Jump to content

cassidytan

Honorary Members
  • Posts

    59
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25/08/2015 Scan Time: 4:04 Logfile: mbam new scan.txt Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.08.24.06 Rootkit Database: v2015.08.16.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 10 CPU: x64 File System: NTFS User: 1 Scan Type: Threat Scan Result: Completed Objects Scanned: 456388 Time Elapsed: 11 min, 40 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 1 PUM.Hijack.HomepageControl, HKU\S-1-5-21-2950901286-4018632002-2551131573-1000\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|Homepage, 1, Good: (0), Bad: (1),,[b8eef9137714a690d45df6654cb93ac6] Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  2. Search results from Spybot - Search & Destroy 24/08/2015 19:49:03 Scan took 00:18:11. 9 items found. MS Management Console: [sBI $ECD50EAD] Recent command list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Microsoft Management Console\Recent File List MS DirectInput: [sBI $9A063C91] Most recent application (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name MS DirectInput: [sBI $7B184199] Most recent application ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id MS Paint: [sBI $07867C39] Recent file list (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List Windows Explorer: [sBI $7308A845] Run history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU Windows Explorer: [sBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Cache: [sBI $49804B54] Browser: Cache (6) (Browser: Cache, nothing done) History: [sBI $49804B54] Browser: History (4) (Browser: History, nothing done) History: [sBI $49804B54] Browser: History (54) (Browser: History, nothing done) --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) --- 2014-06-24 blindman.exe (2.4.40.151) 2014-06-24 explorer.exe (2.4.40.181) 2014-06-24 SDBootCD.exe (2.4.40.109) 2014-06-24 SDCleaner.exe (2.4.40.110) 2014-06-24 SDDelFile.exe (2.4.40.94) 2013-06-18 SDDisableProxy.exe 2014-06-24 SDFiles.exe (2.4.40.135) 2014-06-24 SDFileScanHelper.exe (2.4.40.1) 2014-06-24 SDFSSvc.exe (2.4.40.217) 2014-06-24 SDHelp.exe (2.4.40.1) 2014-04-25 SDHookHelper.exe (2.3.39.2) 2014-04-25 SDHookInst32.exe (2.3.39.2) 2014-04-25 SDHookInst64.exe (2.3.39.2) 2014-06-24 SDImmunize.exe (2.4.40.130) 2014-06-24 SDLogReport.exe (2.4.40.107) 2014-06-24 SDOnAccess.exe (2.4.40.11) 2014-06-24 SDPESetup.exe (2.4.40.3) 2014-06-24 SDPEStart.exe (2.4.40.86) 2014-06-24 SDPhoneScan.exe (2.4.40.28) 2014-06-24 SDPRE.exe (2.4.40.22) 2014-06-24 SDPrepPos.exe (2.4.40.15) 2014-06-24 SDQuarantine.exe (2.4.40.103) 2014-06-24 SDRootAlyzer.exe (2.4.40.116) 2014-06-24 SDSBIEdit.exe (2.4.40.39) 2014-06-24 SDScan.exe (2.4.40.181) 2014-06-24 SDScript.exe (2.4.40.54) 2014-06-24 SDSettings.exe (2.4.40.139) 2014-06-24 SDShell.exe (2.4.40.2) 2014-06-24 SDShred.exe (2.4.40.108) 2014-06-24 SDSysRepair.exe (2.4.40.102) 2014-06-24 SDTools.exe (2.4.40.157) 2014-06-24 SDTray.exe (2.4.40.129) 2014-06-27 SDUpdate.exe (2.4.40.94) 2014-06-27 SDUpdSvc.exe (2.4.40.77) 2014-06-24 SDWelcome.exe (2.4.40.130) 2014-04-25 SDWSCSvc.exe (2.3.39.2) 2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0) 2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0) 2014-07-31 spybotsd2-translation-esx.exe 2013-06-19 spybotsd2-translation-frx.exe 2015-03-25 spybotsd2-translation-hrx.exe 2014-08-25 spybotsd2-translation-hux2.exe 2014-10-01 spybotsd2-translation-nlx2.exe 2014-11-05 spybotsd2-translation-ukx.exe 2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0) 2015-08-21 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2014-04-25 NotificationSpreader.dll 2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98) 2014-04-25 SDAV.dll 2014-06-24 SDECon32.dll (2.4.40.114) 2014-06-24 SDECon64.dll (2.3.39.113) 2014-06-24 SDEvents.dll (2.4.40.2) 2014-06-24 SDFileScanLibrary.dll (2.4.40.14) 2014-04-25 SDHook32.dll (2.3.39.2) 2014-04-25 SDHook64.dll (2.3.39.2) 2014-06-24 SDImmunizeLibrary.dll (2.4.40.2) 2014-06-24 SDLicense.dll (2.4.40.0) 2014-06-24 SDLists.dll (2.4.40.4) 2014-06-24 SDResources.dll (2.4.40.7) 2014-06-24 SDScanLibrary.dll (2.4.40.131) 2014-06-24 SDTasks.dll (2.4.40.15) 2014-06-24 SDWinLogon.dll (2.4.40.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2014-06-24 Tools.dll (2.4.40.36) 2015-04-22 Includes\Adware-000.sbi (*) 2015-08-05 Includes\Adware-001.sbi (*) 2015-08-19 Includes\Adware-C.sbi (*) 2014-01-13 Includes\Adware.sbi (*) 2014-01-13 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2014-11-14 Includes\Dialer-000.sbi (*) 2014-11-14 Includes\Dialer-001.sbi (*) 2015-07-29 Includes\Dialer-C.sbi (*) 2014-01-13 Includes\Dialer.sbi (*) 2014-01-13 Includes\DialerC.sbi (*) 2014-01-09 Includes\Fraud-000.sbi (*) 2014-01-09 Includes\Fraud-001.sbi (*) 2014-03-31 Includes\Fraud-002.sbi (*) 2014-01-09 Includes\Fraud-003.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2014-11-14 Includes\Hijackers-000.sbi (*) 2014-11-14 Includes\Hijackers-001.sbi (*) 2014-01-08 Includes\Hijackers-C.sbi (*) 2014-01-13 Includes\Hijackers.sbi (*) 2014-01-13 Includes\HijackersC.sbi (*) 2014-01-08 Includes\iPhone-000.sbi (*) 2014-01-08 Includes\iPhone.sbi (*) 2014-11-14 Includes\Keyloggers-000.sbi (*) 2014-09-24 Includes\Keyloggers-C.sbi (*) 2014-01-13 Includes\Keyloggers.sbi (*) 2014-01-13 Includes\KeyloggersC.sbi (*) 2014-11-14 Includes\Malware-000.sbi (*) 2014-11-14 Includes\Malware-001.sbi (*) 2014-11-14 Includes\Malware-002.sbi (*) 2014-11-14 Includes\Malware-003.sbi (*) 2014-11-14 Includes\Malware-004.sbi (*) 2014-11-14 Includes\Malware-005.sbi (*) 2014-02-26 Includes\Malware-006.sbi (*) 2014-01-09 Includes\Malware-007.sbi (*) 2015-08-19 Includes\Malware-C.sbi (*) 2014-01-13 Includes\Malware.sbi (*) 2013-12-23 Includes\MalwareC.sbi (*) 2014-11-14 Includes\PUPS-000.sbi (*) 2014-01-15 Includes\PUPS-001.sbi (*) 2014-01-15 Includes\PUPS-002.sbi (*) 2015-08-19 Includes\PUPS-C.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2014-01-07 Includes\PUPSC.sbi (*) 2014-01-08 Includes\Security-000.sbi (*) 2014-01-08 Includes\Security-C.sbi (*) 2014-01-21 Includes\Security.sbi (*) 2014-01-21 Includes\SecurityC.sbi (*) 2014-11-14 Includes\Spyware-000.sbi (*) 2015-05-06 Includes\Spyware-001.sbi (*) 2015-08-12 Includes\Spyware-C.sbi (*) 2014-01-21 Includes\Spyware.sbi (*) 2014-01-21 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2014-01-15 Includes\Trojans-000.sbi (*) 2014-01-15 Includes\Trojans-001.sbi (*) 2014-01-15 Includes\Trojans-003.sbi (*) 2014-01-15 Includes\Trojans-004.sbi (*) 2014-03-19 Includes\Trojans-005.sbi (*) 2015-03-31 Includes\Trojans-006.sbi (*) 2014-01-15 Includes\Trojans-007.sbi (*) 2014-07-09 Includes\Trojans-008.sbi (*) 2014-07-09 Includes\Trojans-009.sbi (*) 2015-08-19 Includes\Trojans-C.sbi (*) 2014-01-15 Includes\Trojans-OG-000.sbi (*) 2014-01-15 Includes\Trojans-TD-000.sbi (*) 2014-01-15 Includes\Trojans-VM-000.sbi (*) 2014-01-15 Includes\Trojans-VM-001.sbi (*) 2014-01-15 Includes\Trojans-VM-002.sbi (*) 2014-01-15 Includes\Trojans-VM-003.sbi (*) 2014-01-15 Includes\Trojans-VM-004.sbi (*) 2014-01-15 Includes\Trojans-VM-005.sbi (*) 2014-01-15 Includes\Trojans-VM-006.sbi (*) 2014-01-15 Includes\Trojans-VM-007.sbi (*) 2014-01-15 Includes\Trojans-VM-008.sbi (*) 2014-01-15 Includes\Trojans-VM-009.sbi (*) 2014-01-15 Includes\Trojans-VM-010.sbi (*) 2014-01-15 Includes\Trojans-VM-011.sbi (*) 2014-01-15 Includes\Trojans-VM-012.sbi (*) 2014-01-15 Includes\Trojans-VM-013.sbi (*) 2014-01-15 Includes\Trojans-VM-014.sbi (*) 2014-01-15 Includes\Trojans-VM-015.sbi (*) 2014-01-15 Includes\Trojans-VM-016.sbi (*) 2014-01-15 Includes\Trojans-VM-017.sbi (*) 2014-01-15 Includes\Trojans-VM-018.sbi (*) 2014-01-15 Includes\Trojans-VM-019.sbi (*) 2014-01-15 Includes\Trojans-VM-020.sbi (*) 2014-01-15 Includes\Trojans-VM-021.sbi (*) 2014-01-15 Includes\Trojans-VM-022.sbi (*) 2014-01-15 Includes\Trojans-VM-023.sbi (*) 2014-01-15 Includes\Trojans-VM-024.sbi (*) 2014-01-15 Includes\Trojans-ZB-000.sbi (*) 2014-01-15 Includes\Trojans-ZL-000.sbi (*) 2014-01-09 Includes\Trojans.sbi (*) 2014-01-16 Includes\TrojansC-01.sbi (*) 2014-01-16 Includes\TrojansC-02.sbi (*) 2014-01-16 Includes\TrojansC-03.sbi (*) 2014-01-16 Includes\TrojansC-04.sbi (*) 2014-01-16 Includes\TrojansC-05.sbi (*) 2014-01-09 Includes\TrojansC.sbi (*)
  3. and also, whenever i start my pc ... its always pop up " The Driver cant realease to failure" what is this ?
  4. Search results from Spybot - Search & Destroy 24/08/2015 8:40:24 Scan took 00:20:04. 4 items found. MS Regedit: [sBI $C3B62FC1] Recent open key (Registry Change, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey Windows Explorer: [sBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-2950901286-4018632002-2551131573-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Cache: [sBI $49804B54] Browser: Cache (52) (Browser: Cache, nothing done) History: [sBI $49804B54] Browser: History (1) (Browser: History, nothing done) --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) --- 2014-06-24 blindman.exe (2.4.40.151) 2014-06-24 explorer.exe (2.4.40.181) 2014-06-24 SDBootCD.exe (2.4.40.109) 2014-06-24 SDCleaner.exe (2.4.40.110) 2014-06-24 SDDelFile.exe (2.4.40.94) 2013-06-18 SDDisableProxy.exe 2014-06-24 SDFiles.exe (2.4.40.135) 2014-06-24 SDFileScanHelper.exe (2.4.40.1) 2014-06-24 SDFSSvc.exe (2.4.40.217) 2014-06-24 SDHelp.exe (2.4.40.1) 2014-04-25 SDHookHelper.exe (2.3.39.2) 2014-04-25 SDHookInst32.exe (2.3.39.2) 2014-04-25 SDHookInst64.exe (2.3.39.2) 2014-06-24 SDImmunize.exe (2.4.40.130) 2014-06-24 SDLogReport.exe (2.4.40.107) 2014-06-24 SDOnAccess.exe (2.4.40.11) 2014-06-24 SDPESetup.exe (2.4.40.3) 2014-06-24 SDPEStart.exe (2.4.40.86) 2014-06-24 SDPhoneScan.exe (2.4.40.28) 2014-06-24 SDPRE.exe (2.4.40.22) 2014-06-24 SDPrepPos.exe (2.4.40.15) 2014-06-24 SDQuarantine.exe (2.4.40.103) 2014-06-24 SDRootAlyzer.exe (2.4.40.116) 2014-06-24 SDSBIEdit.exe (2.4.40.39) 2014-06-24 SDScan.exe (2.4.40.181) 2014-06-24 SDScript.exe (2.4.40.54) 2014-06-24 SDSettings.exe (2.4.40.139) 2014-06-24 SDShell.exe (2.4.40.2) 2014-06-24 SDShred.exe (2.4.40.108) 2014-06-24 SDSysRepair.exe (2.4.40.102) 2014-06-24 SDTools.exe (2.4.40.157) 2014-06-24 SDTray.exe (2.4.40.129) 2014-06-27 SDUpdate.exe (2.4.40.94) 2014-06-27 SDUpdSvc.exe (2.4.40.77) 2014-06-24 SDWelcome.exe (2.4.40.130) 2014-04-25 SDWSCSvc.exe (2.3.39.2) 2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0) 2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0) 2014-07-31 spybotsd2-translation-esx.exe 2013-06-19 spybotsd2-translation-frx.exe 2015-03-25 spybotsd2-translation-hrx.exe 2014-08-25 spybotsd2-translation-hux2.exe 2014-10-01 spybotsd2-translation-nlx2.exe 2014-11-05 spybotsd2-translation-ukx.exe 2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0) 2015-08-21 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2014-04-25 NotificationSpreader.dll 2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98) 2014-04-25 SDAV.dll 2014-06-24 SDECon32.dll (2.4.40.114) 2014-06-24 SDECon64.dll (2.3.39.113) 2014-06-24 SDEvents.dll (2.4.40.2) 2014-06-24 SDFileScanLibrary.dll (2.4.40.14) 2014-04-25 SDHook32.dll (2.3.39.2) 2014-04-25 SDHook64.dll (2.3.39.2) 2014-06-24 SDImmunizeLibrary.dll (2.4.40.2) 2014-06-24 SDLicense.dll (2.4.40.0) 2014-06-24 SDLists.dll (2.4.40.4) 2014-06-24 SDResources.dll (2.4.40.7) 2014-06-24 SDScanLibrary.dll (2.4.40.131) 2014-06-24 SDTasks.dll (2.4.40.15) 2014-06-24 SDWinLogon.dll (2.4.40.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2014-06-24 Tools.dll (2.4.40.36) 2015-04-22 Includes\Adware-000.sbi (*) 2015-08-05 Includes\Adware-001.sbi (*) 2015-08-19 Includes\Adware-C.sbi (*) 2014-01-13 Includes\Adware.sbi (*) 2014-01-13 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2014-11-14 Includes\Dialer-000.sbi (*) 2014-11-14 Includes\Dialer-001.sbi (*) 2015-07-29 Includes\Dialer-C.sbi (*) 2014-01-13 Includes\Dialer.sbi (*) 2014-01-13 Includes\DialerC.sbi (*) 2014-01-09 Includes\Fraud-000.sbi (*) 2014-01-09 Includes\Fraud-001.sbi (*) 2014-03-31 Includes\Fraud-002.sbi (*) 2014-01-09 Includes\Fraud-003.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2014-11-14 Includes\Hijackers-000.sbi (*) 2014-11-14 Includes\Hijackers-001.sbi (*) 2014-01-08 Includes\Hijackers-C.sbi (*) 2014-01-13 Includes\Hijackers.sbi (*) 2014-01-13 Includes\HijackersC.sbi (*) 2014-01-08 Includes\iPhone-000.sbi (*) 2014-01-08 Includes\iPhone.sbi (*) 2014-11-14 Includes\Keyloggers-000.sbi (*) 2014-09-24 Includes\Keyloggers-C.sbi (*) 2014-01-13 Includes\Keyloggers.sbi (*) 2014-01-13 Includes\KeyloggersC.sbi (*) 2014-11-14 Includes\Malware-000.sbi (*) 2014-11-14 Includes\Malware-001.sbi (*) 2014-11-14 Includes\Malware-002.sbi (*) 2014-11-14 Includes\Malware-003.sbi (*) 2014-11-14 Includes\Malware-004.sbi (*) 2014-11-14 Includes\Malware-005.sbi (*) 2014-02-26 Includes\Malware-006.sbi (*) 2014-01-09 Includes\Malware-007.sbi (*) 2015-08-19 Includes\Malware-C.sbi (*) 2014-01-13 Includes\Malware.sbi (*) 2013-12-23 Includes\MalwareC.sbi (*) 2014-11-14 Includes\PUPS-000.sbi (*) 2014-01-15 Includes\PUPS-001.sbi (*) 2014-01-15 Includes\PUPS-002.sbi (*) 2015-08-19 Includes\PUPS-C.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2014-01-07 Includes\PUPSC.sbi (*) 2014-01-08 Includes\Security-000.sbi (*) 2014-01-08 Includes\Security-C.sbi (*) 2014-01-21 Includes\Security.sbi (*) 2014-01-21 Includes\SecurityC.sbi (*) 2014-11-14 Includes\Spyware-000.sbi (*) 2015-05-06 Includes\Spyware-001.sbi (*) 2015-08-12 Includes\Spyware-C.sbi (*) 2014-01-21 Includes\Spyware.sbi (*) 2014-01-21 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2014-01-15 Includes\Trojans-000.sbi (*) 2014-01-15 Includes\Trojans-001.sbi (*) 2014-01-15 Includes\Trojans-003.sbi (*) 2014-01-15 Includes\Trojans-004.sbi (*) 2014-03-19 Includes\Trojans-005.sbi (*) 2015-03-31 Includes\Trojans-006.sbi (*) 2014-01-15 Includes\Trojans-007.sbi (*) 2014-07-09 Includes\Trojans-008.sbi (*) 2014-07-09 Includes\Trojans-009.sbi (*) 2015-08-19 Includes\Trojans-C.sbi (*) 2014-01-15 Includes\Trojans-OG-000.sbi (*) 2014-01-15 Includes\Trojans-TD-000.sbi (*) 2014-01-15 Includes\Trojans-VM-000.sbi (*) 2014-01-15 Includes\Trojans-VM-001.sbi (*) 2014-01-15 Includes\Trojans-VM-002.sbi (*) 2014-01-15 Includes\Trojans-VM-003.sbi (*) 2014-01-15 Includes\Trojans-VM-004.sbi (*) 2014-01-15 Includes\Trojans-VM-005.sbi (*) 2014-01-15 Includes\Trojans-VM-006.sbi (*) 2014-01-15 Includes\Trojans-VM-007.sbi (*) 2014-01-15 Includes\Trojans-VM-008.sbi (*) 2014-01-15 Includes\Trojans-VM-009.sbi (*) 2014-01-15 Includes\Trojans-VM-010.sbi (*) 2014-01-15 Includes\Trojans-VM-011.sbi (*) 2014-01-15 Includes\Trojans-VM-012.sbi (*) 2014-01-15 Includes\Trojans-VM-013.sbi (*) 2014-01-15 Includes\Trojans-VM-014.sbi (*) 2014-01-15 Includes\Trojans-VM-015.sbi (*) 2014-01-15 Includes\Trojans-VM-016.sbi (*) 2014-01-15 Includes\Trojans-VM-017.sbi (*) 2014-01-15 Includes\Trojans-VM-018.sbi (*) 2014-01-15 Includes\Trojans-VM-019.sbi (*) 2014-01-15 Includes\Trojans-VM-020.sbi (*) 2014-01-15 Includes\Trojans-VM-021.sbi (*) 2014-01-15 Includes\Trojans-VM-022.sbi (*) 2014-01-15 Includes\Trojans-VM-023.sbi (*) 2014-01-15 Includes\Trojans-VM-024.sbi (*) 2014-01-15 Includes\Trojans-ZB-000.sbi (*) 2014-01-15 Includes\Trojans-ZL-000.sbi (*) 2014-01-09 Includes\Trojans.sbi (*) 2014-01-16 Includes\TrojansC-01.sbi (*) 2014-01-16 Includes\TrojansC-02.sbi (*) 2014-01-16 Includes\TrojansC-03.sbi (*) 2014-01-16 Includes\TrojansC-04.sbi (*) 2014-01-16 Includes\TrojansC-05.sbi (*) 2014-01-09 Includes\TrojansC.sbi (*)
  5. everytime i scan with spybot, i always found registry key and registry change and follow to tracking something... what was that... ?
  6. i got another problem bro... when i open windows explorer... whenever i right click that drive c to see the property... my windows explorer otomatically closed... is it because another virus or .....?
  7. oh yeah , 1 more thing... if i wanna download some movie from https://pirateproxy.sx, which program i should do since i cant use utorent anymore....
  8. so far so good bro... is there anything i should do for next time ?
  9. C:\Users\1\AppData\Roaming\BitTorrent\updates\7.9.2_37954.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined C:\Users\1\Downloads\software\BitTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined C:\Users\1\Downloads\software\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
  10. Fix result of Farbar Recovery Scan Tool (x64) Version:16-08-2015 Ran by 1 (2015-08-18 05:10:25) Run:1 Running from C:\Users\1\Desktop\mallwarebytes\Mrx Loaded Profiles: 1 (Available Profiles: 1) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: FirewallRules: [{8C185DA8-7397-4DAC-AC03-C24AB8BC02BA}] => (Allow) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A7AABC5C-F613-49B8-B902-DA489D6390C5}] => (Allow) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B5C2186E-76CD-4583-9DBD-C5790BAC663D}] => (Block) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe FirewallRules: [{9C2834FD-93C3-4EB9-A6ED-BC56B0091C65}] => (Block) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe FirewallRules: [uDP Query User{75A65E68-CD24-4DA9-8B3D-C343B25561E3}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe FirewallRules: [TCP Query User{3C7DF543-87CD-4402-A0AE-39CF3D5AF28C}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe FirewallRules: [{6A444ADD-E10B-4B44-A79D-9BF44ADC3D45}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{F7E2F26E-4FC9-478D-B844-B3A48587B395}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{EACB5B3B-9877-40C3-915F-93B5A541E5DE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{1923E663-2DCF-4F70-84E2-0FD8D0475A7A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe HKU\S-1-5-21-2950901286-4018632002-2551131573-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 2015-08-15 07:27 - 2015-06-11 09:07 - 00000000 ____D C:\Users\1\AppData\Roaming\uTorrent NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File C:\Program Files (x86)\CheckPoint C:\programdata\videodownloaderultimatewinapp Hosts: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers end ***************** Restore point was successfully created. Processes closed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C185DA8-7397-4DAC-AC03-C24AB8BC02BA} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7AABC5C-F613-49B8-B902-DA489D6390C5} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5C2186E-76CD-4583-9DBD-C5790BAC663D} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C2834FD-93C3-4EB9-A6ED-BC56B0091C65} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75A65E68-CD24-4DA9-8B3D-C343B25561E3}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3C7DF543-87CD-4402-A0AE-39CF3D5AF28C}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A444ADD-E10B-4B44-A79D-9BF44ADC3D45} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7E2F26E-4FC9-478D-B844-B3A48587B395} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EACB5B3B-9877-40C3-915F-93B5A541E5DE} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1923E663-2DCF-4F70-84E2-0FD8D0475A7A} => value removed successfully "HKU\S-1-5-21-2950901286-4018632002-2551131573-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully C:\Users\1\AppData\Roaming\uTorrent => moved successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs UserManager => removed successfully "C:\Program Files (x86)\CheckPoint" => File/Folder not found. "C:\programdata\videodownloaderultimatewinapp" => File/Folder not found. C:\Windows\System32\Drivers\etc\hosts => moved successfully. Hosts restored successfully. ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /release ========= Windows IP Configuration No operation can be performed on Local Area Connection 5 while it has its media disconnected. Tunnel adapter Local Area Connection 5: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::21f1:45a3:dde8:3337%2 Default Gateway . . . . . . . . . : ========= End of CMD: ========= ========= ipconfig /renew ========= Windows IP Configuration No operation can be performed on Local Area Connection 5 while it has its media disconnected. Tunnel adapter Local Area Connection 5: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::21f1:45a3:dde8:3337%2 IPv4 Address. . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Resetting Global, OK! Resetting Interface, OK! Resetting Neighbor, OK! Resetting Path, OK! Resetting , failed. Access is denied. Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Resetting Neighbor, OK! Resetting Path, OK! Resetting , failed. Access is denied. Resetting , OK! Resetting , OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-2950901286-4018632002-2551131573-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-2950901286-4018632002-2551131573-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.8.10240 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {5C934B56-DA06-41B6-BC96-F5A5A24DB3C6}. Unable to cancel {3DC24D35-F9DD-4282-A9ED-BCBE96C87BE9}. Unable to cancel {7DAA2541-7CF2-43AF-9139-19C8ED4529AF}. 0 out of 3 jobs canceled. ========= End of CMD: ========= EmptyTemp: => 371.4 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 05:11:14 ====
  11. hello there,, yes im paying full version of mbam .. but i use to be ask from this forum to get help.. here are frst log FRST.txt Addition.txt
  12. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 15/08/2015 Scan Time: 15:05 Logfile: mbam.txt Administrator: Yes Version: 0.0.0.0000 Malware Database: v2015.08.15.02 Rootkit Database: v2015.08.06.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 10 CPU: x64 File System: NTFS User: 1 Scan Type: Custom Scan Result: Completed Objects Scanned: 720607 Time Elapsed: 1 hr, 47 min, 42 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  13. hello there,,, could u guys help me a bit.. (sorry i cant speak english) here are FRST txt and addition.txt (attach file) Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.