Jump to content

Wirbelwind

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral

About Wirbelwind

  • Birthday 05/15/1994
  1. Hello, I am new to MwB and I recently found a pup hacktool patcher in my c:\sys volume information\restore and I was wondering how to resolve this. Here is the DSS txt: . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Administrator at 17:57:31 on 2011-08-22 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.954 [GMT -7:00] . AV: AntiVir Desktop *Enabled/Updated* {11638345-E4FC-4BEE-BB73-EC754659C5F6} FW: ZoneAlarm Firewall *Disabled* FW: COMODO Firewall *Disabled* FW: Avira FireWall *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k Akamai C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Melloware\Intelliremote\Intelliservice.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdqserv.exe C:\WINDOWS\system32\lxdqcoms.exe C:\Program Files\Soluto\SolutoService.exe C:\Program Files\Soluto\soluto.exe C:\WINDOWS\Explorer.EXE C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files\Panda USB Vaccine\USBVaccine.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Avira\AntiVir Desktop\avmailc.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.65\GoogleCrashHandler.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\uTorrent\uTorrent.exe C:\Documents and Settings\Administrator\Application Data\uTorrent\apps\VirusGuard\VirusGuard.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit, BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll uRun: [Power2GoExpress] NA uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [RTHDCPL] RTHDCPL.EXE mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [RecGuard] c:\windows\sminst\RecGuard.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe" mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe" mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll LSP: c:\program files\avira\antivir desktop\avsda.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{A3A9E79D-A7DE-4D22-927A-443C42929768} : DhcpNameServer = 192.168.1.254 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll AppInit_DLLs: c:\windows\system32\guard32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ============= SERVICES / DRIVERS =============== . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-6-14 13496] R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2011-6-9 51144] R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2011-8-8 106904] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-8-8 11608] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-5-2 242600] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-5-2 29400] R1 SASDIFSV;SASDIFSV;c:\docume~1\admini~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2011-7-12 12880] R1 SASKUTIL;SASKUTIL;c:\docume~1\admini~1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2011-7-12 67664] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336] R2 AntiVirFirewallService;Avira FireWall;c:\program files\avira\antivir desktop\avfwsvc.exe [2011-8-8 567464] R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2011-8-8 340136] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-8-8 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-8-8 269480] R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2011-8-8 428200] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-8-8 66616] R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-5-9 1793712] R2 Intelliservice;Intelliservice;c:\program files\melloware\intelliremote\Intelliservice.exe [2011-2-8 118784] R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?] R2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2011-5-31 94208] R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2011-7-7 376352] R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2011-8-8 82952] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 dump_wmimmc;dump_wmimmc;\??\c:\gpotato\rappelz\gameguard\dump_wmimmc.sys --> c:\gpotato\rappelz\gameguard\dump_wmimmc.sys [?] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-8-9 41272] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva387;XDva387;c:\windows\system32\XDva387.sys [2011-7-15 76616] . =============== Created Last 30 ================ . 2011-08-21 05:47:20 -------- d-----w- c:\windows\system32\NtmsData 2011-08-10 04:11:50 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2011-08-10 04:10:06 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2011-08-09 23:57:59 -------- d-----w- c:\program files\common files\Steam 2011-08-09 23:57:58 -------- d-----w- c:\program files\Steam 2011-08-09 23:54:40 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes 2011-08-09 23:54:34 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-09 23:54:32 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-08-09 23:54:29 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-09 23:54:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-08-09 05:37:10 -------- d-----w- c:\documents and settings\administrator\application data\Avira 2011-08-09 03:27:18 82952 ----a-w- c:\windows\system32\drivers\avfwim.sys 2011-08-09 03:27:18 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-08-09 03:27:18 106904 ----a-w- c:\windows\system32\drivers\avfwot.sys 2011-08-09 03:27:17 -------- d-----w- c:\program files\Avira 2011-08-09 03:27:17 -------- d-----w- c:\documents and settings\all users\application data\Avira 2011-08-06 17:10:09 -------- d-----w- c:\windows\pss 2011-08-06 02:13:06 -------- d-----w- c:\program files\iPod 2011-08-06 02:13:03 -------- d-----w- c:\program files\iTunes 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2011-08-06 02:12:41 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2011-08-06 02:11:32 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll 2011-08-06 02:11:32 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2011-08-06 02:11:17 -------- d-----w- c:\program files\Bonjour 2011-08-06 00:18:28 -------- d-----w- c:\program files\Windows Resource Kits 2011-08-04 18:25:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-31 23:06:17 -------- d-----w- c:\program files\Musicnotes 2011-07-25 03:44:32 -------- d-----w- c:\program files\AVAST Software 2011-07-25 03:44:32 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2011-07-25 00:28:02 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2011-07-25 00:28:02 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys . ==================== Find3M ==================== . 2011-07-15 19:25:30 76616 ----a-w- c:\windows\system32\XDva387.sys 2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 18:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 18:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-12 18:20:54 50536 ----a-w- c:\windows\system32\jdns_sd.dll 2011-07-12 18:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll 2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-07 15:34:08 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2011-07-05 22:41:38 285256 ----a-w- c:\windows\system32\guard32.dll 2011-07-05 22:41:36 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2011-07-05 22:41:35 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2011-07-05 22:41:35 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys 2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:36:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys . =================== ROOTKIT ==================== . Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 5.1.2600 . CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process. device: opened successfully user: error reading MBR . Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A648868] 3 CLASSPNP[0xF74E7FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000008f[0x8A75D848] 5 ACPI[0xF735E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-0[0x8A75C030] kernel: MBR read successfully _asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x7a; } user != kernel MBR !!! . ============= FINISH: 17:58:30.04 =============== and here is the MwB log: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7539 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 8/22/2011 5:36:25 PM mbam-log-2011-08-22 (17-36-25).txt Scan type: Full scan (C:\|D:\|G:\|) Objects scanned: 480138 Time elapsed: 1 hour(s), 25 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Not selected for removal. Folders Infected: (No malicious items detected) Files Infected: c:\system volume information\_restore{a80475b6-cf6d-4b3a-bd21-b16c67db5304}\RP100\A0025790.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully. c:\system volume information\_restore{a80475b6-cf6d-4b3a-bd21-b16c67db5304}\RP99\A0024110.exe (Trojan.Agent) -> Quarantined and deleted successfully. As for the zip, I won't post it until someone replies to me. Personally, I feel uncomfortable to post it. Sorry Thanks, Andrew
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.