, that's all. :)

Last steps:

Step 1

* Go to start > run and copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Step 2

To enable CD Emulation programs using DeFogger please perform these steps:

  1. Please download DeFogger to your desktop.
  2. Once downloaded, double-click on the DeFogger icon to start the tool.
  3. The application window will now appear. You should now click on the Enable button to enable your CD Emulation drivers
  4. When it prompts you whether or not you want to continue, please click on the Yes button to continue
  5. When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  6. If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

Step 3

Please manually delete Defogger, Dr.Web CureIt, mbam-setup, mbam-clean and DDS.

Step 4

Please uninstall ESET Online Scanner.

Step 5

Some malware preventions:

http://forums.malwarebytes.org/index.php?showtopic=9365

Safe surfing! B)

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.