Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help with Firewall/Hacker

23 Jul 2013   #11
DigitalOctave

Windows x64
 
 
logs part one

[code]
HitmanPro 3.7.6.201
www.hitmanpro.com

Computer name . . . . : SOMEONES-PC
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Someones-PC\Enrique
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)

Scan date . . . . . . : 2013-07-23 01:18:04
Scan mode . . . . . . : Normal
Scan duration . . . . : 26m 8s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 556
Traces . . . . . . . : 3196

Objects scanned . . . : 31,756,167
Files scanned . . . . : 969,215
Remnants scanned . . : 29,953,891 files / 833,061 keys

Malware _____________________________________________________________________

C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\n -> Deleted
Size . . . . . . . : 42,496 bytes
Age . . . . . . . : 71.2 days (2013-05-12 20:58:28)
Entropy . . . . . : 5.3
SHA-256 . . . . . : 8244DDFCBA327A3F67A5582642C53241EE5E58D75808547CD74808BCDED272D0
> G Data . . . . . . : Trojan.Sirefef.KH
> Ikarus . . . . . . : Trojan.Win64!IK
Fuzzy . . . . . . : 115.0

C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000000.@ -> Deleted
Size . . . . . . . : 15,360 bytes
Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
Entropy . . . . . : 5.4
SHA-256 . . . . . : E483D414588EA9E002CFADD9786088D90557AEB473C0C5C62C8E4B34C58DBDB9
> G Data . . . . . . : Trojan.Generic.8044919
> Ikarus . . . . . . : Trojan.Win64!IK
Fuzzy . . . . . . : 110.0

C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000032.@ -> Deleted
Size . . . . . . . : 90,624 bytes
Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
Entropy . . . . . : 6.6
SHA-256 . . . . . : EF8766EFC0DDC7A56A71DBCC65200537988163512C70F9CE8CD44398943DE5AD
> G Data . . . . . . : Trojan.Sirefef.XL
> Ikarus . . . . . . : Trojan.Win32.Alureon!IK
Fuzzy . . . . . . : 110.0

C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000064.@ -> Deleted
Size . . . . . . . : 77,312 bytes
Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
Entropy . . . . . : 6.1
SHA-256 . . . . . : DBDAEA813662144D3D37323DDAB9C9DC63501FB09E9DA3C70325BE5CA816C92B
> G Data . . . . . . : Trojan.Sirefef.YA
> Ikarus . . . . . . : Trojan.Win64!IK
Fuzzy . . . . . . : 110.0

C:\Users\Enrique\AppData\Local\Temp\1393509943_minerd3.exe -> Deleted
Size . . . . . . . : 9,728 bytes
Age . . . . . . . : 45.3 days (2013-06-07 19:12:00)
Entropy . . . . . : 4.6
SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
Description . . . :
Version . . . . . : 0.0.0.0
Copyright . . . . :
> G Data . . . . . . : Gen:Variant.Kazy.158415
> Ikarus . . . . . . : Trojan.CoinMiner!IK
Fuzzy . . . . . . : 106.0

C:\Users\Enrique\AppData\Local\Temp\1393632607_minerd3.exe -> Deleted
Size . . . . . . . : 9,728 bytes
Age . . . . . . . : 45.3 days (2013-06-07 19:14:02)
Entropy . . . . . : 4.6
SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
Description . . . :
Version . . . . . : 0.0.0.0
Copyright . . . . :
> G Data . . . . . . : Gen:Variant.Kazy.158415
> Ikarus . . . . . . : Trojan.CoinMiner!IK
Fuzzy . . . . . . : 106.0

C:\Users\Enrique\AppData\Local\Temp\msimg32.dll -> Deleted
Size . . . . . . . : 147,968 bytes
Age . . . . . . . : 71.2 days (2013-05-12 20:58:28)
Entropy . . . . . : 7.7
SHA-256 . . . . . : A042B0B150765C698A909463F5E8CCF3B687C5150F88E3FA43A697C069B9744D
Product . . . . . : Microsoft® Windows® Operating System
Publisher . . . . : Microsoft Corporation
Description . . . : CertReq.exe
Version . . . . . : 6.1.7600.16385
Copyright . . . . : © Microsoft Corporation. All rights reserved.
> G Data . . . . . . : Trojan.GenericKDZ.17846
> Ikarus . . . . . . : Trojan-Dropper.Win32.Sirefef!IK
Fuzzy . . . . . . : 113.0

C:\Users\Enrique\AppData\Local\Temp\tmp32D4.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 45.3 days (2013-06-07 17:16:07)
Entropy . . . . . : 8.0
SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmp3C76.tmp.exe -> Quarantined
Size . . . . . . . : 435,200 bytes
Age . . . . . . . : 24.0 days (2013-06-29 01:35:54)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
Product . . . . . : The Dargon Project
Publisher . . . . : ItzWarty
Description . . . : Dargon Setup
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © ItzWarty 2012
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 113.0

C:\Users\Enrique\AppData\Local\Temp\tmp3DA6.tmp.exe -> Deleted
Size . . . . . . . : 758,272 bytes
Age . . . . . . . : 46.2 days (2013-06-06 20:27:42)
Entropy . . . . . : 8.0
SHA-256 . . . . . : CDBC12609746961EB1B623880E71211B91CB11FF67A7FA369D4A872249EA1794
Product . . . . . : ModellNvid
Description . . . : ModellNvid
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © ModellNvid 2013
> G Data . . . . . . : Gen:Variant.Zusy.49764
> Ikarus . . . . . . : Backdoor.Win32.Fynloski!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmp5FFD.tmp.exe -> Quarantined
Size . . . . . . . : 435,200 bytes
Age . . . . . . . : 24.0 days (2013-06-29 01:36:03)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
Product . . . . . : The Dargon Project
Publisher . . . . : ItzWarty
Description . . . : Dargon Setup
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © ItzWarty 2012
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 113.0

C:\Users\Enrique\AppData\Local\Temp\tmp6809.tmp.exe -> Deleted
Size . . . . . . . : 509,952 bytes
Age . . . . . . . : 45.3 days (2013-06-07 19:09:56)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 6F1864708A08FB79D319C6957F922EB5131C63252633D617229E839FC76DA9F8
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmp6894.tmp.exe -> Deleted
Size . . . . . . . : 759,808 bytes
Age . . . . . . . : 45.3 days (2013-06-07 17:54:34)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 6E6E752BB526C76207CEFC98A48DB3BDB4F06B279082005FD8DF727A47E058E0
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmp91E2.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 36.5 days (2013-06-16 12:35:39)
Entropy . . . . . : 8.0
SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0


My System SpecsSystem Spec
.
23 Jul 2013   #12
DigitalOctave

Windows x64
 
 
logs part two

C:\Users\Enrique\AppData\Local\Temp\tmpA987.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 36.5 days (2013-06-16 12:35:45)
Entropy . . . . . : 8.0
SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmpC229.tmp.exe -> Quarantined
Size . . . . . . . : 435,200 bytes
Age . . . . . . . : 24.0 days (2013-06-29 01:36:28)
Entropy . . . . . : 7.9
SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
Product . . . . . : The Dargon Project
Publisher . . . . : ItzWarty
Description . . . : Dargon Setup
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © ItzWarty 2012
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 113.0

C:\Users\Enrique\AppData\Local\Temp\tmpC6E9.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 45.3 days (2013-06-07 17:22:12)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 69ED1962035BA05F4687A589EFE1580C684F2465D79859A2B06EB6AF575FF252
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmpC6F8.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 45.3 days (2013-06-07 17:22:12)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 69ED1962035BA05F4687A589EFE1580C684F2465D79859A2B06EB6AF575FF252
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmpD034.tmp.exe -> Deleted
Size . . . . . . . : 758,272 bytes
Age . . . . . . . : 46.2 days (2013-06-06 20:22:52)
Entropy . . . . . : 8.0
SHA-256 . . . . . : CDBC12609746961EB1B623880E71211B91CB11FF67A7FA369D4A872249EA1794
Product . . . . . : ModellNvid
Description . . . : ModellNvid
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © ModellNvid 2013
> G Data . . . . . . : Gen:Variant.Zusy.49764
> Ikarus . . . . . . : Backdoor.Win32.Fynloski!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Local\Temp\tmpE62C.tmp.exe -> Deleted
Size . . . . . . . : 759,296 bytes
Age . . . . . . . : 45.3 days (2013-06-07 17:36:32)
Entropy . . . . . : 8.0
SHA-256 . . . . . : F8C8D57C414E8A1C2FB33D9A029123DEC8AB4DEF1BCAE43CC04B8F9D2D961101
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Roaming\etilqs_PRCMgrhnbTb.exe -> Quarantined
Size . . . . . . . : 796,160 bytes
Age . . . . . . . : 16.1 days (2013-07-06 23:45:20)
Entropy . . . . . : 7.9
SHA-256 . . . . . : D21FF949E5DB878128D0CD0D7A8578114231E9E29F933C9A1551AA0CC0125F6C
Product . . . . . : TeamViewer
Publisher . . . . : TeamViewer GmbH
Description . . . : TeamViewer 8
Version . . . . . : 8.0.18051.0
Copyright . . . . : TeamViewer GmbH
> G Data . . . . . . : Gen:Variant.Kazy.199289
Fuzzy . . . . . . : 114.0

C:\Users\Enrique\AppData\Roaming\JEsNE\miner.dll -> Quarantined
Size . . . . . . . : 343,552 bytes
Age . . . . . . . : 45.3 days (2013-06-07 18:20:23)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
Product . . . . . : xCoin Miner
Publisher . . . . : Ufasoft
Description . . . : coin-miner
Version . . . . . : 7.0.13047.0
Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
> Ikarus . . . . . . : Win32.Malware!IK
Fuzzy . . . . . . : 100.0

C:\Users\Enrique\AppData\Roaming\JEsNE\taskengine.exe -> Deleted
Size . . . . . . . : 84,992 bytes
Age . . . . . . . : 45.3 days (2013-06-07 18:20:31)
Entropy . . . . . : 7.0
SHA-256 . . . . . : EDDFA19BEDD75F5035D1F9FDAF261F2DA05DE81B7A2AED9070F190BA92EE5457
Product . . . . . : Demoridus
Description . . . : Demoridus
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © Demoridus 2013
> G Data . . . . . . : Trojan.GenericKDZ.20587
> Ikarus . . . . . . : Backdoor.Win32.Androm!IK
Fuzzy . . . . . . : 105.0

C:\Users\Enrique\AppData\Roaming\JvXsG\miner.dll -> Quarantined
Size . . . . . . . : 343,552 bytes
Age . . . . . . . : 43.3 days (2013-06-09 18:03:01)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
Product . . . . . : xCoin Miner
Publisher . . . . : Ufasoft
Description . . . : coin-miner
Version . . . . . : 7.0.13047.0
Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
> Ikarus . . . . . . : Win32.Malware!IK
Fuzzy . . . . . . : 100.0

C:\Users\Enrique\AppData\Roaming\JvXsG\taskengine.exe -> Deleted
Size . . . . . . . : 9,728 bytes
Age . . . . . . . : 43.3 days (2013-06-09 18:03:10)
Entropy . . . . . : 4.6
SHA-256 . . . . . : E6DF452CBBA18ADE99F470F1A5BBAC0AC6A04E81F8A9410DEA8061CF65D74F5F
Description . . . :
Version . . . . . : 0.0.0.0
Copyright . . . . :
> G Data . . . . . . : Gen:Variant.Kazy.158415
> Ikarus . . . . . . : Trojan.CoinMiner!IK
Fuzzy . . . . . . : 106.0

C:\Users\Enrique\AppData\Roaming\nBLut\miner.dll -> Quarantined
Size . . . . . . . : 343,552 bytes
Age . . . . . . . : 45.3 days (2013-06-07 19:12:04)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
Product . . . . . : xCoin Miner
Publisher . . . . : Ufasoft
Description . . . : coin-miner
Version . . . . . : 7.0.13047.0
Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
> Ikarus . . . . . . : Win32.Malware!IK
Fuzzy . . . . . . : 100.0

C:\Users\Enrique\AppData\Roaming\nBLut\taskengine.exe -> Deleted
Size . . . . . . . : 9,728 bytes
Age . . . . . . . : 45.3 days (2013-06-07 19:12:12)
Entropy . . . . . : 4.6
SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
Description . . . :
Version . . . . . : 0.0.0.0
Copyright . . . . :
> G Data . . . . . . : Gen:Variant.Kazy.158415
> Ikarus . . . . . . : Trojan.CoinMiner!IK
Fuzzy . . . . . . : 106.0

C:\Users\Enrique\AppData\Roaming\QMBVL\miner.dll -> Quarantined
Size . . . . . . . : 343,552 bytes
Age . . . . . . . : 45.2 days (2013-06-07 20:48:35)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
Product . . . . . : xCoin Miner
Publisher . . . . : Ufasoft
Description . . . : coin-miner
Version . . . . . : 7.0.13047.0
Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
> Ikarus . . . . . . : Win32.Malware!IK
Fuzzy . . . . . . : 100.0

C:\Users\Enrique\AppData\Roaming\QMBVL\taskengine.exe -> Deleted
Size . . . . . . . : 9,728 bytes
Age . . . . . . . : 45.2 days (2013-06-07 20:48:43)
Entropy . . . . . : 4.6
SHA-256 . . . . . : 35172527A17BBDEC75B42E34273534F6569E9F9CD40C6ACEC450424DD8E2861B
Description . . . :
Version . . . . . : 0.0.0.0
Copyright . . . . :
> G Data . . . . . . : Gen:Variant.Kazy.158415
> Ikarus . . . . . . : Trojan.CoinMiner!IK
Fuzzy . . . . . . : 106.0


Malware remnants ____________________________________________________________

C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\@ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\L\ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\L\00000004.@ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\00000004.@ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\00000008.@ (ZeroAccess) -> Deleted
C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\000000cb.@ (ZeroAccess) -> Deleted

Cookies _____________________________________________________________________

C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yealt.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:network.realmedia.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\04VOF1ER.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\0L7INRIW.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\0V2LDSJJ.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\11K6CL28.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\13N7ZDG7.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\3BX37ZTT.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\3DTFZNQA.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\4AS5OVOF.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\5QOYO3IH.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\67HR9D86.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\6ZCNYBQ4.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\7KJ73UE2.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\8UMAX4IZ.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\8UY7OKKO.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\9ELP55G0.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ALCRFIBX.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BIG70J8W.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BO5KOL5K.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BTGHAFVD.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\CA2IE50Q.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\DG6O8BLT.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\DVC1OHL6.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\EP6L7FFT.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\F14VATXU.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\F30HLGXT.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\FGDZW3FE.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\G93407YS.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\GKT2UA9J.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\GWGLEAJP.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\HVJW3AOP.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\IC4S4DAD.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\IJOJJAKF.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\INKPPIRD.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JCEIR16E.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JJ46FX2A.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JZ2QYBYO.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\KN4TA4SB.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\LR77EY8B.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\M6BM2YZQ.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\MU2CBIOI.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\MVDKOXYI.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\NS3P69KC.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\NXUGF9PX.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\O4CKD1TR.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\OS6WHYOP.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PCQ0TZJY.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PHTHMGZG.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PLA4B3IA.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Q73X0CA4.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\QU14YSZE.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\SR26RLCC.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\SYMJ0K3D.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\V35XRJRK.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\VC1FKK37.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\VK1NUMFS.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\W0TPRDZB.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\W9CVY010.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\XS9M1BFU.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Y82KARRS.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\YPBS1W0O.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Z06MK1I3.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Z4H20TVU.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ZXOS6B3C.txt
C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ZZXGVCTS.txt
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:apmebf.com
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:*********. net
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:dmtracker. com
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:doubleclic k.net
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:invitemedi a.com
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:mediaplex. com
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:microsofts to.112.2o7.net
C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:stats.payp al.com


[/code]
My System SpecsSystem Spec
23 Jul 2013   #13
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Delete the old frst.txt and rerun FRST.exe
My System SpecsSystem Spec
.

23 Jul 2013   #14
DigitalOctave

Windows x64
 
 

updated log


Attached Files
File Type: txt FRST.txt (110.4 KB, 1 views)
My System SpecsSystem Spec
23 Jul 2013   #15
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Copy and paste the code below into Notepad. To open Notepad, click on . Inside type notepad and then press <ENTER> button .

Code:
@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
cls
echo Script finished.
pause
del %0
In Notepad, click File and then Save. Type reset.bat inside file name section . Change Save as Type to All Files, and then save the file to your desktop. After the file is saved, right click on the RESET.bat choose . Once it's finished running, restart your computer. Check to see if your Internet connection is restored.

Once you're on the desktop . Rerun FSS .exe
My System SpecsSystem Spec
23 Jul 2013   #16
DigitalOctave

Windows x64
 
 

I dont have FSS.exe just FRST64.exe
My System SpecsSystem Spec
23 Jul 2013   #17
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Its on Post #2
My System SpecsSystem Spec
23 Jul 2013   #18
DigitalOctave

Windows x64
 
 
Update

Heres the newest log for FRST


Attached Files
File Type: txt FRST.txt (108.6 KB, 2 views)
My System SpecsSystem Spec
23 Jul 2013   #19
DigitalOctave

Windows x64
 
 
Sorry

Heres the FSS


Attached Files
File Type: txt FSS.txt (3.5 KB, 1 views)
My System SpecsSystem Spec
23 Jul 2013   #20
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Download Services Repair

Services Repair <=== Download Link

When done . Drag the file to your desktop

Right click on ServicesRepair.exe choose

Click on Yes or Continue . Once the tool has completed it will ask you to restart . Please restart the PC .

Then run

AdwCleaner

Click here AdwCleaner

Click on Download Now button

Save to the Desktop

Right-click on AdwCleaner.exe and choose

Click on Delete and confirm the prompt.



Your computer will be rebooted automatically. A text file will open after the restart.

Upload the log : The log file is at C:\AdwCleaner[Sn].txt
My System SpecsSystem Spec
Reply

 Help with Firewall/Hacker




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows firewall blocking .exe file even after firewall is disabled
Hey everyone, This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out. I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...
System Security
Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall i
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
System Security
Windows Firewall starts with 3rd party firewall installed and active
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
System Security
Can't share network with firewall on, can't reset firewall to default
I suddenly noticed my desktop wasn't on the network any more. On inspection, network discovery and file sharing was disabled. I tried to enable it, but it would not. I found out if I turned off the firewall it worked fine. I tried to reset the firewall to default, but I get "Could not restore the...
Network & Sharing
Windows Personal Firewall service and Mcafee firewall not turning on
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
System Security
eset firewall and anti virus or whats the best firewall with windows
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 01:45.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App