Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Was told i have a zeroaccess infection. Do not know how to remove!


  • This topic is locked This topic is locked
3 replies to this topic

#1 Ukins

Ukins

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 13 May 2014 - 10:13 PM

Ads everywhere on browser and new tabs with ads popping up. Popups are from adsdelivery1.com and redirect immediately. Posted here and was told i have a zero access infection. I found some suspicious things in system32 that popped up around the time i downloaded some stuff. Nothing in my programs out of the ordinary and malwarebytes cant find anything. Was told i have a zeroaccess infection here: http://www.bleepingcomputer.com/forums/t/534251/i-think-i-can-see-the-virus-but-i-dont-know-what-to-do/ (THE ATTACH.TXT WILL NOT STOP PENDING, IT HAS BEEN PENDING FOR 10 MINUTES SO I'M JUST GONNA POST WITHOUT IT IN CASE SOMEONE KNOWS WHATS WRONG.) Here are my logs: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16686 Run by Chai3 at 21:49:49 on 2014-05-13 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3893.1613 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\Chai3\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Chai3\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\MSR\Privoxy\privoxy.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SndVol.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mSearch Page = hxxp://search.v9.com/web/?type=ds&ts=1399686850&from=irs&uid=WDCXWD3200BPVT-75ZEST0_WD-WX51A215387853878&i=psd&t=342474399&q={searchTerms} mDefault_Page_URL = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com uProxyServer = hxxp=127.0.0.1:8118;https=127.0.0.1:8118 uProxyOverride = uURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll mWinlogon: Userinit = userinit.exe, BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Price Check by AOL: {D25B97E9-62B2-40CE-BECF-E43A7B879072} - C:\Program Files (x86)\Price Check by AOL\aolpricecheck.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray uRun: [Akamai NetSession Interface] "C:\Users\Chai3\AppData\Local\Akamai\netsession_win.exe" uRun: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [BlockNSurf] C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{6CBB3538-5124-406D-949E-899D0BBB7DBB} : DHCPNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{CD783440-040F-45DC-82D0-9242788D66BB} : NameServer = 0.0.0.0 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\249676379637475627 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\3425F4353575146554D293664656 : DHCPNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\445645F6E696F6 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\75869647560556E6765796E6 : DHCPNameServer = 24.248.133.30 68.105.28.11 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\96051646 : DHCPNameServer = 172.26.38.1 172.26.38.2 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E72374C0-CF61-4C76-9363-63156BF0B599}\D69734963736F6D27657563747 : DHCPNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = hxxp://www.v9.com/?type=hp&ts=1399686850&from=irs&uid=WDCXWD3200BPVT-75ZEST0_WD-WX51A215387853878&i=psd&t=342474399 x64-mSearch Page = hxxp://search.v9.com/web/?type=ds&ts=1399686850&from=irs&uid=WDCXWD3200BPVT-75ZEST0_WD-WX51A215387853878&i=psd&t=342474399&q={searchTerms} x64-mDefault_Page_URL = hxxp://www.v9.com/?type=hp&ts=1399686850&from=irs&uid=WDCXWD3200BPVT-75ZEST0_WD-WX51A215387853878&i=psd&t=342474399 x64-mDefault_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1399686850&from=irs&uid=WDCXWD3200BPVT-75ZEST0_WD-WX51A215387853878&i=psd&t=342474399&q={searchTerms} x64-BHO: EExstraCoupon: {3CB1B697-7D75-F56A-C625-5E8A80CA84EB} - x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Plugin for Media Finder: {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Chai3\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: sUrrf and ikeeP: {B6CB7AEF-E88E-D669-7291-900ECFDF87C2} - x64-BHO: YoutubeAdblocker: {D80E5860-AD8D-F92A-857A-E7557012B108} - x64-BHO: YoutubeAdblocker: {F389C397-E084-00DF-606F-848A192FF47B} - x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-11-9 98208] R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720] R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992] R2 RIM MDNS;RIM MDNS;C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe [2013-11-28 389632] R2 RIM Tunnel Service;BlackBerry Link Communication Manager;C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe [2013-11-28 1304064] R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-9-19 106472] R2 System Update kb70007;System Update kb70007;C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe [2014-5-9 16384] R3 BlackBerry Device Manager;BlackBerry Device Manager;C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe [2013-9-9 585728] R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-5-25 83456] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-17 7680512] R3 rimvndis;BlackBerry Virtual Private Network;C:\Windows\System32\drivers\rimvndis6_AMD64.sys [2013-11-28 17920] S2 1a34a8e0;SW.Sustainer;C:\Windows\System32\rundll32.exe [2009-7-13 45568] S2 BrowserDefendert;BrowserDefendert;C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe --> C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856] S2 d0e87c27;SW-Sustainer;C:\Windows\System32\rundll32.exe [2009-7-13 45568] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-5-25 114560] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-5-25 252928] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-9 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-21 59392] S3 usbrndis6;USB RNDIS6 Adapter;C:\Windows\System32\drivers\usb80236.sys [2013-3-13 19968] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-9 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] . =============== Created Last 30 ================ . 2014-05-11 18:00:14 -------- d-----w- C:\ProgramData\BlueStacksSetup 2014-05-10 11:28:02 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{137A1268-AC6E-417C-BA72-16F37E62E951}\offreg.dll 2014-05-10 01:51:59 -------- d-----w- C:\Users\Chai3\AppData\Roaming\v9 2014-05-10 01:51:52 -------- d-----w- C:\Windows\Microsoft 2014-05-10 01:48:27 -------- d-----w- C:\Program Files (x86)\MSR 2014-05-10 01:44:25 -------- d-----w- C:\Users\Chai3\AppData\Roaming\GetPrivate 2014-05-10 01:44:00 -------- d-----w- C:\Users\Chai3\AppData\Roaming\Wise 2014-05-10 01:37:40 -------- d-----w- C:\Windows\SysWow64\X86 2014-05-10 01:37:40 -------- d-----w- C:\Windows\SysWow64\AMD64 2014-05-10 01:37:32 -------- d-----w- C:\ProgramData\ItsReadyApp 2014-05-10 01:37:26 -------- d-----w- C:\Program Files (x86)\SW-Booster 2014-05-10 01:34:12 -------- d-----w- C:\Program Files (x86)\Insaniquarium! Deluxe 2014-05-10 01:32:54 -------- d-----w- C:\ProgramData\Big Fish 2014-05-10 01:32:53 -------- d-----w- C:\Program Files (x86)\bfgclient 2014-05-10 01:32:06 -------- d-----w- C:\Users\Chai3\AppData\Local\Big Fish 2014-05-10 01:32:05 -------- d-----w- C:\BigFishCache 2014-05-09 08:16:10 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{137A1268-AC6E-417C-BA72-16F37E62E951}\mpengine.dll 2014-05-08 21:33:56 983040 ----a-w- C:\Windows\FeedingFrenzy.scr 2014-05-08 21:33:52 -------- d-----w- C:\ProgramData\PopCap Games 2014-05-08 21:33:52 -------- d-----w- C:\Program Files (x86)\PopCap Games . ==================== Find3M ==================== . 2014-04-29 11:36:08 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-29 11:36:08 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-03-27 01:40:06 0 ----a-w- C:\Windows\SysWow64\REN146D.tmp 2014-03-27 01:40:06 0 ----a-w- C:\Windows\SysWow64\REN145C.tmp 2014-03-26 21:02:17 4210176 ----a-w- C:\Program Files (x86)\SW_x64.Booster . ============= FINISH: 21:50:00.19 ===============

BC AdBot (Login to Remove)

 


#2 Clairvoyant

Clairvoyant

  • Malware Response Team
  • 1,564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere in time
  • Local time:09:22 AM

Posted 15 May 2014 - 02:41 PM

Hello Ukins and welcome to BC.  :welcome: 


I will be helping with your computer problems.

Before starting please note the following:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know
  • Do not make any changes on your own to the computer (installing/uninstall programs, deleting files, modifying the registry, running scanners or other tools, etc.) without instructions to do it
  • Please read every post completely and perform all steps in the specified order. If you can't understand something or you encounter problems please stop and let me know
  • Do not attach logs, use code or quote boxes. Just copy and paste the text unless directed otherwise
  • Even if things appear to be better, it does not mean we have finished. Follow my instructions and reply back until I tell you that your computer is clean.
  • Please reply using the Add Reply button in the lower right hand corner of your screen

Your log is not posted correctly, please do a new scan with DDS and post the log again.

Please also try again to attach the attach.txt file. If it not works, paste its contents in a new post here.

 

Regards


Edited by Clairvoyant, 15 May 2014 - 02:45 PM.


#3 Clairvoyant

Clairvoyant

  • Malware Response Team
  • 1,564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:somewhere in time
  • Local time:09:22 AM

Posted 18 May 2014 - 09:21 AM

Hello Ukins,

 

are you still with us?

If you will not reply in the next two days, the topic will be closed.

 

 

Regards



#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:22 AM

Posted 20 May 2014 - 11:58 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users