lrwynn
Posts: 25 +0
Hi. I am on a Chromebook now, and am trying to clean my fiance's laptop. He just got it back from a local tech shop on 1/20 (windows 7 reinstall - he downloaded some nasty viruses, and I tried to reinstall windows on my own 6 times, but the acer discs would not complete the reinstall so we took it to the shop). By 1/21 he'd managed to get reinfected, but I don't know if it was residual from the previous infection.
Anyhow, we've been trying to clean it up in safe and regular modes at times with Malwarebyes, but the problems keep getting worse, and now he intermittently can't even access the internet as of this a.m. (when I do get a connection, it's slow and then I lose it), so I can't install DDS.
I tried downloading it via my chromebook to a usb stick but when I try to install the file off the stick it shows up as dds wallpaper and won't install - I suppose there is probably an easy solution but I'm just not thinking of it now.
Anyhow, I'm pasting the last 4 logs saved with Malwarebyes. I do note that 2 scans I did in safemode this a.m. did not save to the logs. One found like 20+ issues, and the other found none.
I could go on and on about the specific symptoms I'm seeing, but I trust that you'll take it from here and ask me what you need to know.
---
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/23/2014 8:24:36 PM
MBAM-log-2014-01-23 (22-40-40).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391426
Time elapsed: 2 hour(s), 8 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 23
C:\Users\Chris\AppData\Local\oectfewa.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\sgtothgb.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_1f74b387.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_24c545d9.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_63fe329d.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_77a89ba9.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_d123d865.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_e1125c93.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_eb3788bb.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_ef48f69e.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\UpdateFlashPlayer_43e5606e.exe (Trojan.Agent.ED) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1175408667.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1542720619.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1639235720.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1898547094.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 30664249.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3081488242.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3421509442.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3877832810.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 4130065756.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 438897654.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 69139895.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 933129004.job (Trojan.Agent.RvGen) -> No action taken.
(end)
----------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/23/2014 4:08:11 PM
mbam-log-2014-01-23 (16-08-11).txt
Scan type: Custom scan (C:\Users\Chris\Downloads\NetMeterEvo_200.zip|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/22/2014 3:18:59 PM
mbam-log-2014-01-22 (15-18-59).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 388323
Time elapsed: 2 hour(s), 36 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
----
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/22/2014 10:57:57 AM
mbam-log-2014-01-22 (10-57-57).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 378163
Time elapsed: 2 hour(s), 41 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Chris\AppData\Local\pderlgoc.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Java_Update_222eaf92.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 2169307829.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 489282179.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
(end)
Anyhow, we've been trying to clean it up in safe and regular modes at times with Malwarebyes, but the problems keep getting worse, and now he intermittently can't even access the internet as of this a.m. (when I do get a connection, it's slow and then I lose it), so I can't install DDS.
I tried downloading it via my chromebook to a usb stick but when I try to install the file off the stick it shows up as dds wallpaper and won't install - I suppose there is probably an easy solution but I'm just not thinking of it now.
Anyhow, I'm pasting the last 4 logs saved with Malwarebyes. I do note that 2 scans I did in safemode this a.m. did not save to the logs. One found like 20+ issues, and the other found none.
I could go on and on about the specific symptoms I'm seeing, but I trust that you'll take it from here and ask me what you need to know.
---
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/23/2014 8:24:36 PM
MBAM-log-2014-01-23 (22-40-40).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 391426
Time elapsed: 2 hour(s), 8 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 23
C:\Users\Chris\AppData\Local\oectfewa.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\sgtothgb.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_1f74b387.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_24c545d9.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_63fe329d.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_77a89ba9.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_d123d865.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_e1125c93.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_eb3788bb.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\Java_Update_ef48f69e.exe (Trojan.Agent.ED) -> No action taken.
C:\Users\Chris\AppData\Local\Temp\UpdateFlashPlayer_43e5606e.exe (Trojan.Agent.ED) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1175408667.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1542720619.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1639235720.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 1898547094.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 30664249.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3081488242.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3421509442.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 3877832810.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 4130065756.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 438897654.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 69139895.job (Trojan.Agent.RvGen) -> No action taken.
C:\Windows\Tasks\Security Center Update - 933129004.job (Trojan.Agent.RvGen) -> No action taken.
(end)
----------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/23/2014 4:08:11 PM
mbam-log-2014-01-23 (16-08-11).txt
Scan type: Custom scan (C:\Users\Chris\Downloads\NetMeterEvo_200.zip|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-------
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/22/2014 3:18:59 PM
mbam-log-2014-01-22 (15-18-59).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 388323
Time elapsed: 2 hour(s), 36 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
----
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.01.22.08
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.16476
Chris :: CHRIS-PC [administrator]
1/22/2014 10:57:57 AM
mbam-log-2014-01-22 (10-57-57).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 378163
Time elapsed: 2 hour(s), 41 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Chris\AppData\Local\pderlgoc.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Java_Update_222eaf92.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 2169307829.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Security Center Update - 489282179.job (Trojan.Agent.RvGen) -> Quarantined and deleted successfully.
(end)