O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = NELLSONNI.LOCAL O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = NELLSONNI.LOCAL O17 - HKLM\Software\.\Telephony: DomainName = NELLSONNI.LOCAL O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = NELLSONNI.LOCAL O2 - BHO: HelperObject Class - (Dell PC Checkup Installer Control). R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati64si (Rootkit.Agent) -> Quarantined and deleted successfully.Ĭ:\WINDOWS\system32\drivers\ati64si.sys (Rootkit.Agent) -> Quarantined and deleted successfully.Ĭ:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.Ĭ:\Program Files\Intel\Wireless\Bin\EvtEng.exeĬ:\Program Files\Intel\Wireless\Bin\S24EvMon.exeĬ:\Program Files\Intel\Wireless\Bin\WLKeeper.exeĬ:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeĬ:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeĬ:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeĬ:\Program Files\Bonjour\mDNSResponder.exeĬ:\Program Files\Symantec AntiVirus\DefWatch.exeĬ:\Program Files\Executive Software\Diskeeper\DkService.exeĬ:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeĬ:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exeĬ:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exeĬ:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exeĬ:\Program Files\Intel\Wireless\Bin\RegSrvc.exeĬ:\Program Files\Riverbed\Steelhead Mobile\rbtlogger.exeĬ:\Program Files\Riverbed\Steelhead Mobile\rbtmon.exeĬ:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exeĬ:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeĬ:\Program Files\Symantec AntiVirus\Rtvscan.exeĬ:\Program Files\Riverbed\Steelhead Mobile\rbtsport.exeĬ:\Program Files\Common Files\Symantec Shared\ccApp.exeĬ:\Program Files\Malwarebytes' Anti-Malware\mbam.exeĬ:\Documents and Settings\jpascua\jpascua.exeĬ:\Program Files\Mozilla Firefox\firefox.exeĬ:\Program Files\Trend Micro\HijackThis\HijackThis.exe Here is the latest malwarebytes and hijackthis logs. I've run malwarebytes numerous times to try and delete files found but after a reboot they seem to keep coming back.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |