CPU Usage 100% ~ Help

Page 3 of 4 FirstFirst 1234 LastLast

  1. Posts : 56
    Windows 7 Home Premium 64-bit (6.1, Build 7600)
       #21

    johnnya said:
    That just means that the CPU is 98% idle. Nothing taking up CPU cycles at the moment.

    JohnnyA
    Oh and i though its taking up 98% of the cpu -_-
    Thanks.
      My Computer


  2. Posts : 1,036
    Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
       #22

    nitraxx said:
    GEWB said:
    OK, thanks.

    Let us know what the results are.

    Regards,
    GEWB
    Most Certainly
    and I just came across this .... lol



    EDIT: and came across this SVhost.exe
    Your surely infected. Its not svhost.exe, its svchost.exe under %windir%\System32\svchost.exe

    I wonder why MBAM flagged it as Reserved Word Exploit, there's no legit file named svhost.exe, the alias should have been something else.
      My Computer


  3. Posts : 46
    windows 7 [64-bit]
    Thread Starter
       #23

    Yeah I am not sure either
    But almost 3 hours in the scan.. total of 47 infected items

    it should be done any time now, i ll post the logs once it's done.
    when i ran this last time, I got like 2 infected items now it completely changed lol..
      My Computer


  4. Posts : 352
    Windows Home Premium 64bit
       #24

    Still looking good. Always a good idea to update Malwarebytes before running as they are constantly updating their threat tables. Even if this seems to solve your current problem, I would once again update and run the program until you get a clean bill of health. It's a bit like peeling an Onion, you get one layer off and this exposes another layer.
    JohnnyA
      My Computer


  5. Posts : 46
    windows 7 [64-bit]
    Thread Starter
       #25

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 5121

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    11/15/2010 5:20:44 PM
    mbam-log-2010-11-15 (17-20-44).txt

    Scan type: Quick scan
    Objects scanned: 145365
    Time elapsed: 15 minute(s), 16 second(s)

    Memory Processes Infected: 7
    Memory Modules Infected: 0
    Registry Keys Infected: 15
    Registry Values Infected: 12
    Registry Data Items Infected: 4
    Folders Infected: 4
    Files Infected: 136

    Memory Processes Infected:
    C:\Users\Felipe\AppData\Roaming\Server.exe (Heuristics.Shuriken) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Roaming\svchost.exe (Heuristics.Shuriken) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Roaming\3.7shades.exe (Trojan.Scar.Gen) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Roaming\taskeng.exe (Trojan.LVBP) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Roaming\Defender.exe (Trojan.Scar.Gen) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Local\Temp\explorer.exe (Trojan.Agent) -> Unloaded process successfully.
    C:\Users\Felipe\AppData\Roaming\lsass.exe (Trojan.Delf) -> Unloaded process successfully.

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08o3o26h-8g74-3p31-apmv-623cla2g5671} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5236pi38-x546-ja0p-47j1-1b50o52hvnb7} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{52im8pdh-k0ba-6db0-05tl-eq7w1016pa40} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{ls6m8147-86m6-ykpj-5mfd-fd8cs8ha74g4} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{s7dx0th4-8xvs-0p38-ta87-h8g40143t8ih} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{sxrbq42x-i7l3-u632-0y3b-30svy1rj564q} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{xq881j2h-07ya-wrbn-4p25-xn85w68vyevt} (Generic.Bot.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{xq881j2h-07ya-wrbn-4p25-xn85w68vyevt} (Backdoor.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Firefox (Backdoor.Agent) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\blank (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\blank (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\svchost (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windefend (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update system (Trojan.LVBP) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft windows hosting service login (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows defense service (Trojan.Pincav) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\dram prosessor (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Agent) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft configuration (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Delf) -> Data: c:\users\felipe\appdata\roaming\lsass.exe -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\DisableCMD (Hijack.CMDPrompt) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "C:\Users\Felipe\AppData\Roaming\lsass.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.

    Folders Infected:
    C:\Users\Felipe\AppData\Roaming\Svchost (Backdoor.Agent) -> Quarantined and deleted successfully.
    C:\cleansweep.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\directory\CyberGate (Trojan.PWS) -> Quarantined and deleted successfully.
    C:\directory\CyberGate\install (Trojan.PWS) -> Quarantined and deleted successfully.

    Files Infected:
    C:\dir\install\install\server.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Windows\install\HWID.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\WinDir\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\svchost\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\install\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Windows\System32\Winlog\Winlogon.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Server.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\svchost.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\3.7shades.exe (Trojan.Scar.Gen) -> Delete on reboot.
    C:\Users\Felipe\AppData\Roaming\taskeng.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Defender.exe (Trojan.Scar.Gen) -> Delete on reboot.
    C:\Users\Felipe\AppData\Local\Temp\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Update.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\WinDefend.exe (Trojan.Pincav) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\987654.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\needcrypt.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\stealunc.exe (PWS.Dybalom) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\winlogon.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Microsoft\Run.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Microsoft\svchost.exe (Spyware.Banker) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\11204.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\11718139_Crypted.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\11800.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\11914966_Crypted.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\12238.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\1408.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\14639.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Sony_Scan_182716.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\svm.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\raw.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Cryptedshades.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\det.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\UpdatescannerSetup.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\build___G_Zero.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Built.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\crypted2.exe (Spyware.Banker) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\done.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\ed.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\9179.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\9223.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\93755.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\94295.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\96040.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\98506.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\n2m8.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\60039.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\6120.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\61976.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\65441.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\66007.exe (Spyware.SpyEyes) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Pkersserverinfectwiththis.exe (Worm.Rebhip) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\xrBot.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\tkxservs.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\35951.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\3939.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\40750.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\42999.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\43875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\d997183565c111f84cbc7d5bbc0cd4b0.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Kb1218.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\82999.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\83868.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\85547.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\89132.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\89961.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\22684.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\23447.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\23499.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\24631.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\24819.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\28967.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\insansa.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\install-0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\install-1.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\istealerserver.exe (PWS.Dybalom) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\15062.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\15765.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\17012.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\17548.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\20239.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\21208.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\521.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\52537.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\54303.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\54605872_updatescan (1).exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\54807.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\57121.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\69340.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\72316.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\74893.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\32376.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\323884.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\32914.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\33181.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\33633.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\Hello123.exe (Trojan.PWS) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\server.exe (Trojan.PWS) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\48362.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\4848.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\48509.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP0000005D654C09754E5BCC20 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP00001118533A3568AE2AB8C4 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP0000000ACA3AB896C3A41B11 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP0000000DAE0B4276728E7C2A (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP00000010E8434D437F7790A1 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP00000026E824DA6D3BDFACE2 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP00000031FADAE24D447871B5 (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\TMP0000004718C83C80B4F593FD (Trojan.VirTool) -> Quarantined and deleted successfully.
    C:\Windows\Temp\history\firefox.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\smss.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Svchost\server.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\Svchost\Svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
    C:\cleansweep.exe\cleansweep.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\cleansweep.exe\cleansweepupd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\cleansweep.exe\config.bin (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\directory\CyberGate\install\server.exe (Trojan.PWS) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\lsass.exe (Trojan.Delf) -> Delete on reboot.
    C:\Users\Felipe\AppData\Roaming\qghumeaylnlfdxfircvs85.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\WinDefender.exe (Trojan.Keylogger) -> Delete on reboot.
    C:\install\server.exe (Trojan.SpyNet) -> Quarantined and deleted successfully.
    C:\Windows\System32\import53an35ygsfsgftdoc.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\bot.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\test.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\WinDefender.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Delete on reboot.
    C:\Users\Felipe\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\Felipe\Templates\BWVxf.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\Templates\dzxaI.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\Templates\yVUvd.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Local\Temp\msconfig.exe (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.
    C:\Users\Felipe\AppData\Roaming\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

    ------------------------------------------------

    I am now idleing at around 5-10% of CPU Usage... and here is my new task manager:

    Last edited by nitraxx; 06 Feb 2011 at 22:08.
      My Computer

  6.    #26

    I'd uninstall your AV and install free Avast5 for real-time protection, then immediately schedule a Boot Scan and restart to get anything which was hiding in System Files during scans.

    Afterwards repeat Malwarebytes and Avast until it is clean, then weekly.

    If infection continues to resurface, you'll need to wipe the HD and clean reinstall using your Recovery Disks or a Win7 installer for your version. re-install windows 7

    Run Avast or MSE permanently with the Win7 Firewall kept updated.
    Last edited by gregrocker; 07 Feb 2011 at 20:59.
      My Computer


  7. Posts : 46
    windows 7 [64-bit]
    Thread Starter
       #27

    gregrocker said:
    I'd uninstall your AV and install free Avast5 for real-time protection, then immediately schedule a Boot Scan and restart to get anything which was hiding in System Files during scans.

    Afterwards repeat Malwarebytes and Avast weekly until it is clean.

    If infection continues to resurface, you'll need to wipe the HD and clean reinstall using your Recovery Disks or a Win7 installer for your version. re-install windows 7

    Run Avast or MSE permanently with the Win7 Firewall kept updated.
    Yeah. I am doing a mjor clean up with my computer. Taking out stupid crap. Changing start up programs so everything just loads faster. I am uninstalling AV and going to get the newest avast and running a boot scan tonight to take out anything hidden.

    Thanks a lot for you're guys help... every time I have a problem I come here and I come out a happy guy. THANK YOU VERY MUCH
      My Computer


  8. Posts : 352
    Windows Home Premium 64bit
       #28

    I'm a little confused looking at your Malwarebytes Log. All items show "No action taken"? Did you tell it to fix all? Glad we have been able to help you out so far.
    Regards
    JohnnyA
      My Computer


  9. Posts : 56
    Windows 7 Home Premium 64-bit (6.1, Build 7600)
       #29

    So how many RAM usage are you getting now?
      My Computer


  10. Posts : 1,036
    Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
       #30

    Your logs show No action taken. Please re-run MBAM and at the infected objects list, click Select All and Remove selected. Reboot when prompted. Post the new log.
      My Computer


 
Page 3 of 4 FirstFirst 1234 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:44.
Find Us