Jump to content

MrBiz

Honorary Members
  • Posts

    200
  • Joined

  • Last visited

Everything posted by MrBiz

  1. i read your preventative blog, and its the bomb, also my system restore is there now, my pc was fast from the first clean up, now this things is a beast , thanks man, in installed WOT (but does it collect information on my email habits? , also the link you gave me to remove plugins isnt correct, that to remove extension , plugins cant be removed so i disabled them well i guess youve done all, thanks again im still reading your blog finally is opendns worth it or will it give a noob like me trouble to get working and please if you can assist me in setting it up? edit : checked my system restore point and only had 2 now i see 3 with the name "window module installer" and type: install is that normal? as i expected to see the one i named or does it update like that? also does OTL remove adwcleaner or does it need manual uninstall?
  2. Thanks for your help sir, you are indeed a legend, my pc is lightning right now, and nice dogs :)

  3. ok a few thing i unistalled comboxfix long ago i posted security check in avast forum and they said its a blacklisted ip and not secure (if you want me to link you to my post you can have it) remove adobe reader ( i want to remove adobe flash but i dont know if html5 works with all sites that i use brb gonna get rid of the old chrome ok what other programs need to be removed? also if i have outdated plugins in chrome but disabled them , then thats ok? as i dont see an option to remove them i checked my system restore and it updated (when i unistalled adobe0 but i dotn see the system restore that i gave a specific name), is that normal? edit: i checked and system restore was turned off, probably by one of your programs? also the allocated space used to be 300mb at 1% now 1% is 3gb also im getting IE 10 ( i dont use IE but i keep it updated, disable some plugins and dont let it run active x etc, also i have spyblaster working with it also when i started the pc after ie 10 installation (via windows update) i got the message "setting up personalized settings for web platform customizations" is that normal? i have a arris modem (not router) so how will opendns work?
  4. says adobe reader out of date , yet avast software updater said its up to date? though the chrome adobe reader plugin is out of date but i disabled it
  5. Results of screen317's Security Check version 0.99.61 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 5.0 SUPERAntiSpyware Malwarebytes Anti-Malware version 1.70.0.1100 CCleaner Adobe Reader 10.1.6 Adobe Reader out of Date! Google Chrome 25.0.1364.172 Google Chrome 26.0.1410.43 Google Chrome Plugins... ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  6. avast blocked your links and said malware blocked i tired the bleeping computer link instead , and still its blocked as malware im going to avast forum and reporting this as a false positive?
  7. everything is smooth sailing , except the audio as i have malwarebytes real time protection on and it stutters the audio at times (and yeh i reinstall the audio driver many times also other driver were reinstalled)
  8. a system restore point is there, i created another(but this one is a manual one which i created and finally has the name i gave it the one before was created by the system ), but how much memory should be allocated to it ?right now only 300mb, is tat ok?
  9. it found 2 splitter.exe files from my cousin folder(nothing harmful) and i have schedule a boot time scan this is the longest ive seen it scan though ( usually 1.5 hours now its 3) also the fixdamage you told me to run, can that effect the pc as it gave me a warning " that if my pc running good i shouldnt run it" but it did
  10. regular stuff is running in the task manager and uses ram but not sure whats using so much cpu power, also i ran another mbar scan and im all clean, last time on drwebcure it found a script blocker( it was blocking combofix in my other thread) in their process from "all users" here's a screen shot on the svchost.exe (see anything suspicious?) edit:spoolsv.exe what is that?
  11. ran it and it finished fast checked the system restore and it is there just does have the name that i gave it its called "automatic system restore" but the date is consistent to when i did it (it was created on the 28 of march) also my cpu usage has averaged above 50% since i installed spyblaster , is that normal? (stays at 100% and not scan is running)
  12. Im doing that now, but i did it already and that one disappeared also i read your post above (the one with the many link and the systemlookup one) any other test you'd like me to run? also i added SpywareBlaster
  13. also i saw in the (either the dds or anotherlog) where it said i dont have any system restore point, is that true? as i remember creating one recently
  14. # AdwCleaner v2.115 - Logfile created 03/28/2013 at 10:49:22 # Updated 17/03/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : PatricK - PATRICK-PC # Boot Mode : Normal # Running from : C:\Users\PatricK\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\PatricK\AppData\Local\PackageAware ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.43 File : C:\Users\PatricK\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [9061 octets] - [08/03/2013 00:16:11] AdwCleaner[R2].txt - [9012 octets] - [09/03/2013 01:41:43] AdwCleaner[R3].txt - [1178 octets] - [28/03/2013 10:22:28] AdwCleaner[s1].txt - [8624 octets] - [09/03/2013 01:42:11] AdwCleaner[s2].txt - [1116 octets] - [28/03/2013 10:49:22] ########## EOF - C:\AdwCleaner[s2].txt - [1176 octets] ##########
  15. i read that "Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved" http://technet.microsoft.com/en-us/library/cc505863.aspx might be microsofts work , is that true? also im gonna use ccleaner after i delete enteries with adwcleaner
  16. im not sure about the folder "packageaware" (dont know it) so can i continue and delete the stuff?
  17. AdwCleaner v2.115 - Logfile created 03/28/2013 at 10:22:28 # Updated 17/03/2013 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : PatricK - PATRICK-PC # Boot Mode : Normal # Running from : C:\Users\PatricK\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\PatricK\AppData\Local\PackageAware ***** [Registry] ***** Key Found : HKCU\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.43 File : C:\Users\PatricK\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [9061 octets] - [08/03/2013 00:16:11] AdwCleaner[R2].txt - [9012 octets] - [09/03/2013 01:41:43] AdwCleaner[R3].txt - [990 octets] - [28/03/2013 10:22:28] AdwCleaner[s1].txt - [8624 octets] - [09/03/2013 01:42:11] ########## EOF - C:\AdwCleaner[R3].txt - [1109 octets] ##########
  18. ComboFix 13-03-27.01 - PatricK 03/28/2013 8:46.7.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2813.2009 [GMT -5:00] Running from: c:\users\PatricK\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-28 ))))))))))))))))))))))))))))))) . . 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\users\Guest\AppData\Local\temp 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-28 13:55 . 2013-03-28 13:55 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2013-03-27 12:03 . 2013-03-27 12:03 -------- d-----w- c:\program files\ESET 2013-03-26 08:38 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43C7E23D-E14E-44DA-A4F0-AC3769A7E8EB}\mpengine.dll 2013-03-20 19:30 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2013-03-20 19:30 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2013-03-20 19:29 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2013-03-20 19:29 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2013-03-20 19:29 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2013-03-20 19:29 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2013-03-20 19:29 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2013-03-20 19:29 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2013-03-20 19:29 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2013-03-20 19:29 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2013-03-20 19:29 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-03-20 19:29 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2013-03-20 19:29 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll 2013-03-20 08:03 . 2013-03-20 08:03 -------- d-----w- c:\windows\system32\SPReview 2013-03-19 09:19 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-03-19 09:19 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-19 09:19 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2013-03-18 08:36 . 2013-03-18 11:01 -------- d-----w- c:\users\PatricK\Doctor Web 2013-03-17 18:19 . 2013-03-17 20:52 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2013-03-15 02:13 . 2013-03-28 13:55 -------- d-----w- c:\users\PatricK\AppData\Local\temp 2013-03-14 02:44 . 2013-03-14 02:44 -------- d-----w- c:\program files\ASRock Utility 2013-03-14 02:44 . 2012-08-09 22:02 33104 ----a-w- c:\windows\system32\drivers\AsrRamDisk.sys 2013-02-28 23:16 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-02-28 23:16 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-02-27 02:17 . 2013-02-27 02:17 -------- d-----w- c:\program files\iPod 2013-02-27 02:17 . 2013-02-27 02:18 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-20 08:19 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2013-03-13 11:00 . 2012-04-08 22:04 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-13 11:00 . 2011-08-02 03:26 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-06 23:33 . 2011-09-14 10:11 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-03-06 23:33 . 2010-08-03 01:28 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-03-06 23:33 . 2010-08-03 01:28 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-03-06 23:33 . 2012-02-24 19:00 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-03-06 23:33 . 2010-08-03 01:27 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-03-06 23:33 . 2010-08-03 01:28 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-03-06 23:32 . 2010-08-03 01:26 41664 ----a-w- c:\windows\avastSS.scr 2013-03-06 23:32 . 2010-08-03 01:26 228600 ----a-w- c:\windows\system32\aswBoot.exe 2013-03-05 15:34 . 2012-03-15 01:34 29760 ----a-w- c:\windows\system32\drivers\FNETTBOH_305.SYS 2013-02-12 04:48 . 2013-03-20 19:29 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-20 19:29 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-02 00:29 . 2012-06-14 09:48 861088 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-02-02 00:29 . 2010-09-02 00:48 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-01-17 06:28 . 2010-02-10 05:47 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-05 05:00 . 2013-02-13 02:21 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-05 05:00 . 2013-02-13 02:21 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-04 04:50 . 2013-02-13 02:20 169984 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 03:00 . 2013-02-13 02:21 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-01-03 05:05 . 2013-02-13 02:21 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-03 05:04 . 2013-02-13 02:21 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2010-10-19 12:53 585136 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928] "cdloader"="c:\users\PatricK\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 4763008] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736] "XFastUSB"="c:\program files\XFastUSB\XFastUsb.exe" [2012-03-13 5019360] "avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-16 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-16 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-16 170520] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Z1"="c:\users\PatricK\Desktop\New folder (17)\Anti\mbar\mbar.exe" [2013-02-16 1363016] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-20 280576] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2013-02-20 17:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2012-05-25 09:25 6595928 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-10-25 08:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . R2 KMService;KMService;c:\windows\system32\srvany.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] R3 cpuz136;cpuz136;c:\users\PatricK\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [x] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [x] R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x] R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [x] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x] R3 SndTVideo;SndTVideo;c:\windows\system32\DRIVERS\SndTVideo.sys [x] R3 SRS_AE_Service;SRS Audio Essentials;c:\windows\system32\drivers\SRS_AE_i386.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 wmamp3DriverV32;wmamp3DriverV32;c:\windows\system32\drivers\wmamp3DriverV32.sys [x] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [x] R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [x] R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [x] R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [x] R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [x] R3 XDva359;XDva359;c:\windows\system32\XDva359.sys [x] S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [x] S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - TrueSight . Contents of the 'Scheduled Tasks' folder . 2013-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 11:00] . 2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-29 05:45] . 2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-29 05:45] . 2013-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1260953176-3201969857-2580422920-1001Core.job - c:\users\PatricK\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 13:25] . 2013-03-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1260953176-3201969857-2580422920-1001UA.job - c:\users\PatricK\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-27 13:25] . 2013-01-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 7b2b8afb-34c0-441d-b86a-3a094700fa20.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2013-01-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task da11de66-f5ca-41ef-9136-00d77d575775.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 65.183.0.76 65.183.0.86 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(3992) c:\program files\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll . Completion time: 2013-03-28 08:57:51 ComboFix-quarantined-files.txt 2013-03-28 13:57 ComboFix2.txt 2013-03-18 23:51 . Pre-Run: 5,585,047,552 bytes free Post-Run: 6,093,668,352 bytes free . - - End Of File - - 267D06C54FA80C96C834D32E2F9F584F
  19. RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : PatricK [Admin rights] Mode : Scan -- Date : 03/28/2013 01:19:31 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (cmd /c "C:\Users\PatricK\Desktop\New folder (17)\Anti\mbar\mbar.exe" /cleanup /s) [7] -> FOUND [HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000AADS-67S9B1 ATA Device +++++ --- User --- [MBR] 5985724ba892a5726b4ce24e2f48fbe8 [bSP] eb11fb66582f439466a24426dcc02753 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 156299264 | Size: 400620 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_03282013_02d0119.txt >> RKreport[1]_S_03282013_02d0119.txt
  20. I Went to the Windows Task Manager, csrss.exe and winlogon.exe have no description and i cant open file location, is that bad ?
  21. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 8/2/2010 10:07:31 PM System Uptime: 3/26/2013 1:06:18 AM (39 hours ago) . Motherboard: ASRock | | G41M-VS2 Processor: Intel® Celeron® CPU E3300 @ 2.50GHz | CPUSocket | 2493/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 74 GiB total, 5.511 GiB free. D: is CDROM () F: is FIXED (NTFS) - 391 GiB total, 1.612 GiB free. H: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.6) Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update Ashampoo Burning Studio 10.0.1 ASRock XFast RAM v2.0.28 avast! Free Antivirus Bonjour Combat Arms CPUID CPU-Z 1.58 CPUID HWMonitor 1.21 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition FLAC 1.2.1b (remove only) foobar2000 v1.1.11 Google Chrome Google Update Helper iTunes Junk Mail filter update K-Lite Codec Pack 8.0.0 (Full) magicJack Malwarebytes Anti-Malware version 1.70.0.1100 MediaMonkey 4.0 Mega Manager Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Corporation Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft PowerPoint 2010 Interactive Guide EN Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MKVToolNix 5.4.0 MSVCRT Nexon Game Manager Project64 1.6 QuickTime Realtek PCI Fast Ethernet Controller Driver For Vista and Win7 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Spectro SUPERAntiSpyware Switch Sound File Converter swMSM System Requirements Lab for Intel Tau Analyzer (remove only) TeamViewer 8 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition VLC media player 2.0.5 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh ActiveX Control for Remote Connections Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Windows Movie Maker 2.6 WinRAR archiver XFastUSB Yahoo! Messenger Yahoo! Software Update . ==== Event Viewer Messages From Past Week ======== . 3/27/2013 4:01:58 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.