Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Drop.Agent.AB Help


  • Please log in to reply
8 replies to this topic

#1 invoker

invoker

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 07:05 AM

Hy bro..

I have same problem with broni.

but this effected my laptop. i can't make it online.

it has attacked by malware.

 

 

my avira didn't change anything.

sorry if my english is bad.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:35 PM

Posted 14 February 2013 - 06:17 PM

Welcome aboard

 

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 invoker

invoker
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 11:16 PM

when star the SecurityCheck.exe..

it shown "Error Message"

windows cannot find " SecurityCheck\SecurityCheck.bat'. Make sure you typed the name correctly, and then try again.



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:35 PM

Posted 14 February 2013 - 11:17 PM

Delete your file, download fresh one and try again.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 invoker

invoker
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 11:19 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by C0MPAQ (administrator) on 15-02-2013 at 11:18:05
Running from "C:\Users\C0MPAQ\Desktop"
Windows 7 Ultimate  (X86)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Realtek RTL8191SE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/14/2013 07:18:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x00be1000
Faulting process id: 0x214
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
Error: (02/14/2013 07:17:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x00be1000
Faulting process id: 0x514
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
Error: (02/14/2013 04:28:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x00be1000
Faulting process id: 0xe50
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
Error: (02/14/2013 04:28:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 2.2.4.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 2.2.4.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x0020e000
Faulting process id: 0xd14
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
Error: (02/14/2013 04:28:04 PM) (Source: RasClient) (User: )
Description: CoId={8302197C-18D0-4E8D-B792-9EC2840790CB}: The user C0MPAQ-CQ42\C0MPAQ dialed a connection named ZTE Wireless Terminal which has failed. The error code returned on failure is 691.
 
Error: (02/14/2013 04:26:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Faulting module name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00046000
Faulting process id: 0xffc
Faulting application start time: 0xbordbg70.exe0
Faulting application path: bordbg70.exe1
Faulting module path: bordbg70.exe2
Report Id: bordbg70.exe3
 
Error: (02/14/2013 04:26:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Faulting module name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00046000
Faulting process id: 0xc58
Faulting application start time: 0xbordbg70.exe0
Faulting application path: bordbg70.exe1
Faulting module path: bordbg70.exe2
Report Id: bordbg70.exe3
 
Error: (02/14/2013 04:26:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Faulting module name: bordbg70.exe, version: 50.4.227.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00046000
Faulting process id: 0x7e4
Faulting application start time: 0xbordbg70.exe0
Faulting application path: bordbg70.exe1
Faulting module path: bordbg70.exe2
Report Id: bordbg70.exe3
 
Error: (02/14/2013 04:26:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x00be1000
Faulting process id: 0x5f4
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
Error: (02/14/2013 04:25:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Faulting module name: App.exe, version: 0.0.0.0, time stamp: 0x3574a5b4
Exception code: 0xc0000005
Fault offset: 0x00be1000
Faulting process id: 0xe00
Faulting application start time: 0xApp.exe0
Faulting application path: App.exe1
Faulting module path: App.exe2
Report Id: App.exe3
 
 
System errors:
=============
Error: (02/15/2013 09:44:33 AM) (Source: Service Control Manager) (User: )
Description: The UDisk Monitor service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (02/15/2013 09:42:13 AM) (Source: DCOM) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding2{995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/14/2013 08:55:06 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding2{995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/14/2013 08:36:22 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 20:34:50 on ?14/?02/?2013 was unexpected.
 
Error: (02/14/2013 06:42:39 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding2{995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/14/2013 06:05:24 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/14/2013 06:05:24 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
 
Error: (02/14/2013 06:05:24 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
Error: (02/14/2013 06:04:25 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (02/14/2013 06:04:25 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (01/16/2013 03:18:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 10, Application Name: Microsoft Office Visio, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 72 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (01/16/2013 03:14:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 10, Application Name: Microsoft Office Visio, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 57 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 2997.86 MB
Available physical RAM: 1643.71 MB
Total Pagefile: 5994 MB
Available Pagefile: 4132.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.88 MB
 
========================= Partitions: =====================================
 
1 Drive c: (7 Ultimate) (Fixed) (Total:68.35 GB) (Free:42.07 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:114.84 GB) (Free:114.77 GB) FAT32
3 Drive e: (Hiburan) (Fixed) (Total:114.87 GB) (Free:58.39 GB) NTFS
5 Drive g: (HP v225w) (Removable) (Total:7.59 GB) (Free:2.4 GB) FAT32
 
========================= Users: ========================================
 
**** End of log ****


#6 invoker

invoker
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 11:22 PM

It's same.. i already doing this two times.

it's shown same message, whic ScurityCheck



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:35 PM

Posted 14 February 2013 - 11:23 PM

Skip it.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 invoker

invoker
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 11:23 PM

Farbar Service Scanner Version: 10-02-2013
Ran by C0MPAQ (administrator) on 15-02-2013 at 11:23:13
Running from "C:\Users\C0MPAQ\Desktop"
Windows 7 Ultimate  (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
WAN connected
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
 
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
 
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll
[2009-07-14 06:53] - [2009-07-14 08:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E
 
C:\Windows\system32\bfe.dll
[2009-07-14 06:54] - [2009-07-14 08:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11
 
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-14 06:23] - [2009-07-14 08:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446
 
C:\Windows\system32\vssvc.exe
[2009-07-14 06:24] - [2009-07-14 08:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C
 
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-14 07:15] - [2009-07-14 08:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1
 
C:\Windows\system32\qmgr.dll
[2009-07-14 06:30] - [2009-07-14 08:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4
 
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#9 invoker

invoker
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:35 AM

Posted 14 February 2013 - 11:26 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2012.12.14.11
 
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
C0MPAQ :: C0MPAQ-CQ42 [administrator]
 
Protection: Enabled
 
14/02/2013 17:54:56
mbam-log-2013-02-14 (17-54-56).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196571
Time elapsed: 3 minute(s), 32 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Program Files\Microsoft\WaterMark.exe (Trojan.Agent) -> Quarantined and deleted successfully.
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users