Jump to content

Sunshine2

Honorary Members
 View Profile  See their activity

  • Posts

    25

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

1,027 profile views
  1. Sunshine2
    Thanks again. I appreciate it.
  2. Sunshine2
    It seems ok - and I'll re-update Firefox. Thanks for your help.
  3. Sunshine2
    I updated them both.
  4. Sunshine2
    It found 2 apps to update:
  5. Sunshine2
    eset.txt I don't see the message from OpenDNS any more. ESET did not find anything either; I've attached the log. Thank you for your help!
  6. Sunshine2
    I'm starting to wonder if it is a misleading message from OpenDNS. I still see the error message when I log in, but haven't gotten any answer from their support as to what is triggering the message. But I would like to follow through with your suggestions to make sure. I won't be back to this for a few days. Thank you for your help! FRST.txt Addition.txt Fixlog.txt
  7. Sunshine2
    Thanks - I've done that and attached logs as requested. malwarebytes10-14-20.txt FRST.txt Addition.txt AdwCleaner[C00].txt
  8. Sunshine2
    Yes, please, I could use some help.
  9. Sunshine2
    Hello, I use OpenDNS to do filtering at home. The dashboard said 'malware/botnet activity detected with past 14 days'. I wasn't able to see anything in my history when I looked to see what was blocked there, so ran MB which found nothing. I've attached the logs requested. Any advice is appreciated as to what my next step, if anything, should be. Thank you. FRST.txt Addition.txt malware_bytes_log10-7-20.txt
  10. Sunshine2
    Once again, thank you for your help. I appreciate it.
  11. Sunshine2
    Those went fine. Looks like I need to be better about keeping things updated. Sometimes I think the little people I share the computer with just close windows they don't know what to do with.
  12. Sunshine2
    Oh, that's a hidden file/folder thing. Got it.
  13. Sunshine2
    Weird. I couldn't go through Windows Explorer to find that file, I had to search for it. It was modified yesterday and had a .bak file too. I deleted them both - I hadn't ever created it myself. Looks like some people use it for Firefox preferences; I'm not rememebering using it. Here is the checkup.txt: Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Scholastic's I SPY Junior SpywareBlaster 4.6 Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.65.1.1000 Java 7 Update 9 Adobe Flash Player 11.4.402.287 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox 16.0.2 Firefox out of Date! Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.92 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 Google Chrome 23.0.1271.95 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Spybot Teatimer.exe is disabled! `````````````````System Health check````````````````` Total Fragmentation on Drive C: 5% ````````````````````End of Log``````````````````````
  14. Sunshine2
    My computer seems to be fine. After you helped me fix up the stuff I had in August, having Norton tell me it found something now made me want to be especially careful and thoroughly check things out. ESET said it found: C:\TDSSKiller_Quarantine\04.09.2012_08.54.31\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan C:\Users\Sunshine\AppData\Roaming\Mozilla\Firefox\Profiles\dd8pwjtk.default\user.js JS/SecurityDisabler.A.Gen application The log it created is here: ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6844 # api_version=3.0.2 # EOSSerial=96e8bb531958f44dbdb058d69d0adfb5 # end=stopped # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-12-04 03:33:03 # local_time=2012-12-04 09:33:03 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=3592 16777213 100 98 137825 105211279 0 0 # compatibility_mode=5893 16776574 66 85 6859084 106179974 0 0 # scanned=0 # found=0 # cleaned=0 # scan_time=3117 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6844 # api_version=3.0.2 # EOSSerial=96e8bb531958f44dbdb058d69d0adfb5 # end=stopped # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-12-04 04:14:02 # local_time=2012-12-04 10:14:02 (-0600, Central Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=3592 16777213 100 98 0 105213738 0 0 # compatibility_mode=5893 16776574 66 85 6861543 106182433 0 0 # scanned=0 # found=0 # cleaned=0 # scan_time=2229
  15. Sunshine2
    Here are my logs: Combofix: ComboFix 12-12-02.01 - Sunshine 12/03/2012 15:45:19.3.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.2015 [GMT -6:00] Running from: c:\users\Sunshine\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 ))))))))))))))))))))))))))))))) . . 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Nicole\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Nicole.Sunshine-DellPC\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Nels\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Homework\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-12-03 21:51 . 2012-12-03 21:51 -------- d-----w- c:\users\Brita\AppData\Local\temp 2012-12-02 04:01 . 2009-01-25 18:14 15224 ----a-w- c:\windows\system32\sdnclean.exe 2012-12-02 04:00 . 2012-12-02 04:01 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2012-12-02 04:00 . 2012-12-02 04:00 -------- d-----w- c:\users\Sunshine\AppData\Local\Programs 2012-11-26 15:50 . 2012-11-26 15:50 -------- d-----w- c:\users\Nicole.Sunshine-DellPC\AppData\Roaming\CyberLink 2012-11-15 22:14 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-15 22:14 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2012-11-15 22:14 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2012-11-15 22:14 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2012-11-15 22:14 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2012-11-15 22:14 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2012-11-15 22:14 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2012-11-15 22:14 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-15 22:13 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll 2012-11-15 22:12 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-11-15 22:12 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-15 22:12 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-18 22:12 . 2012-10-18 22:12 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin 2012-10-17 15:47 . 2010-03-21 05:59 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-10-17 15:47 . 2010-03-23 17:46 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-10-17 15:47 . 2010-05-21 23:55 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-10-16 07:39 . 2012-11-28 14:01 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-08 20:46 . 2012-04-23 20:10 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-10-08 20:46 . 2011-05-17 14:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-30 00:54 . 2011-12-01 04:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 04:16 . 2012-10-26 22:58 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-21 13:07 . 2010-03-21 05:54 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-09-21 13:06 . 2010-05-19 22:20 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-09-14 18:28 . 2012-10-10 13:04 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-05 14:39 . 2012-08-30 04:01 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-05 14:39 . 2010-08-11 15:24 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-05 14:12 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-10-28 02:44 . 2012-10-28 02:44 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Sunshine\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Sunshine\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\Sunshine\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SansaDispatch"="c:\users\Sunshine\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2011-12-26 79872] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-23 7514656] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "Intel AppUp(SM) center"="c:\program files\Intel\IntelAppStore\bin\ismagent.exe" [2012-08-07 155456] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "Intel AppUp(SM) center Systray"="c:\program files\Intel\IntelAppStore\bin\AppUp.exe" [2012-08-07 901416] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 172568] "SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-12-12 50688] TimesUpKidz Reminders.lnk - c:\windows\Installer\{837DA79C-B12B-4709-9B9B-16D1468E418A}\_E0FC1390CC082CEC4B7147.exe [2012-4-2 17542] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe . R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [x] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [x] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0604000.009\SYMDS.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0604000.009\SYMEFA.SYS [x] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20121130.005\BHDrvx86.sys [x] S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0604000.009\ccSetx86.sys [x] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20121130.001\IDSvix86.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0604000.009\Ironx86.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0604000.009\SYMNETS.SYS [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [x] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [x] S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x] S2 N360;Norton 360;c:\program files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe [x] S2 TimesUpKidz;TimesUpKidz;c:\program files\Rain City Digital LLC\TimesUpKidz\TimesUpKidzServer.exe [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HsfXAudioService REG_MULTI_SZ HsfXAudioService GPSvcGroup REG_MULTI_SZ GPSvc . Contents of the 'Scheduled Tasks' folder . 2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 20:46] . 2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-04 18:56] . 2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-04 18:56] . . ------- Supplementary Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 192.168.254.254 192.168.254.254 FF - ProfilePath - c:\users\Sunshine\AppData\Roaming\Mozilla\Firefox\Profiles\dd8pwjtk.default\ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . Notify-SDWinLogon - SDWinLogon.dll SafeBoot-84977827.sys . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.4.0.9\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1498416925-3057025073-3905950374-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1498416925-3057025073-3905950374-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(5416) c:\users\Sunshine\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . Completion time: 2012-12-03 15:52:24 ComboFix-quarantined-files.txt 2012-12-03 21:52 ComboFix2.txt 2012-09-03 01:01 . Pre-Run: 167,059,918,848 bytes free Post-Run: 166,900,908,032 bytes free . - - End Of File - - 370E4D5EDC9D5E06EABEA160205C27C8 Mbar-log: Malwarebytes Anti-Rootkit 1.1.0.1009 www.malwarebytes.org Database version: v2012.12.03.13 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Sunshine :: Sunshine-DELLPC [administrator] 12/3/2012 4:40:46 PM mbar-log-2012-12-03 (16-40-46).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: PUP | PUM | P2P Objects scanned: 27896 Time elapsed: 8 minute(s), 36 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) System-log: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.01.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x86 Account is Administrative Internet Explorer version: 9.0.8112.16421 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.926000 GHz Memory total: 3184513024, free: 1754730496 ------------ Kernel report ------------ 12/03/2012 16:31:30 ------------ Loaded modules ----------- \SystemRoot\system32\ntkrnlpa.exe \SystemRoot\system32\halmacpi.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\N360\0604000.009\SYMDS.SYS \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\N360\0604000.009\SYMEFA.SYS \SystemRoot\System32\Drivers\PxHelp20.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\system32\drivers\N360\0604000.009\ccSetx86.sys \SystemRoot\System32\Drivers\N360\0604000.009\SRTSP.SYS \SystemRoot\system32\drivers\N360\0604000.009\Ironx86.SYS \SystemRoot\system32\drivers\N360\0604000.009\SRTSPX.SYS \??\C:\Windows\system32\Drivers\SYMEVENT.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\serial.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\System32\Drivers\N360\0604000.009\SYMNETS.SYS \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20121130.001\IDSvix86.sys \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\igdkmd32.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\Rt86win7.sys \SystemRoot\system32\DRIVERS\HSXHWBS2.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\HSX_DPV.sys \SystemRoot\system32\DRIVERS\HSX_CNXT.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\system32\DRIVERS\serenum.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\drivers\pfc.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHDA.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\drivers\hidusb.sys \SystemRoot\system32\drivers\HIDCLASS.SYS \SystemRoot\system32\drivers\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\DRIVERS\mdmxsdk.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\DRIVERS\XAudio32.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20121130.005\BHDrvx86.sys \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20121203.002\NAVEX15.SYS \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20121203.002\NAVENG.SYS \??\C:\Windows\system32\Drivers\PROCEXP113.SYS \??\C:\Users\Sunshine\AppData\Local\Temp\catchme.sys \SystemRoot\system32\DRIVERS\mouhid.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk4\DR4 Upper Device Object: 0xffffffff891b4560 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007e\ Lower Device Object: 0xffffffff891b04e8 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR DriverEntry returned 0x0 Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk3\DR3 Upper Device Object: 0xffffffff891b4ac8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007d\ Lower Device Object: 0xffffffff85595ca8 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xffffffff891b2560 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007c\ Lower Device Object: 0xffffffff88d21678 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffffff891b2ac8 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007b\ Lower Device Object: 0xffffffff855bdca8 Lower Device Driver Name: \Driver\USBSTOR\ Driver name found: USBSTOR <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff86ce3030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xffffffff85ea6028 Lower Device Driver Name: \Driver\iaStor\ Driver name found: iaStor DriverEntry returned 0x0 Function returned 0x0 Downloaded database version: v2012.12.03.13 Downloaded database version: v2012.11.30.01 Initializing... Done! Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 3 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff86ce3030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff86ce3d10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff86ce3030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff85ea6028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Upper DeviceData: 0xffffffffa095b4c8, 0xffffffff86ce3030, 0xffffffff88c71208 Lower DeviceData: 0xffffffffcfd34f48, 0xffffffff85ea6028, 0xffffffff85773548 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7740BF64 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 80262 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 81920 Numsec = 30720000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 30801920 Numsec = 457477282 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 250000000000 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-488261250-488281250)... Physical Sector Size: 0 Drive: 1, DevicePointer: 0xffffffff891b2ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff891bad10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff891b2ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff855bdca8, DeviceName: \Device\0000007b\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 2, DevicePointer: 0xffffffff891b2560, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff88d1d588, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff891b2560, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff88d21678, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 3, DevicePointer: 0xffffffff891b4ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff88d28910, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff891b4ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff85595ca8, DeviceName: \Device\0000007d\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 0 Drive: 4, DevicePointer: 0xffffffff891b4560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff85578d10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffffff891b4560, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff891b04e8, DeviceName: \Device\0000007e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Done! Performing system, memory and registry scan... Done! Scan finished ======================================= Adw: # AdwCleaner v2.011 - Logfile created 12/03/2012 at 16:45:00 # Updated 02/12/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : Sunshine - Sunshine-DELLPC # Boot Mode : Normal # Running from : C:\Users\Sunshine\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Sunshine\AppData\Roaming\Mozilla\Firefox\Profiles\dd8pwjtk.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Brita\AppData\Roaming\Mozilla\Firefox\Profiles\csjd9y1v.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\dzv61ltc.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Allison\AppData\Roaming\Mozilla\Firefox\Profiles\14jxg4lo.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Aric\AppData\Roaming\Mozilla\Firefox\Profiles\nqhj5m7h.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Homework\AppData\Roaming\Mozilla\Firefox\Profiles\nwh2p4r1.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Nels\AppData\Roaming\Mozilla\Firefox\Profiles\jsmge43r.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Nicole.Sunshine-DellPC\AppData\Roaming\Mozilla\Firefox\Profiles\1lgcdpwm.default\prefs.js [OK] File is clean. -\\ Google Chrome v23.0.1271.95 File : C:\Users\Sunshine\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\Brita\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1955 octets] - [03/12/2012 16:45:00] ########## EOF - C:\AdwCleaner[R1].txt - [2015 octets] ##########
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.