O4 - HKLM\.\Run: C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\.\Run: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\.\Run: "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" R3 - URLSearchHook: MixiDJ V8 Toolbar - C:\Program Files (x86)\MixiDJ_V8\prxtbMixi.dll R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hijackthis log plus list of items in prefetchĬ:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeĬ:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exeĬ:\Program Files (x86)\ASUS\Splendid\ACMON.exeĬ:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeĬ:\Program Files\Online Backup\OnlineBackup.exeĬ:\Users\JeanetteN\AppData\Local\Amazon\Cloud Drive\AmazonCloudDrive.exeĬ:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exeĬ:\Users\JeanetteN\AppData\Local\Amazon\Cloud Drive\jre\bin\javaw.exeĬ:\Users\JeanetteN\AppData\Roaming\SearchProtect\bin\cltmng.exeĬ:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeĬ:\Program Files\AVAST Software\Avast\AvastUI.exeĬ:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeĬ:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeĬ:\Program Files\HTC\ModeSelection\VMMModeSelection.exeĬ:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe Prefetch items listed bellow are their after a deletion of all items in the prefetch folder and a reboot. The tech support person pointed to the prefetch items listed here as Rundll32 as proof of the infection. We ran Malwarebytes and root kit Malwarebytes with no results.Īsus "SonicMaster" ultrabook laptop computerĪvast and Windows Firewall with Malwarebytes check Up shot is we think we may have a virus that is using a backdoor though we have no clear proof of this other then the questionableTech support assertion. I am not sure that we where ever talking to MS tech support. We asked and he said he was not connected with MS so we stopped any contact. Tech support sent us to a higher level person who pointed to some items in the "prefetch folder" as proof and told us that he could remove the backdoor infection for $200 dollars. We had run Malwarebytes and Avast programs that found nothing. We where trying to get a mobel phone to connect with the computer via USB but could not so we called Verizon which finally said it must be a computer infection so he sent us, we thought, to MS tech support which said we are infected with a virus that could not be detected with malwarbytes or any AV program. Please be patient, someone will assist you as soon as possible. We look for post with 0 replies, so when you reply to your own topic, we assume you're being helped. Endpoint Detection & Response for Servers
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |