| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 113912 | 2010-11-09 12:35:00 | Uploads gone nuts!!! | Coffeeluva (16069) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1151720 | 2010-11-10 03:16:00 | Also no webcams so no sykping or video chat of any description. And definitely no tv watched online |
Coffeeluva (16069) | ||
| 1151721 | 2010-11-10 08:12:00 | malwarebytes thingamee scan result alwarebytes' Anti-Malware 1 . 46 www . malwarebytes . org Database version: 5087 Windows 6 . 0 . 6002 Service Pack 2 Internet Explorer 8 . 0 . 6001 . 18975 10/11/2010 9:09:23 p . m . mbam-log-2010-11-10 (21-09-23) . txt Scan type: Full scan (C:\|D:\|) Objects scanned: 365902 Time elapsed: 1 hour(s), 39 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 27 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 2 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware . MyWebSearch) -> No action taken . HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware . DoubleD) -> No action taken . HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware . MyWebSearch) -> No action taken . HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware . MyWebSearch) -> No action taken . HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan . Vundo) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware . MyWebSearch) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware . MyWebSearch) -> No action taken . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan . Vundo) -> No action taken . HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware . DoubleD) -> No action taken . HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware . DoubleD) -> No action taken . HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware . DoubleD) -> No action taken . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr . dll (Adware . MyWebSearch) -> No action taken . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware . MyWebSearch) -> No action taken . Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\runit (Trojan . Agent) -> No action taken . C:\Windows\System32\SystemService32 (Worm . Archive) -> No action taken . Files Infected: C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\patch . exe (HackTool . Patcher) -> No action taken . C:\Users\Deborah\Downloads\WebfettiSetup2 . 3 . 70 . 1 . Z Kman000 . exe (Adware . MyWebSearch) -> No action taken . C:\Program Files\runit\config . txt (Trojan . Agent) -> No action taken . C:\Windows\System32\SystemService32\15FF . tmp (Worm . Archive) -> No action taken . C:\Windows\System32\SystemService32\16BA . tmp (Worm . Archive) -> No action taken . C:\Windows\System32\SystemService32\197C . tmp (Worm . Archive) -> No action taken . C:\Windows\System32\SystemService32\94B0 . tmp (Worm . Archive) -> No action taken . C:\Windows\System32\SystemService32\A939 . tmp (Worm . Archive) -> No action taken . C:\Users\Deborah\AppData\Roaming\02000000d68e99356 00C . manifest (Malware . Trace) -> No action taken . C:\Users\Deborah\AppData\Roaming\02000000d68e99356 00O . manifest (Malware . Trace) -> No action taken . C:\Users\Deborah\AppData\Roaming\02000000d68e99356 00P . manifest (Malware . Trace) -> No action taken . C:\Users\Deborah\AppData\Roaming\02000000d68e99356 00S . manifest (Malware . Trace) -> No action taken . C:\Windows\System32\GroupPolicy000 . dat (Malware . Trace) -> No action taken . so do I delete everything?? |
Coffeeluva (16069) | ||
| 1151722 | 2010-11-10 08:25:00 | Remove them all in malwarebytes, then reboot | Speedy Gonzales (78) | ||
| 1151723 | 2010-11-10 08:28:00 | Delete every thing it finds, the PC has trojans. Also run trojan remover. (www.simplysup.com) While malwarebytes isn't bad, its not always 100% -- from my sig, download and run Super Antispyware ( full Scan mode) as well as Spybot S&D. These will take around the same time to run as malwarebytes. Once they have run, they should get most if not all the infections. Dump the AVG - its rubbish. Install Microsoft MSSE (www.microsoft.com) if you want a free AV, or nod32 (www.eset.com) if you want a paid and better AV (30 day trial) |
wainuitech (129) | ||
| 1151724 | 2010-11-10 10:36:00 | C:\WINDOWS\SYSTEM32\DATACLEN32.DLL A File with this name has not been found or is hidden. So can I remove it???????????? |
Coffeeluva (16069) | ||
| 1151725 | 2010-11-10 11:51:00 | Try running the scan in safe mode, should allow you to delete any locked files, etc. www.computerhope.com |
Netsukeninja (13296) | ||
| 1151726 | 2010-11-10 11:58:00 | oh it was going to let me delete it, but there was a warning first asking me to be sure I wanted to, since I don't know what that entry is I wanted to be sure it wasn't needed before I deleted it | Coffeeluva (16069) | ||
| 1151727 | 2010-11-10 13:32:00 | I agree with what everyone else is saying - dump AVG and get Microsoft Security Essentials, it beats the pants off of AVG. Recently swapped AVG for MSSE on someones comp, it picked up 4 active (albeit mild) infections. It's about as useful as a wet tissue. |
ubergeek85 (131) | ||
| 1151728 | 2010-11-10 20:09:00 | Have seen similar item before, was Adobe Updates going crazy, not completing the downlaod of updates and going in an endless cycle of downloading them. But doesn't show up in HJT etc. | FAB (6923) | ||
| 1151729 | 2010-11-11 00:36:00 | Not wanting to sound like an a**hole... if you're serious about cleaning up this PC.... you really need to take it to someone who knows what they are doing. No single AV/spyware scanner can detect all infections, you must run several across it & be able to interpret the results. You also dont want to run AV scans with the default settings. I dont mean to p8ss anyone off, but.. Take it to someone who does AV removal all the time,every other day, rather than advice from someone who has cleaned up 1 or 2 pc's this year. - 3 pages of 'advice' before the suggestion to run a spyware scan. Avoid any tech who says he will be able to do it onsite. :badpc: :badpc: Chances are the other PC may be infected as well. If you want to try & clean it up yourself, there are alot things you need to check (trojans can be VERY bad news, not allways tho..) *repeat everything on each user a/c on that PC ****change your online banking password ****keep an eye on your visa bill if you used it on that PC |
1101 (13337) | ||
| 1 2 3 4 5 | |||||