dclogs directory found may have something to do with wshom.exe

Page 1 of 3 123 LastLast

  1. Posts : 77
    Microsoft Windows 7 Ultimate 32-bit 7601 Multiprocessor Free Service Pack 1
       #1

    dclogs directory found may have something to do with wshom.exe


    It started with that I found some processes that I didn't recognized
    dmview.exe
    wshom.exe

    Programs in %appdata%\Microsoft\Windows

    I ( Malwarebytes Anti-Malware) then found a directory and some files named dclogs
    Folders Detected: 1
    C:\Users\ame\AppData\Roaming\dclogs (Stolen.Data) -> Quarantined and deleted successfully.
    Files Detected: 2
    C:\Users\ame\AppData\Roaming\dclogs\2013-10-26-7.dc (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\ame\AppData\Roaming\dclogs\2013-10-27-1.dc (Stolen.Data) -> Quarantined and deleted successfully.

    So I have deleted the programs and the files and directory. What do I do next?
      My Computer


  2. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #2

    Clean out all temporary folders. Download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
    Save any unsaved work. TFC will close ALL open programs including your browser!
    Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
    Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
    Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
      My Computer


  3. Posts : 77
    Microsoft Windows 7 Ultimate 32-bit 7601 Multiprocessor Free Service Pack 1
    Thread Starter
       #3

    Ok, I have now run TCF and it removed 750 MB.

    Should I do anything else?

    PS! Sorry about the delay I've been into hospital for a operation, back almost like new...
      My Computer


  4. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #4

    Hope you're doing a bit better after surgery

    You didn't say if your computer was doing any better after using TFC, so if not, download DDS from one of these links:
    DDS.com
    DDS.pif
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer


  5. Posts : 77
    Microsoft Windows 7 Ultimate 32-bit 7601 Multiprocessor Free Service Pack 1
    Thread Starter
       #5

    Just to be sure. Should I attach both logs or should I paste DDS.txt and attach Attach.txt or paste both?
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #6

    Yes, you can attach both logs.
      My Computer


  7. Posts : 77
    Microsoft Windows 7 Ultimate 32-bit 7601 Multiprocessor Free Service Pack 1
    Thread Starter
       #7

    OK, here they are.
    dclogs directory found may have something to do with wshom.exe Attached Files
      My Computer


  8. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #8

    Download CKScanner by askey127 from HERE
    Important - Save it to your desktop.
    Doubleclick CKScanner.exe and click Search For Files.

    After a very short time, when the cursor hourglass disappears, click Save List To File. It will appear that CKS isn't doing anything...it is, so just be patient!

    A message box will verify the file saved.
    Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
      My Computer


  9. Posts : 77
    Microsoft Windows 7 Ultimate 32-bit 7601 Multiprocessor Free Service Pack 1
    Thread Starter
       #9

    Here is the result

    ================================
    CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
    c:\jdownloader\jd\plugins\hoster\crackedcom.class
    c:\program files\git\bin\ssh-keygen.exe
    c:\program files\ik multimedia\instruments\sampletank 2 sounds\drums\acoustic\smack crack.stip
    c:\program files\ik multimedia\sampletank 2.5\instruments\drums\acoustic\all about crackle.stip
    c:\program files\ik multimedia\sampletank 2.5\instruments\drums\acoustic\crack down mama.stip
    c:\program files\ik multimedia\sampletank 2.5\instruments\drums\acoustic\smack crack.stip
    c:\program files\ik multimedia\sampletank 2.5\instruments\sampletank 2 sounds\drums\acoustic\smack crack.stip
    c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py
    c:\users\ame\documents\abc notation\the abc music project\abcmidi\crack.c
    c:\users\ame\documents\ableton\library\presets\audio effects\vinyl distortion\crack.adv
    c:\users\ame\documents\trusted\hashcatgui\cap2hccap\aircrack-ng-help.cmd
    c:\users\ame\documents\trusted\hashcatgui\cap2hccap\aircrack-ng.exe
    c:\users\ame\documents\visual studio 2010\projects\private\music\midisheetmusic-2.3-win-src\songs\tchaikovsky__nutcracker_-_dance_of_the_reed_flutes.mid
    c:\users\ame\documents\visual studio 2010\projects\private\music\midisheetmusic-2.3-win-src\songs\tchaikovsky__nutcracker_-_dance_of_the_sugar_plum_fairies.mid
    c:\users\ame\documents\visual studio 2010\projects\private\music\midisheetmusic-2.3-win-src\songs\tchaikovsky__nutcracker_-_march_of_the_toy_soldiers.mid
    c:\users\ame\documents\visual studio 2010\projects\private\music\midisheetmusic-2.3-win-src\songs\tchaikovsky__nutcracker_-_waltz_of_the_flowers.mid
    c:\users\ame\downloads\crark34\crackme.def
    c:\users\ame\downloads\midisheetmusic-2.4-win-src\midisheetmusic-2.4-win-src\songs\tchaikovsky__nutcracker_-_dance_of_the_reed_flutes.mid
    c:\users\ame\downloads\midisheetmusic-2.4-win-src\midisheetmusic-2.4-win-src\songs\tchaikovsky__nutcracker_-_dance_of_the_sugar_plum_fairies.mid
    c:\users\ame\downloads\midisheetmusic-2.4-win-src\midisheetmusic-2.4-win-src\songs\tchaikovsky__nutcracker_-_march_of_the_toy_soldiers.mid
    c:\users\ame\downloads\midisheetmusic-2.4-win-src\midisheetmusic-2.4-win-src\songs\tchaikovsky__nutcracker_-_waltz_of_the_flowers.mid
    c:\users\ame\downloads\sampletank_free_sounds\sampletank free sounds\instruments\sampletank 2 sounds\drums\acoustic\smack crack.stip
    scanner sequence 3.ZZ.11.FONAJZ
    ----- EOF -----

    ================================
      My Computer


  10. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #10

    You have a Rootkit and no doubt it's due to downloading "cracks and keygens" ---> (Stolen.Data).

    You can clean all this up by doing a 'wipe' and "clean install", providing your copy of Windows 7 is legit. Clean Install Windows 7

    Good luck!
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:59.
Find Us