New
#21
Yeah I am not sure either
But almost 3 hours in the scan.. total of 47 infected items
it should be done any time now, i ll post the logs once it's done.
when i ran this last time, I got like 2 infected items now it completely changed lol..
Still looking good. Always a good idea to update Malwarebytes before running as they are constantly updating their threat tables. Even if this seems to solve your current problem, I would once again update and run the program until you get a clean bill of health. It's a bit like peeling an Onion, you get one layer off and this exposes another layer.
JohnnyA
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5121
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/15/2010 5:20:44 PM
mbam-log-2010-11-15 (17-20-44).txt
Scan type: Quick scan
Objects scanned: 145365
Time elapsed: 15 minute(s), 16 second(s)
Memory Processes Infected: 7
Memory Modules Infected: 0
Registry Keys Infected: 15
Registry Values Infected: 12
Registry Data Items Infected: 4
Folders Infected: 4
Files Infected: 136
Memory Processes Infected:
C:\Users\Felipe\AppData\Roaming\Server.exe (Heuristics.Shuriken) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Roaming\svchost.exe (Heuristics.Shuriken) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Roaming\3.7shades.exe (Trojan.Scar.Gen) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Roaming\taskeng.exe (Trojan.LVBP) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Roaming\Defender.exe (Trojan.Scar.Gen) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Local\Temp\explorer.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Users\Felipe\AppData\Roaming\lsass.exe (Trojan.Delf) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08o3o26h-8g74-3p31-apmv-623cla2g5671} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5236pi38-x546-ja0p-47j1-1b50o52hvnb7} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{52im8pdh-k0ba-6db0-05tl-eq7w1016pa40} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{ls6m8147-86m6-ykpj-5mfd-fd8cs8ha74g4} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{s7dx0th4-8xvs-0p38-ta87-h8g40143t8ih} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{sxrbq42x-i7l3-u632-0y3b-30svy1rj564q} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{xq881j2h-07ya-wrbn-4p25-xn85w68vyevt} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{xq881j2h-07ya-wrbn-4p25-xn85w68vyevt} (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Firefox (Backdoor.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\blank (Heuristics.Shuriken) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\blank (Heuristics.Shuriken) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Heuristics.Shuriken) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\svchost (Heuristics.Shuriken) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windefend (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update system (Trojan.LVBP) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft windows hosting service login (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows defense service (Trojan.Pincav) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\dram prosessor (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft configuration (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Delf) -> Data: c:\users\felipe\appdata\roaming\lsass.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System\DisableCMD (Hijack.CMDPrompt) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "C:\Users\Felipe\AppData\Roaming\lsass.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
Folders Infected:
C:\Users\Felipe\AppData\Roaming\Svchost (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\cleansweep.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\directory\CyberGate (Trojan.PWS) -> Quarantined and deleted successfully.
C:\directory\CyberGate\install (Trojan.PWS) -> Quarantined and deleted successfully.
Files Infected:
C:\dir\install\install\server.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Windows\install\HWID.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Windows\System32\WinDir\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Windows\System32\svchost\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Windows\System32\install\Svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Windows\System32\Winlog\Winlogon.exe (Generic.Bot.H) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Server.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\svchost.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\3.7shades.exe (Trojan.Scar.Gen) -> Delete on reboot.
C:\Users\Felipe\AppData\Roaming\taskeng.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Defender.exe (Trojan.Scar.Gen) -> Delete on reboot.
C:\Users\Felipe\AppData\Local\Temp\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Update.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\WinDefend.exe (Trojan.Pincav) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\987654.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\needcrypt.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\stealunc.exe (PWS.Dybalom) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\winlogon.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Microsoft\Run.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Microsoft\svchost.exe (Spyware.Banker) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\11204.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\11718139_Crypted.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\11800.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\11914966_Crypted.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\12238.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\1408.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\14639.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Sony_Scan_182716.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\svm.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\raw.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Cryptedshades.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\det.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\UpdatescannerSetup.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\build___G_Zero.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Built.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\crypted2.exe (Spyware.Banker) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\done.exe (Trojan.Ircbrute) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\ed.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\9179.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\9223.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\93755.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\94295.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\96040.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\98506.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\n2m8.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\60039.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\6120.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\61976.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\65441.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\66007.exe (Spyware.SpyEyes) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Pkersserverinfectwiththis.exe (Worm.Rebhip) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\xrBot.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\tkxservs.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\35951.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\3939.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\40750.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\42999.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\43875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\d997183565c111f84cbc7d5bbc0cd4b0.exe (Trojan.Swisyn) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Kb1218.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\82999.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\83868.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\85547.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\89132.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\89961.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\22684.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\23447.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\23499.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\24631.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\24819.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\28967.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\insansa.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\install-0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\install-1.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\istealerserver.exe (PWS.Dybalom) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\15062.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\15765.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\17012.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\17548.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\20239.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\21208.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\521.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\52537.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\54303.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\54605872_updatescan (1).exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\54807.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\57121.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\69340.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\72316.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\74893.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\32376.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\323884.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\32914.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\33181.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\33633.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\Hello123.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\server.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\48362.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\4848.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\48509.exe (Trojan.Scar.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000005D654C09754E5BCC20 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP00001118533A3568AE2AB8C4 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000000ACA3AB896C3A41B11 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000000DAE0B4276728E7C2A (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP00000010E8434D437F7790A1 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP00000026E824DA6D3BDFACE2 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP00000031FADAE24D447871B5 (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\TMP0000004718C83C80B4F593FD (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Windows\Temp\history\firefox.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\smss.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Svchost\server.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\Svchost\Svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\cleansweep.exe\cleansweep.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\cleansweep.exe\cleansweepupd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\cleansweep.exe\config.bin (Trojan.Agent) -> Quarantined and deleted successfully.
C:\directory\CyberGate\install\server.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\lsass.exe (Trojan.Delf) -> Delete on reboot.
C:\Users\Felipe\AppData\Roaming\qghumeaylnlfdxfircvs85.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\WinDefender.exe (Trojan.Keylogger) -> Delete on reboot.
C:\install\server.exe (Trojan.SpyNet) -> Quarantined and deleted successfully.
C:\Windows\System32\import53an35ygsfsgftdoc.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\bot.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\test.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\WinDefender.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Delete on reboot.
C:\Users\Felipe\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Felipe\Templates\BWVxf.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\Templates\dzxaI.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\Templates\yVUvd.exe.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Local\Temp\msconfig.exe (Backdoor.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Felipe\AppData\Roaming\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
------------------------------------------------
I am now idleing at around 5-10% of CPU Usage... and here is my new task manager:
Last edited by nitraxx; 06 Feb 2011 at 22:08.
I'd uninstall your AV and install free Avast5 for real-time protection, then immediately schedule a Boot Scan and restart to get anything which was hiding in System Files during scans.
Afterwards repeat Malwarebytes and Avast until it is clean, then weekly.
If infection continues to resurface, you'll need to wipe the HD and clean reinstall using your Recovery Disks or a Win7 installer for your version. re-install windows 7
Run Avast or MSE permanently with the Win7 Firewall kept updated.
Last edited by gregrocker; 07 Feb 2011 at 20:59.
Yeah. I am doing a mjor clean up with my computer. Taking out stupid crap. Changing start up programs so everything just loads faster. I am uninstalling AV and going to get the newest avast and running a boot scan tonight to take out anything hidden.
Thanks a lot for you're guys help... every time I have a problem I come here and I come out a happy guy. THANK YOU VERY MUCH
I'm a little confused looking at your Malwarebytes Log. All items show "No action taken"? Did you tell it to fix all? Glad we have been able to help you out so far.
Regards
JohnnyA
So how many RAM usage are you getting now?
Your logs show No action taken. Please re-run MBAM and at the infected objects list, click Select All and Remove selected. Reboot when prompted. Post the new log.