Jump to content

Recommended Posts

Hi all

I am in desperate need of some expert help here (before I throw my inlaws computer out the window!!!!!!!)

My MIL asked me to help her at 5pm yesterday (it is now currently 12.10am Australia time), Well Im still sitting here trying to fix this >.<

Her initial problem was a fakeAV virus. She contacted TrendMicro (she has titanium protection) and they emailed her a FakeAVremover. I have installed this and followed the steps and as of now, it apears to have been removed from the system. HOWEVER, as soon as I had finished removing the fakeAV, I was helping her to move some pics over to her ext.HD and I recieved the following error message

untitled4.jpg

I was unable to close the windows so I opened the task manager and a few seconds later the windows closed and everything was 'normal'. I repeated the process of opening the ext.hd and pic folder and I had the same issue only this time it was the always infuriating 'Windows has encountered a problem and needs to close' I realised something was very wrong and started my google search.

So far, I have tried the following:

1) click Start>Run>type regedit.exe click OK

2) Locate and click the following registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug-

this did not work as once in Microsoft folder, there was no Windows NT file.

After following the instructions to disable the Dr Watson program she

followed the following steps, which did not work as the Dr watson program is

still installed on the computer

Deleting Dr. Watson Debugger

a.. Log in to the Windows XP administrator account.

b.. Click the "Start" button and then "Run" in the Start menu.

c.. Type "cmd" followed by pressing "Enter" to open a command prompt

window.

d.. Type "cd c:\windows\system32" and press "Enter."

e.. Type "del drwtsn32.exe" and press "Enter" to delete Dr. Watson

f.. ___________________________________________________

The final mothod below, also did not work.

Remove drwtsn32.exe from 'Run' or 'RunOnce' in your registry and that should

stop annoying you. When the registry values are set to disable, it won't run

on its own [autorun] even if an error occurs.

I have tried several other ideas (deleting temp browsing history etc..)

untitled.jpg

untitled3.jpg

PLEASE HELP!! Im going mad!!

Link to post
Share on other sites

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 5/03/2005 11:34:18 PM

System Uptime: 15/04/2011 9:08:13 PM (3 hours ago)

.

Motherboard: ASUSTek Computer INC. | | Salmon

Processor: AMD Athlon 64 Processor 3200+ | Socket 754 | 2210/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 71 GiB total, 48.898 GiB free.

D: is FIXED (FAT32) - 4 GiB total, 0.559 GiB free.

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}

Description: CD-ROM Drive

Device ID: IDE\CDROMHL-DT-ST_DVDRRW_GWA-4083B_______________1.09____\5&9A4E45F&0&0.0.0

Manufacturer: (Standard CD-ROM drives)

Name: HL-DT-ST DVDRRW GWA-4083B

PNP Device ID: IDE\CDROMHL-DT-ST_DVDRRW_GWA-4083B_______________1.09____\5&9A4E45F&0&0.0.0

Service: cdrom

.

==== System Restore Points ===================

.

RP1358: 16/01/2011 5:09:21 PM - System Checkpoint

RP1359: 17/01/2011 5:16:47 PM - System Checkpoint

RP1360: 18/01/2011 5:55:06 PM - System Checkpoint

RP1361: 19/01/2011 6:25:49 PM - System Checkpoint

RP1362: 20/01/2011 7:21:13 PM - System Checkpoint

RP1363: 22/01/2011 2:51:39 PM - System Checkpoint

RP1364: 23/01/2011 3:08:51 PM - System Checkpoint

RP1365: 24/01/2011 5:33:25 PM - System Checkpoint

RP1366: 25/01/2011 5:35:14 PM - System Checkpoint

RP1367: 27/01/2011 9:50:59 AM - System Checkpoint

RP1368: 28/01/2011 10:45:17 AM - System Checkpoint

RP1369: 29/01/2011 3:50:59 PM - System Checkpoint

RP1370: 30/01/2011 3:57:36 PM - System Checkpoint

RP1371: 31/01/2011 5:36:51 PM - System Checkpoint

RP1372: 2/02/2011 7:08:40 AM - System Checkpoint

RP1373: 3/02/2011 8:39:05 AM - System Checkpoint

RP1374: 4/02/2011 9:23:50 AM - System Checkpoint

RP1375: 5/02/2011 9:32:07 AM - System Checkpoint

RP1376: 6/02/2011 6:16:02 PM - System Checkpoint

RP1377: 7/02/2011 6:31:34 PM - System Checkpoint

RP1378: 8/02/2011 6:39:59 PM - System Checkpoint

RP1379: 9/02/2011 7:03:45 PM - System Checkpoint

RP1380: 9/02/2011 7:58:30 PM - Software Distribution Service 3.0

RP1381: 10/02/2011 8:46:04 PM - System Checkpoint

RP1382: 12/02/2011 5:49:49 PM - System Checkpoint

RP1383: 13/02/2011 6:26:51 PM - System Checkpoint

RP1384: 14/02/2011 6:30:12 PM - System Checkpoint

RP1385: 15/02/2011 6:47:25 PM - System Checkpoint

RP1386: 17/02/2011 8:01:01 AM - System Checkpoint

RP1387: 18/02/2011 8:26:58 AM - System Checkpoint

RP1388: 19/02/2011 9:55:41 AM - System Checkpoint

RP1389: 20/02/2011 7:38:40 PM - System Checkpoint

RP1390: 22/02/2011 9:08:24 AM - System Checkpoint

RP1391: 23/02/2011 9:22:31 AM - System Checkpoint

RP1392: 26/02/2011 8:48:14 AM - System Checkpoint

RP1393: 27/02/2011 10:24:28 AM - System Checkpoint

RP1394: 28/02/2011 3:36:11 PM - System Checkpoint

RP1395: 1/03/2011 5:35:23 PM - System Checkpoint

RP1396: 2/03/2011 5:44:04 PM - System Checkpoint

RP1397: 4/03/2011 11:23:46 AM - System Checkpoint

RP1398: 5/03/2011 12:40:08 PM - System Checkpoint

RP1399: 6/03/2011 1:03:09 PM - System Checkpoint

RP1400: 7/03/2011 1:51:11 PM - System Checkpoint

RP1401: 8/03/2011 1:54:21 PM - System Checkpoint

RP1402: 9/03/2011 2:40:23 PM - System Checkpoint

RP1403: 9/03/2011 10:14:43 PM - Software Distribution Service 3.0

RP1404: 10/03/2011 10:30:21 PM - System Checkpoint

RP1405: 12/03/2011 4:06:30 PM - System Checkpoint

RP1406: 13/03/2011 4:19:34 PM - System Checkpoint

RP1407: 14/03/2011 4:32:16 PM - System Checkpoint

RP1408: 15/03/2011 4:41:34 PM - System Checkpoint

RP1409: 16/03/2011 5:35:54 PM - System Checkpoint

RP1410: 16/03/2011 9:45:22 PM - Software Distribution Service 3.0

RP1411: 18/03/2011 12:22:07 PM - System Checkpoint

RP1412: 19/03/2011 12:59:13 PM - System Checkpoint

RP1413: 20/03/2011 1:14:21 PM - System Checkpoint

RP1414: 21/03/2011 2:08:33 PM - System Checkpoint

RP1415: 22/03/2011 2:13:28 PM - System Checkpoint

RP1416: 27/03/2011 9:51:16 AM - System Checkpoint

RP1417: 27/03/2011 8:00:45 PM - Software Distribution Service 3.0

RP1418: 28/03/2011 8:03:53 PM - System Checkpoint

RP1419: 29/03/2011 8:22:41 PM - System Checkpoint

RP1420: 30/03/2011 8:51:10 PM - System Checkpoint

RP1421: 31/03/2011 9:39:48 PM - System Checkpoint

RP1422: 2/04/2011 10:06:56 AM - System Checkpoint

RP1423: 3/04/2011 1:50:08 PM - System Checkpoint

RP1424: 4/04/2011 2:26:44 PM - System Checkpoint

RP1425: 5/04/2011 2:42:00 PM - System Checkpoint

RP1426: 6/04/2011 3:36:07 PM - System Checkpoint

RP1427: 7/04/2011 6:57:30 PM - System Checkpoint

RP1428: 8/04/2011 7:34:27 PM - System Checkpoint

RP1429: 10/04/2011 5:27:12 PM - System Checkpoint

RP1430: 11/04/2011 5:51:12 PM - System Checkpoint

RP1431: 12/04/2011 6:13:54 PM - System Checkpoint

RP1432: 13/04/2011 7:10:28 PM - System Checkpoint

RP1433: 14/04/2011 7:30:53 PM - System Checkpoint

RP1434: 15/04/2011 5:25:57 PM - Software Distribution Service 3.0

RP1435: 15/04/2011 7:51:42 PM - Removed iTunes

RP1436: 15/04/2011 9:10:12 PM - Removed Apple Software Update

RP1437: 15/04/2011 9:11:58 PM - Removed iTunes

.

==== Installed Programs ======================

.

.

1300

1300_Help

1300Tour

1300Trb

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 7.1.0

Agere Systems PCI Soft Modem

AiO_Scan

AIOMinimal

AiOSoftware

Apple Application Support

Apple Mobile Device Support

ArcSoft Panorama Maker 3.0

Auslogics Disk Defrag

BigPond Username & Password Tool

BigPond Wireless Broadband 2.13.16

Bonjour

Canon Easy-WebPrint EX

Canon MP Navigator EX 3.0

Canon MP550 series MP Drivers

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

CK Creative Clips and Fonts for Home, Family & Pets

Compaq Connections

Copy

Craft ROBO Controller

CreativeProjects

Director

DocProc

Enhanced Multimedia Keyboard Solution

Fax

GdiplusUpgrade

Google Chrome

Google Update Helper

Help and Support Additions

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB954550-v5)

HP Image Zone 3.5

HP PSC & OfficeJet 3.5

HP Update

hpmdtab

HpSdpAppCoreApp

HPSystemDiagnostics

InstantShare

InterVideo WinDVD Creator 2

InterVideo WinDVD Player

Java 2 Runtime Environment, SE v1.4.2_03

Java Auto Updater

Java 6 Update 21

Java 6 Update 7

Malwarebytes' Anti-Malware

Memories Disc Creator 2.0

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Encarta Encyclopedia Standard - WE 2004

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft LifeCam

Microsoft Money

Microsoft Money System Pack

Microsoft National Language Support Downlevel APIs

Microsoft Picture It! Photo Standard 9

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Word 2002

Microsoft Works

Microsoft Works 2004 Setup Launcher

Microsoft Works Suite Add-in for Microsoft Word

Mozilla Firefox (3.5.18)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nikon View 6

NVIDIA Drivers

OGA Notifier 1.7.0105.35.0

OpenOffice.org Installer 1.0

overland

PhotoGallery

PrintScreen

Python 2.2 combined Win32 extensions

Python 2.2.1

QFolder

QuickProjects

QuickTime

Readme

RealPlayer

ROBO Master

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB975558)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982802)

Shockwave

SkinsHP1

SkinsHP2

Skype Toolbars

Skype

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6368

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

15/04/2011 11:39:24 PM

mbam-log-2011-04-15 (23-39-24).txt

Scan type: Quick scan

Objects scanned: 169107

Time elapsed: 4 minute(s), 39 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

_______________________________________________________________________

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6368

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

16/04/2011 12:59:16 AM

mbam-log-2011-04-16 (00-59-16).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 264989

Time elapsed: 1 hour(s), 16 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\documents and settings\all users\application data\cmf24500mhhjb24500\cmf24500mhhjb24500.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully.

c:\system volume information\_restore{ec671082-7a98-407d-87c9-526803b2bd9a}\RP1437\A0248025.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully.

c:\system volume information\_restore{ec671082-7a98-407d-87c9-526803b2bd9a}\RP1437\A0248024.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully.

c:\system volume information\_restore{ec671082-7a98-407d-87c9-526803b2bd9a}\RP1437\A0248026.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully.

c:\system volume information\_restore{ec671082-7a98-407d-87c9-526803b2bd9a}\RP1437\A0248027.exe (Rogue.MSRemovalTool) -> Quarantined and deleted successfully.

____________________________________________________________________________

Trend Micro Full Scan results

Date/Time,Affected Files,Threat,Source,Response

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(4).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(3).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(2).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(2).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(4).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011(3).exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 7:46 PM,C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\BestAntivirus2011.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:06 PM,C:\Documents and Settings\All Users\Application Data\cMf24500mHhJb24500\cMf24500mHhJb24500.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:10 PM,C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\kgie51qk.default\Cache\9014A3F8d01,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:33 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc224.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:33 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc225.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:33 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc227.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 8:33 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc228.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 9:52 PM,C:\Documents and Settings\All Users\Application Data\cMf24500mHhJb24500\cMf24500mHhJb24500.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 9:56 PM,C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\kgie51qk.default\Cache\9014A3F8d01,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc228.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc227.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc225.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc224.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc224.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc225.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc227.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:17 PM,C:\RECYCLER\S-1-5-21-3195001335-2236866023-2670201464-1007\Dc228.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:28 PM,C:\System Volume Information\_restore{EC671082-7A98-407D-87C9-526803B2BD9A}\RP1437\A0248024.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:28 PM,C:\System Volume Information\_restore{EC671082-7A98-407D-87C9-526803B2BD9A}\RP1437\A0248025.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:28 PM,C:\System Volume Information\_restore{EC671082-7A98-407D-87C9-526803B2BD9A}\RP1437\A0248026.exe,TROJ_GEN.R01C2DC,Threat,Detected

15/04/2011 10:28 PM,C:\System Volume Information\_restore{EC671082-7A98-407D-87C9-526803B2BD9A}\RP1437\A0248027.exe,TROJ_GEN.R01C2DC,Threat,Detected

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes,

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.