Virus: Backdoor:Win32/Fynloski.A keeps reappearing.

Hi,

It may be injected via something else that is on your system, and not being caught my MSE.

Download, install, update and run FREE Malwarebytes - post a log of the scan here so we can help further.

Regards,
Golden
 

My Computer My Computer

At a glance

Windows 10 Pro x64 ; Xubuntu x64Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz16GB Corsair Vengance DDR3 @ 661 MHz Dual Cha...EVGA NVidia GTX 560 1024MB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
Thanks for the reply! Here are my logs.
It did end up finding something so I removed it. Afterwards, I did a rescan and it didn't detect anything so hopefully it doesn't come back :)

Here is the log before I removed anything:
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2011.12.28.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jelesa :: JELESA-PC [administrator]

Protection: Enabled

12/27/2011 9:19:31 PM
mbam-log-2011-12-27 (22-14-08).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 282856
Time elapsed: 52 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> No action taken.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Svchost (Backdoor.Bot) -> Data: C:\Java\RE\uSvchost.com -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Jelesa\AppData\Local\Temp\dclogs\2011-12-17-7.dc (Stolen.Data) -> No action taken.
C:\Users\Jelesa\AppData\Local\Temp\dclogs\2011-12-18-1.dc (Stolen.Data) -> No action taken.
C:\Users\Jelesa\AppData\Local\Temp\dclogs\2011-12-25-1.dc (Stolen.Data) -> No action taken.
C:\Users\Jelesa\AppData\Local\Temp\dclogs\2011-12-27-3.dc (Stolen.Data) -> No action taken.

(end)
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64
Please uninstall Java, and Flash for the time being.

Also clean out your Temp folder in AppData.
 

My Computer My Computer

At a glance

Windows 7 Ultimate SP1 - 64 BitIntel Core i5 2500k2x4GB DDR3 1333HzAti Radeon 6770
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Novatech iRush Pro
OS
Windows 7 Ultimate SP1 - 64 Bit
CPU
Intel Core i5 2500k
Motherboard
Foxconn H67M-S/H67M-V/H67
Memory
2x4GB DDR3 1333Hz
Graphics Card(s)
Ati Radeon 6770
Sound Card
None
Monitor(s) Displays
Samsung S22B150
Screen Resolution
1920x1080
Hard Drives
2x500GB
PSU
500W
Cooling
Fan
Keyboard
HP KU0316
Mouse
Wireless Logitech M185
Internet Speed
20MB/s
Antivirus
Avast Free
Browser
Google Chrome
Other Info
Logitech M185 Mouse
KU-M316 Keyboard
I can't find Java/Flash installed on my computer? Its not in the "uninstall programmes" list and I did a search through my program files in the C:drive as well as the search on the start up menu.

As for the "Temp folder in AppData" I can't delete this file!!
FXSAPIDebugLogFile

it keeps saying its opened in windows explorer
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64
OK. Now can you follow up using this online scanner:

ESET Online Scanner

Post back here when its done.

Regards,
Golden
 

My Computer My Computer

At a glance

Windows 10 Pro x64 ; Xubuntu x64Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz16GB Corsair Vengance DDR3 @ 661 MHz Dual Cha...EVGA NVidia GTX 560 1024MB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
Heres my ESET log


C:\Users\Jelesa\AppData\Local\Temp\RarSFX1\uSvchost.com probably a variant of Win32/Delf.NIKFSTJ trojan cleaned by deleting - quarantined
C:\Users\Jelesa\AppData\Local\Temp\RarSFX2\uSvchost.com probably a variant of Win32/Delf.NIKFSTJ trojan cleaned by deleting - quarantined
C:\Users\Jelesa\AppData\Local\Temp\RarSFX3\uSvchost.com probably a variant of Win32/Delf.NIKFSTJ trojan cleaned by deleting - quarantined
C:\Users\Jelesa\AppData\Local\Temp\RarSFX4\uSvchost.com probably a variant of Win32/Delf.NIKFSTJ trojan cleaned by deleting - quarantined
C:\Users\Jelesa\AppData\Local\Temp\RarSFX5\uSvchost.com probably a variant of Win32/Delf.NIKFSTJ trojan cleaned by deleting - quarantined
C:\Users\Jelesa\Documents\ICO\MsgPlusLive-490.exe a variant of Win32/MessengerPlus application cleaned by deleting - quarantined
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64

My Computer My Computer

At a glance

Windows 7 Home Premium x64Core i7 2600K4GB DDR3 Kingston HyperXGigabyte GTX 670
Computer Manufacturer/Model Number
Homebuilt
OS
Windows 7 Home Premium x64
CPU
Core i7 2600K
Motherboard
Asus P8Z77-V LX
Memory
4GB DDR3 Kingston HyperX
Graphics Card(s)
Gigabyte GTX 670
Sound Card
Realtek HD Audio
Monitor(s) Displays
Delium Monitor
Screen Resolution
1360 x 768
Hard Drives
C: (500GB)
PSU
Corsair 620W
Case
Antec
Cooling
Cooling Master
Keyboard
Logitech
Mouse
Logitech wireless mouse M 505
Internet Speed
60MBPS
Hitmanpro log


<?xml version="1.0"?>
-<Log filesProcessed="7299" timeSpentInSecs="224" date="2011-12-28T12:18:19" version="3.6.0.137" scan="Normal" computer="JELESA-PC">-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.coach.ca"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.eqads.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.geekswithblogs.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.networldmedia.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adtechus.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:eset.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:getclicky.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleads.g.doubleclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:gr.burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:livejasmin.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mswmw7mobilemainprod.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:onestopinternet.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:rotator.adjuggler.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:static.getclicky.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.buildtraffic.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.itsssl.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:trafficmp.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Roaming\Microsoft\Windows\Cookies\IHF22MH1.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Roaming\Microsoft\Windows\Cookies\O3RU22MM.txt"/></Item></Log>
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64
JLsa said:
Hitmanpro log


<?xml version="1.0"?>
-<Log filesProcessed="7299" timeSpentInSecs="224" date="2011-12-28T12:18:19" version="3.6.0.137" scan="Normal" computer="JELESA-PC">-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.coach.ca"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.eqads.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.geekswithblogs.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.networldmedia.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adtechus.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:eset.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:getclicky.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleads.g.doubleclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:gr.burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:livejasmin.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:mswmw7mobilemainprod.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:onestopinternet.122.2o7.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:rotator.adjuggler.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:static.getclicky.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.buildtraffic.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.itsssl.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:trafficmp.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Roaming\Microsoft\Windows\Cookies\IHF22MH1.txt"/></Item>-<Item status="Deleted" score="0.0" type="Repair"><File path="C:\Users\Jelesa\AppData\Roaming\Microsoft\Windows\Cookies\O3RU22MM.txt"/></Item></Log>
Click to expand...
Well.... is it fixed now ???
if not.....
try: Anti-rootkit utility TDSSKiller
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Core i7 2600K4GB DDR3 Kingston HyperXGigabyte GTX 670
Computer Manufacturer/Model Number
Homebuilt
OS
Windows 7 Home Premium x64
CPU
Core i7 2600K
Motherboard
Asus P8Z77-V LX
Memory
4GB DDR3 Kingston HyperX
Graphics Card(s)
Gigabyte GTX 670
Sound Card
Realtek HD Audio
Monitor(s) Displays
Delium Monitor
Screen Resolution
1360 x 768
Hard Drives
C: (500GB)
PSU
Corsair 620W
Case
Antec
Cooling
Cooling Master
Keyboard
Logitech
Mouse
Logitech wireless mouse M 505
Internet Speed
60MBPS
Haha I hope so? Everytime someone tells me to run a scan I find something new... running my Microsoft security essentials again right now to see if it finds anything

Thanks for the help guys! :o
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64
JLsa said:
Haha I hope so? Everytime someone tells me to run a scan I find something new... running my Microsoft security essentials again right now to see if it finds anything

Thanks for the help guys! :o
Click to expand...

No Problem your welcome :)
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Core i7 2600K4GB DDR3 Kingston HyperXGigabyte GTX 670
Computer Manufacturer/Model Number
Homebuilt
OS
Windows 7 Home Premium x64
CPU
Core i7 2600K
Motherboard
Asus P8Z77-V LX
Memory
4GB DDR3 Kingston HyperX
Graphics Card(s)
Gigabyte GTX 670
Sound Card
Realtek HD Audio
Monitor(s) Displays
Delium Monitor
Screen Resolution
1360 x 768
Hard Drives
C: (500GB)
PSU
Corsair 620W
Case
Antec
Cooling
Cooling Master
Keyboard
Logitech
Mouse
Logitech wireless mouse M 505
Internet Speed
60MBPS
Flush the DNS cache

Open an elevated command prompt....type or copy/paste ipconfig /flushdns press 'enter'
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Flushed the DNS cache! and ran MSE again and it didn't find anything :D hopefully this backdoor virus thing is gone now!

thanks a ton guys!!
 

My Computer My Computer

At a glance

Windows 7 ultimate x64
OS
Windows 7 ultimate x64

My Computer My Computer

At a glance

Windows 7 Home Premium x64Core i7 2600K4GB DDR3 Kingston HyperXGigabyte GTX 670
Computer Manufacturer/Model Number
Homebuilt
OS
Windows 7 Home Premium x64
CPU
Core i7 2600K
Motherboard
Asus P8Z77-V LX
Memory
4GB DDR3 Kingston HyperX
Graphics Card(s)
Gigabyte GTX 670
Sound Card
Realtek HD Audio
Monitor(s) Displays
Delium Monitor
Screen Resolution
1360 x 768
Hard Drives
C: (500GB)
PSU
Corsair 620W
Case
Antec
Cooling
Cooling Master
Keyboard
Logitech
Mouse
Logitech wireless mouse M 505
Internet Speed
60MBPS
You must log in or register to reply here.

Similar threads

Solved Deleted Desktop Folder Keeps Reappearing
Replies
14
Views
109K
Callender
Callender
Windows 7 Remote Desktop Keeps Reappearing
2
Replies
22
Views
8K
Ztruker
Ztruker
$RECYCLE.BIN Folder keeps reappearing...
2
Replies
38
Views
37K
MilesAhead
MilesAhead
Windows update balloon keeps reappearing
Replies
19
Views
19K
redbirdpat
R
Back
Top