Help with Firewall/Hacker

Page 2 of 12 FirstFirst 1234 ... LastLast

  1. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #11

    logs part one


    [code]
    HitmanPro 3.7.6.201
    www.hitmanpro.com

    Computer name . . . . : SOMEONES-PC
    Windows . . . . . . . : 6.1.1.7601.X64/4
    User name . . . . . . : Someones-PC\Enrique
    UAC . . . . . . . . . : Enabled
    License . . . . . . . : Trial (30 days left)

    Scan date . . . . . . : 2013-07-23 01:18:04
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 26m 8s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 556
    Traces . . . . . . . : 3196

    Objects scanned . . . : 31,756,167
    Files scanned . . . . : 969,215
    Remnants scanned . . : 29,953,891 files / 833,061 keys

    Malware _____________________________________________________________________

    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\n -> Deleted
    Size . . . . . . . : 42,496 bytes
    Age . . . . . . . : 71.2 days (2013-05-12 20:58:28)
    Entropy . . . . . : 5.3
    SHA-256 . . . . . : 8244DDFCBA327A3F67A5582642C53241EE5E58D75808547CD74808BCDED272D0
    > G Data . . . . . . : Trojan.Sirefef.KH
    > Ikarus . . . . . . : Trojan.Win64!IK
    Fuzzy . . . . . . : 115.0

    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000000.@ -> Deleted
    Size . . . . . . . : 15,360 bytes
    Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
    Entropy . . . . . : 5.4
    SHA-256 . . . . . : E483D414588EA9E002CFADD9786088D90557AEB473C0C5C62C8E4B34C58DBDB9
    > G Data . . . . . . : Trojan.Generic.8044919
    > Ikarus . . . . . . : Trojan.Win64!IK
    Fuzzy . . . . . . : 110.0

    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000032.@ -> Deleted
    Size . . . . . . . : 90,624 bytes
    Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
    Entropy . . . . . : 6.6
    SHA-256 . . . . . : EF8766EFC0DDC7A56A71DBCC65200537988163512C70F9CE8CD44398943DE5AD
    > G Data . . . . . . : Trojan.Sirefef.XL
    > Ikarus . . . . . . : Trojan.Win32.Alureon!IK
    Fuzzy . . . . . . : 110.0

    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\80000064.@ -> Deleted
    Size . . . . . . . : 77,312 bytes
    Age . . . . . . . : 71.2 days (2013-05-12 20:59:43)
    Entropy . . . . . : 6.1
    SHA-256 . . . . . : DBDAEA813662144D3D37323DDAB9C9DC63501FB09E9DA3C70325BE5CA816C92B
    > G Data . . . . . . : Trojan.Sirefef.YA
    > Ikarus . . . . . . : Trojan.Win64!IK
    Fuzzy . . . . . . : 110.0

    C:\Users\Enrique\AppData\Local\Temp\1393509943_minerd3.exe -> Deleted
    Size . . . . . . . : 9,728 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 19:12:00)
    Entropy . . . . . : 4.6
    SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
    Description . . . :
    Version . . . . . : 0.0.0.0
    Copyright . . . . :
    > G Data . . . . . . : Gen:Variant.Kazy.158415
    > Ikarus . . . . . . : Trojan.CoinMiner!IK
    Fuzzy . . . . . . : 106.0

    C:\Users\Enrique\AppData\Local\Temp\1393632607_minerd3.exe -> Deleted
    Size . . . . . . . : 9,728 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 19:14:02)
    Entropy . . . . . : 4.6
    SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
    Description . . . :
    Version . . . . . : 0.0.0.0
    Copyright . . . . :
    > G Data . . . . . . : Gen:Variant.Kazy.158415
    > Ikarus . . . . . . : Trojan.CoinMiner!IK
    Fuzzy . . . . . . : 106.0

    C:\Users\Enrique\AppData\Local\Temp\msimg32.dll -> Deleted
    Size . . . . . . . : 147,968 bytes
    Age . . . . . . . : 71.2 days (2013-05-12 20:58:28)
    Entropy . . . . . : 7.7
    SHA-256 . . . . . : A042B0B150765C698A909463F5E8CCF3B687C5150F88E3FA43A697C069B9744D
    Product . . . . . : Microsoft® Windows® Operating System
    Publisher . . . . : Microsoft Corporation
    Description . . . : CertReq.exe
    Version . . . . . : 6.1.7600.16385
    Copyright . . . . : © Microsoft Corporation. All rights reserved.
    > G Data . . . . . . : Trojan.GenericKDZ.17846
    > Ikarus . . . . . . : Trojan-Dropper.Win32.Sirefef!IK
    Fuzzy . . . . . . : 113.0

    C:\Users\Enrique\AppData\Local\Temp\tmp32D4.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 17:16:07)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmp3C76.tmp.exe -> Quarantined
    Size . . . . . . . : 435,200 bytes
    Age . . . . . . . : 24.0 days (2013-06-29 01:35:54)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
    Product . . . . . : The Dargon Project
    Publisher . . . . : ItzWarty
    Description . . . : Dargon Setup
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © ItzWarty 2012
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 113.0

    C:\Users\Enrique\AppData\Local\Temp\tmp3DA6.tmp.exe -> Deleted
    Size . . . . . . . : 758,272 bytes
    Age . . . . . . . : 46.2 days (2013-06-06 20:27:42)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : CDBC12609746961EB1B623880E71211B91CB11FF67A7FA369D4A872249EA1794
    Product . . . . . : ModellNvid
    Description . . . : ModellNvid
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © ModellNvid 2013
    > G Data . . . . . . : Gen:Variant.Zusy.49764
    > Ikarus . . . . . . : Backdoor.Win32.Fynloski!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmp5FFD.tmp.exe -> Quarantined
    Size . . . . . . . : 435,200 bytes
    Age . . . . . . . : 24.0 days (2013-06-29 01:36:03)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
    Product . . . . . : The Dargon Project
    Publisher . . . . : ItzWarty
    Description . . . : Dargon Setup
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © ItzWarty 2012
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 113.0

    C:\Users\Enrique\AppData\Local\Temp\tmp6809.tmp.exe -> Deleted
    Size . . . . . . . : 509,952 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 19:09:56)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : 6F1864708A08FB79D319C6957F922EB5131C63252633D617229E839FC76DA9F8
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmp6894.tmp.exe -> Deleted
    Size . . . . . . . : 759,808 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 17:54:34)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : 6E6E752BB526C76207CEFC98A48DB3BDB4F06B279082005FD8DF727A47E058E0
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmp91E2.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 36.5 days (2013-06-16 12:35:39)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0
      My Computer
    Quote Quote

  3. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #12

    logs part two


    C:\Users\Enrique\AppData\Local\Temp\tmpA987.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 36.5 days (2013-06-16 12:35:45)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : D9C3A070C9F7EE6A42B1EC415645C812E0E674B16C895DDCBFF2D52261066386
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmpC229.tmp.exe -> Quarantined
    Size . . . . . . . : 435,200 bytes
    Age . . . . . . . : 24.0 days (2013-06-29 01:36:28)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : 168167EFE8E8A73FC059EA46362A9FD95DBBF949A4F28D850DE145364026F1B2
    Product . . . . . : The Dargon Project
    Publisher . . . . : ItzWarty
    Description . . . : Dargon Setup
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © ItzWarty 2012
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 113.0

    C:\Users\Enrique\AppData\Local\Temp\tmpC6E9.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 17:22:12)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : 69ED1962035BA05F4687A589EFE1580C684F2465D79859A2B06EB6AF575FF252
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmpC6F8.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 17:22:12)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : 69ED1962035BA05F4687A589EFE1580C684F2465D79859A2B06EB6AF575FF252
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmpD034.tmp.exe -> Deleted
    Size . . . . . . . : 758,272 bytes
    Age . . . . . . . : 46.2 days (2013-06-06 20:22:52)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : CDBC12609746961EB1B623880E71211B91CB11FF67A7FA369D4A872249EA1794
    Product . . . . . : ModellNvid
    Description . . . : ModellNvid
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © ModellNvid 2013
    > G Data . . . . . . : Gen:Variant.Zusy.49764
    > Ikarus . . . . . . : Backdoor.Win32.Fynloski!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Local\Temp\tmpE62C.tmp.exe -> Deleted
    Size . . . . . . . : 759,296 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 17:36:32)
    Entropy . . . . . : 8.0
    SHA-256 . . . . . : F8C8D57C414E8A1C2FB33D9A029123DEC8AB4DEF1BCAE43CC04B8F9D2D961101
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Roaming\etilqs_PRCMgrhnbTb.exe -> Quarantined
    Size . . . . . . . : 796,160 bytes
    Age . . . . . . . : 16.1 days (2013-07-06 23:45:20)
    Entropy . . . . . : 7.9
    SHA-256 . . . . . : D21FF949E5DB878128D0CD0D7A8578114231E9E29F933C9A1551AA0CC0125F6C
    Product . . . . . : TeamViewer
    Publisher . . . . : TeamViewer GmbH
    Description . . . : TeamViewer 8
    Version . . . . . : 8.0.18051.0
    Copyright . . . . : TeamViewer GmbH
    > G Data . . . . . . : Gen:Variant.Kazy.199289
    Fuzzy . . . . . . : 114.0

    C:\Users\Enrique\AppData\Roaming\JEsNE\miner.dll -> Quarantined
    Size . . . . . . . : 343,552 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 18:20:23)
    Entropy . . . . . : 6.2
    SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
    Product . . . . . : xCoin Miner
    Publisher . . . . : Ufasoft
    Description . . . : coin-miner
    Version . . . . . : 7.0.13047.0
    Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
    > Ikarus . . . . . . : Win32.Malware!IK
    Fuzzy . . . . . . : 100.0

    C:\Users\Enrique\AppData\Roaming\JEsNE\taskengine.exe -> Deleted
    Size . . . . . . . : 84,992 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 18:20:31)
    Entropy . . . . . : 7.0
    SHA-256 . . . . . : EDDFA19BEDD75F5035D1F9FDAF261F2DA05DE81B7A2AED9070F190BA92EE5457
    Product . . . . . : Demoridus
    Description . . . : Demoridus
    Version . . . . . : 1.0.0.0
    Copyright . . . . : Copyright © Demoridus 2013
    > G Data . . . . . . : Trojan.GenericKDZ.20587
    > Ikarus . . . . . . : Backdoor.Win32.Androm!IK
    Fuzzy . . . . . . : 105.0

    C:\Users\Enrique\AppData\Roaming\JvXsG\miner.dll -> Quarantined
    Size . . . . . . . : 343,552 bytes
    Age . . . . . . . : 43.3 days (2013-06-09 18:03:01)
    Entropy . . . . . : 6.2
    SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
    Product . . . . . : xCoin Miner
    Publisher . . . . : Ufasoft
    Description . . . : coin-miner
    Version . . . . . : 7.0.13047.0
    Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
    > Ikarus . . . . . . : Win32.Malware!IK
    Fuzzy . . . . . . : 100.0

    C:\Users\Enrique\AppData\Roaming\JvXsG\taskengine.exe -> Deleted
    Size . . . . . . . : 9,728 bytes
    Age . . . . . . . : 43.3 days (2013-06-09 18:03:10)
    Entropy . . . . . : 4.6
    SHA-256 . . . . . : E6DF452CBBA18ADE99F470F1A5BBAC0AC6A04E81F8A9410DEA8061CF65D74F5F
    Description . . . :
    Version . . . . . : 0.0.0.0
    Copyright . . . . :
    > G Data . . . . . . : Gen:Variant.Kazy.158415
    > Ikarus . . . . . . : Trojan.CoinMiner!IK
    Fuzzy . . . . . . : 106.0

    C:\Users\Enrique\AppData\Roaming\nBLut\miner.dll -> Quarantined
    Size . . . . . . . : 343,552 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 19:12:04)
    Entropy . . . . . : 6.2
    SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
    Product . . . . . : xCoin Miner
    Publisher . . . . : Ufasoft
    Description . . . : coin-miner
    Version . . . . . : 7.0.13047.0
    Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
    > Ikarus . . . . . . : Win32.Malware!IK
    Fuzzy . . . . . . : 100.0

    C:\Users\Enrique\AppData\Roaming\nBLut\taskengine.exe -> Deleted
    Size . . . . . . . : 9,728 bytes
    Age . . . . . . . : 45.3 days (2013-06-07 19:12:12)
    Entropy . . . . . : 4.6
    SHA-256 . . . . . : 39574F1D8CF33A576CF360CDF38C6C9667836F77783387AF5DC6FFAB38C309D1
    Description . . . :
    Version . . . . . : 0.0.0.0
    Copyright . . . . :
    > G Data . . . . . . : Gen:Variant.Kazy.158415
    > Ikarus . . . . . . : Trojan.CoinMiner!IK
    Fuzzy . . . . . . : 106.0

    C:\Users\Enrique\AppData\Roaming\QMBVL\miner.dll -> Quarantined
    Size . . . . . . . : 343,552 bytes
    Age . . . . . . . : 45.2 days (2013-06-07 20:48:35)
    Entropy . . . . . : 6.2
    SHA-256 . . . . . : 296D3069DBE4F2D7049B06BFB05AF4ECBE25E824EB21EA32D939C7151348BB02
    Product . . . . . : xCoin Miner
    Publisher . . . . : Ufasoft
    Description . . . : coin-miner
    Version . . . . . : 7.0.13047.0
    Copyright . . . . : Copyright (c) 2011-2013 Ufasoft
    > Ikarus . . . . . . : Win32.Malware!IK
    Fuzzy . . . . . . : 100.0

    C:\Users\Enrique\AppData\Roaming\QMBVL\taskengine.exe -> Deleted
    Size . . . . . . . : 9,728 bytes
    Age . . . . . . . : 45.2 days (2013-06-07 20:48:43)
    Entropy . . . . . : 4.6
    SHA-256 . . . . . : 35172527A17BBDEC75B42E34273534F6569E9F9CD40C6ACEC450424DD8E2861B
    Description . . . :
    Version . . . . . : 0.0.0.0
    Copyright . . . . :
    > G Data . . . . . . : Gen:Variant.Kazy.158415
    > Ikarus . . . . . . : Trojan.CoinMiner!IK
    Fuzzy . . . . . . : 106.0


    Malware remnants ____________________________________________________________

    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\@ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\L\ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\L\00000004.@ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\00000004.@ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\00000008.@ (ZeroAccess) -> Deleted
    C:\$Recycle.Bin\S-1-5-21-3946502291-3340588053-1113517402-1000\$8ccb4cf9c6070d760d7d2da245d8f97a\U\000000cb.@ (ZeroAccess) -> Deleted

    Cookies _____________________________________________________________________

    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yealt.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:network.realmedia.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
    C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\04VOF1ER.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\0L7INRIW.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\0V2LDSJJ.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\11K6CL28.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\13N7ZDG7.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\3BX37ZTT.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\3DTFZNQA.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\4AS5OVOF.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\5QOYO3IH.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\67HR9D86.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\6ZCNYBQ4.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\7KJ73UE2.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\8UMAX4IZ.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\8UY7OKKO.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\9ELP55G0.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ALCRFIBX.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BIG70J8W.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BO5KOL5K.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\BTGHAFVD.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\CA2IE50Q.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\DG6O8BLT.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\DVC1OHL6.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\EP6L7FFT.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\F14VATXU.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\F30HLGXT.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\FGDZW3FE.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\G93407YS.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\GKT2UA9J.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\GWGLEAJP.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\HVJW3AOP.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\IC4S4DAD.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\IJOJJAKF.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\INKPPIRD.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JCEIR16E.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JJ46FX2A.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\JZ2QYBYO.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\KN4TA4SB.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\LR77EY8B.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\M6BM2YZQ.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\MU2CBIOI.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\MVDKOXYI.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\NS3P69KC.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\NXUGF9PX.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\O4CKD1TR.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\OS6WHYOP.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PCQ0TZJY.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PHTHMGZG.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\PLA4B3IA.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Q73X0CA4.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\QU14YSZE.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\SR26RLCC.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\SYMJ0K3D.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\V35XRJRK.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\VC1FKK37.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\VK1NUMFS.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\W0TPRDZB.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\W9CVY010.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\XS9M1BFU.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Y82KARRS.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\YPBS1W0O.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Z06MK1I3.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\Z4H20TVU.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ZXOS6B3C.txt
    C:\Users\Enrique\AppData\Roaming\Microsoft\Windows\Cookies\ZZXGVCTS.txt
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:apmebf.com
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:*********. net
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:dmtracker. com
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:doubleclic k.net
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:invitemedi a.com
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:mediaplex. com
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:microsofts to.112.2o7.net
    C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\ky2ok6xo.default\cookies.sqlite:stats.payp al.com


    [/code]
      My Computer
    Quote Quote

  4. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #13

    Delete the old frst.txt and rerun FRST.exe
      My Computer
    Quote Quote

  6. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #14

    updated log
    Help with Firewall/Hacker Attached Files
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #15

    Copy and paste the code below into Notepad. To open Notepad, click on . Inside type notepad and then press <ENTER> button .

    Code:
    @Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
cls
echo Script finished.
pause
del %0
    In Notepad, click File and then Save. Type reset.bat inside file name section . Change Save as Type to All Files, and then save the file to your desktop. After the file is saved, right click on the RESET.bat choose . Once it's finished running, restart your computer. Check to see if your Internet connection is restored.

    Once you're on the desktop . Rerun FSS .exe
      My Computer
    Quote Quote

  8. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #16

    I dont have FSS.exe just FRST64.exe
      My Computer
    Quote Quote

  10. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #17

    Its on Post #2
      My Computer
    Quote Quote

  11. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #18

    Update


    Heres the newest log for FRST
    Help with Firewall/Hacker Attached Files
      My Computer
    Quote Quote

  12. DigitalOctave
    Posts : 62
    Windows x64
    Thread Starter
       New #19

    Sorry


    Heres the FSS
    Help with Firewall/Hacker Attached Files
      My Computer
    Quote Quote

  13. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #20

    Download Services Repair

    Services Repair <=== Download Link

    When done . Drag the file to your desktop

    Right click on ServicesRepair.exe choose

    Click on Yes or Continue . Once the tool has completed it will ask you to restart . Please restart the PC .

    Then run

    AdwCleaner

    Click here AdwCleaner

    Click on Download Now button

    Save to the Desktop

    Right-click on AdwCleaner.exe and choose

    Click on Delete and confirm the prompt.



    Your computer will be rebooted automatically. A text file will open after the restart.

    Upload the log : The log file is at C:\AdwCleaner[Sn].txt
      My Computer
    Quote Quote

 
Page 2 of 12 FirstFirst 1234 ... LastLast

  Related Discussions
Hey everyone, This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out. I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 13:45.
Find Us