Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
CONDUIT MALWARE
Message
<blockquote data-quote="g3n-h@ckm@n" data-source="post: 170128" data-attributes="member: 19510"><p>perhaps you didn't configure it like the image..?</p><p></p><p>ok it doesn't matter , that 's ok</p><p></p><p>uninstall Java it's not up to date keep juste Java 7 Update 51 </p><p></p><p>You 'd better install a real antivirus ( Like Avast or...) , cause McAfee Security Scan is very useless</p><p></p><p>====</p><p></p><p>copy and paste all this bold text under "Personnalization" in OTL and click on " Run Fix"</p><p></p><p><span style="color: #0000ff"><strong>:OTL</strong></span></p><p><span style="color: #0000ff"><strong>SRV - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService) </strong></span></p><p><span style="color: #0000ff"><strong>FF - user.js - File not found</strong></span></p><p><span style="color: #0000ff"><strong>FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) </strong></span></p><p><span style="color: #0000ff"><strong>FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\<a href="mailto:vinceturk@gmail.com">vinceturk@gmail.com</a>: C:\Program Files (x86)\KwiClick LLC\KwiClick\ [2013/11/11 19:10:07 | 000,000,000 | ---D | M] </strong></span></p><p><span style="color: #0000ff"><strong>[2013/11/07 20:46:26 | 000,007,660 | ---- | M] () (No name found) -- C:\Users\marcuspassey\AppData\Roaming\Mozilla\Firefox\Profiles\9jl0hjl9.default-1372188750837\Extensions\<a href="mailto:firefox@browsebeyond.net.xpi">firefox@browsebeyond.net.xpi</a> </strong></span></p><p><span style="color: #0000ff"><strong>[2013/11/07 20:46:26 | 000,007,660 | ---- | M] () (No name found) -- C:\Users\marcuspassey\AppData\Roaming\Mozilla\Firefox\Profiles\llgjaj9t.default\extensions\<a href="mailto:firefox@browsebeyond.net.xpi">firefox@browsebeyond.net.xpi</a> </strong></span></p><p><span style="color: #0000ff"><strong>CHR - Extension: McAfee Security Scan+ = C:\Users\marcuspassey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\ </strong></span></p><p><span style="color: #0000ff"><strong>O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.</strong></span></p><p><span style="color: #0000ff"><strong>O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) </strong></span></p><p><span style="color: #0000ff"><strong>O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.</strong></span></p><p><span style="color: #0000ff"><strong>O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.</strong></span></p><p><span style="color: #0000ff"><strong>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab</a> (Java Plug-in 1.6.0_18) </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab</a> (Java Plug-in 1.6.0_18) </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab</a> (Reg Error: Key error.)</strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab</a> (Java Plug-in 10.51.2) </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab</a> (Java Plug-in 1.6.0_30) </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <a href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab" target="_blank">http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab</a> (Java Plug-in 10.51.2) </strong></span></p><p><span style="color: #0000ff"><strong>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} <a href="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab" target="_blank">http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</a> (Reg Error: Key error.)</strong></span></p><p><span style="color: #0000ff"><strong>O33 - MountPoints2\{673b7dce-9a3f-11e0-8e6f-b8ac6f9b6f7b}\Shell - "" = AutoRun </strong></span></p><p><span style="color: #0000ff"><strong>O33 - MountPoints2\{673b7dce-9a3f-11e0-8e6f-b8ac6f9b6f7b}\Shell\AutoRun\command - "" = I:\setup.exe -a </strong></span></p><p><span style="color: #0000ff"><strong>MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe - (McAfee, Inc.) </strong></span></p><p><span style="color: #0000ff"><strong>MsConfig:64bit - StartUpReg: <strong>mcpltui_exe</strong> - hkey= - key= - File not found</strong></span></p><p><span style="color: #0000ff"><strong>MsConfig:64bit - StartUpReg: <strong>mcui_exe</strong> - hkey= - key= - File not found</strong></span></p><p><span style="color: #0000ff"><strong>ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.</strong></span></p><p><span style="color: #0000ff"><strong>ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.</strong></span></p><p><span style="color: #0000ff"><strong>ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.</strong></span></p><p><span style="color: #0000ff"><strong>[2014/02/17 17:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus </strong></span></p><p><span style="color: #0000ff"><strong>[2014/02/17 17:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan </strong></span></p><p><span style="color: #0000ff"><strong>[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] </strong></span></p><p><span style="color: #0000ff"><strong>[2014/03/06 20:28:11 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job </strong></span></p><p><span style="color: #0000ff"><strong>[2014/02/17 17:02:10 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk </strong></span></p><p><span style="color: #0000ff"><strong>[2012/10/18 21:34:27 | 083,023,306 | ---- | C] () -- C:\ProgramData\kcehcuj.pad </strong></span></p><p><span style="color: #0000ff"><strong>[2012/04/07 17:58:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\-4p0s7wdEAiunln </strong></span></p><p><span style="color: #0000ff"><strong>[2012/04/07 17:57:52 | 000,000,256 | ---- | C] () -- C:\ProgramData\4p0s7wdEAiunln </strong></span></p><p><span style="color: #0000ff"><strong>[2012/02/09 17:44:30 | 000,005,104 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss </strong></span></p><p><span style="color: #0000ff"><strong>[2010/07/19 19:59:09 | 000,072,080 | ---- | C] () -- C:\Users\marcuspassey\g2mdlhlpx.exe </strong></span></p><p><span style="color: #0000ff"><strong>[2010/07/09 16:44:00 | 031,494,960 | ---- | C] () -- C:\Users\marcuspassey\snagit.exe </strong></span></p><p><span style="color: #0000ff"><strong>[2013/06/24 19:49:18 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\NetAssistant </strong></span></p><p><span style="color: #0000ff"><strong>[2013/04/19 17:47:26 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\TubeSeoCommando.exe </strong></span></p><p><span style="color: #0000ff"><strong>[2012/05/10 15:19:17 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\Qya </strong></span></p><p><span style="color: #0000ff"><strong>[2013/12/15 00:10:52 | 000,000,000 | ---D | M] -- C:\9ddfc97fd6bf90cac4021d9f81c6 </strong></span></p><p><span style="color: #0000ff"><strong>[2011/09/17 12:47:12 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\Sti_Trace.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:00:16 | 000,000,064 | ---- | M] () -- C:\ProgramData\yqngljsl.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/12/09 20:06:17 | 000,000,000 | ---D | M] -- C:\ProgramData\7EAB15720262BC3400007EAA96D2C790 </strong></span></p><p><span style="color: #0000ff"><strong>[2012/05/10 15:29:34 | 000,000,000 | ---D | M] -- C:\ProgramData\B7E8586B0F2FB8D85FA018F0B4EB2367 </strong></span></p><p><span style="color: #0000ff"><strong>[2013/11/11 19:11:15 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee Security Scan </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:02:54 | 000,164,311 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\axwgtjee.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:02:52 | 000,003,315 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\empvysbc.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:13:23 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\jerecrma.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:13:56 | 000,000,024 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\lpfinuok.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:00:38 | 000,415,424 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\mgjvjrvh.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:07:39 | 000,531,161 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\ndclhyyb.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:00:38 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\nuqrauhv.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:00:27 | 000,004,048 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\qyadsnff.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/06/29 13:02:54 | 000,002,840 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\xfgjhkax.log </strong></span></p><p><span style="color: #0000ff"><strong>[2012/05/17 07:00:25 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\ClickAds_Marketing </strong></span></p><p><span style="color: #0000ff"><strong>[2013/11/11 15:11:50 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\CRE </strong></span></p><p><span style="color: #0000ff"><strong>[2013/09/16 20:07:21 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\avgchrome </strong></span></p><p><span style="color: #0000ff"><strong>[2013/11/11 17:13:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browsebeyond </strong></span></p><p><span style="color: #0000ff"></span></p><p><span style="color: #0000ff"><strong>:reg</strong></span></p><p><span style="color: #0000ff"><strong>[-HKEY_CURRENT_USER\Software\(null)] </strong></span></p><p><span style="color: #0000ff"><strong>[-HKEY_CURRENT_USER\Software\WhiteSmoke] </strong></span></p><p><span style="color: #0000ff"><strong>[-HKEY_CURRENT_USER\Software\TubeSEOCommando] </strong></span></p><p><span style="color: #0000ff"></span></p><p><span style="color: #0000ff"><strong>:files</strong></span></p><p><span style="color: #0000ff"><strong>C:\install.*</strong></span></p><p><span style="color: #0000ff"><strong>C:\Users\marcuspassey\AppData\Local\{*} </strong></span></p><p><span style="color: #0000ff"></span></p><p><span style="color: #0000ff"><strong>:commands</strong></span></p><p><span style="color: #0000ff"><strong>[emptytemp]</strong></span></p><p></p><p>attach the log after reboot.</p><p></p><p>I think you're infected bye Ramnit too</p></blockquote><p></p>
[QUOTE="g3n-h@ckm@n, post: 170128, member: 19510"] perhaps you didn't configure it like the image..? ok it doesn't matter , that 's ok uninstall Java it's not up to date keep juste Java 7 Update 51 You 'd better install a real antivirus ( Like Avast or...) , cause McAfee Security Scan is very useless ==== copy and paste all this bold text under "Personnalization" in OTL and click on " Run Fix" [COLOR=#0000ff][B]:OTL[/B] [B]SRV - [2014/01/16 00:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService) [/B] [B]FF - user.js - File not found[/B] [B]FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) [/B] [B]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[EMAIL]vinceturk@gmail.com[/EMAIL]: C:\Program Files (x86)\KwiClick LLC\KwiClick\ [2013/11/11 19:10:07 | 000,000,000 | ---D | M] [/B] [B][2013/11/07 20:46:26 | 000,007,660 | ---- | M] () (No name found) -- C:\Users\marcuspassey\AppData\Roaming\Mozilla\Firefox\Profiles\9jl0hjl9.default-1372188750837\Extensions\[EMAIL]firefox@browsebeyond.net.xpi[/EMAIL] [/B] [B][2013/11/07 20:46:26 | 000,007,660 | ---- | M] () (No name found) -- C:\Users\marcuspassey\AppData\Roaming\Mozilla\Firefox\Profiles\llgjaj9t.default\extensions\[EMAIL]firefox@browsebeyond.net.xpi[/EMAIL] [/B] [B]CHR - Extension: McAfee Security Scan+ = C:\Users\marcuspassey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\ [/B] [B]O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.[/B] [B]O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) [/B] [B]O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.[/B] [B]O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.[/B] [B]O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [/B] [B]O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab[/url] (Java Plug-in 1.6.0_18) [/B] [B]O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab[/url] (Java Plug-in 1.6.0_18) [/B] [B]O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab[/url] (Reg Error: Key error.)[/B] [B]O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab[/url] (Java Plug-in 10.51.2) [/B] [B]O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab[/url] (Java Plug-in 1.6.0_30) [/B] [B]O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab[/url] (Java Plug-in 10.51.2) [/B] [B]O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url] (Reg Error: Key error.)[/B] [B]O33 - MountPoints2\{673b7dce-9a3f-11e0-8e6f-b8ac6f9b6f7b}\Shell - "" = AutoRun [/B] [B]O33 - MountPoints2\{673b7dce-9a3f-11e0-8e6f-b8ac6f9b6f7b}\Shell\AutoRun\command - "" = I:\setup.exe -a [/B] [B]MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe - (McAfee, Inc.) [/B] [B]MsConfig:64bit - StartUpReg: [B]mcpltui_exe[/B] - hkey= - key= - File not found[/B] [B]MsConfig:64bit - StartUpReg: [B]mcui_exe[/B] - hkey= - key= - File not found[/B] [B]ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.[/B] [B]ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.[/B] [B]ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.[/B] [B][2014/02/17 17:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [/B] [B][2014/02/17 17:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [/B] [B][1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [/B] [B][2014/03/06 20:28:11 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [/B] [B][2014/02/17 17:02:10 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [/B] [B][2012/10/18 21:34:27 | 083,023,306 | ---- | C] () -- C:\ProgramData\kcehcuj.pad [/B] [B][2012/04/07 17:58:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\-4p0s7wdEAiunln [/B] [B][2012/04/07 17:57:52 | 000,000,256 | ---- | C] () -- C:\ProgramData\4p0s7wdEAiunln [/B] [B][2012/02/09 17:44:30 | 000,005,104 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [/B] [B][2010/07/19 19:59:09 | 000,072,080 | ---- | C] () -- C:\Users\marcuspassey\g2mdlhlpx.exe [/B] [B][2010/07/09 16:44:00 | 031,494,960 | ---- | C] () -- C:\Users\marcuspassey\snagit.exe [/B] [B][2013/06/24 19:49:18 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\NetAssistant [/B] [B][2013/04/19 17:47:26 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\TubeSeoCommando.exe [/B] [B][2012/05/10 15:19:17 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Roaming\Qya [/B] [B][2013/12/15 00:10:52 | 000,000,000 | ---D | M] -- C:\9ddfc97fd6bf90cac4021d9f81c6 [/B] [B][2011/09/17 12:47:12 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\Sti_Trace.log [/B] [B][2012/06/29 13:00:16 | 000,000,064 | ---- | M] () -- C:\ProgramData\yqngljsl.log [/B] [B][2012/12/09 20:06:17 | 000,000,000 | ---D | M] -- C:\ProgramData\7EAB15720262BC3400007EAA96D2C790 [/B] [B][2012/05/10 15:29:34 | 000,000,000 | ---D | M] -- C:\ProgramData\B7E8586B0F2FB8D85FA018F0B4EB2367 [/B] [B][2013/11/11 19:11:15 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee Security Scan [/B] [B][2012/06/29 13:02:54 | 000,164,311 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\axwgtjee.log [/B] [B][2012/06/29 13:02:52 | 000,003,315 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\empvysbc.log [/B] [B][2012/06/29 13:13:23 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\jerecrma.log [/B] [B][2012/06/29 13:13:56 | 000,000,024 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\lpfinuok.log [/B] [B][2012/06/29 13:00:38 | 000,415,424 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\mgjvjrvh.log [/B] [B][2012/06/29 13:07:39 | 000,531,161 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\ndclhyyb.log [/B] [B][2012/06/29 13:00:38 | 000,000,000 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\nuqrauhv.log [/B] [B][2012/06/29 13:00:27 | 000,004,048 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\qyadsnff.log [/B] [B][2012/06/29 13:02:54 | 000,002,840 | ---- | M] () -- C:\Users\marcuspassey\AppData\Local\xfgjhkax.log [/B] [B][2012/05/17 07:00:25 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\ClickAds_Marketing [/B] [B][2013/11/11 15:11:50 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\CRE [/B] [B][2013/09/16 20:07:21 | 000,000,000 | ---D | M] -- C:\Users\marcuspassey\AppData\Local\avgchrome [/B] [B][2013/11/11 17:13:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browsebeyond [/B] [B]:reg[/B] [B][-HKEY_CURRENT_USER\Software\(null)] [/B] [B][-HKEY_CURRENT_USER\Software\WhiteSmoke] [/B] [B][-HKEY_CURRENT_USER\Software\TubeSEOCommando] [/B] [B]:files[/B] [B]C:\install.*[/B] [B]C:\Users\marcuspassey\AppData\Local\{*} [/B] [B]:commands[/B] [B][emptytemp][/B][/COLOR] attach the log after reboot. I think you're infected bye Ramnit too [/QUOTE]
Insert quotes…
Verification
Post reply
Top