Jump to content

disinfectPL

Honorary Members
 View Profile  See their activity

  • Posts

    31

  • Joined

  • Last visited

 Content Type 

Everything posted by disinfectPL

  1. disinfectPL
    Thanks for your reply. Sorry, I did not check earlier. Well the newest version has the Chameleon loader etc and blue icon. The earlier version is still with the red 'M' icon..!!!! Sorry, i am at work so I cannot give you exact version numbers. Yes, the freezing still happens BUT when I try to scan.....it freezes even on quick scan and freezes the computer. I can resend the log files when I get back home..... Thanks again.
  2. disinfectPL
    Actually, since I did not get any reply I just gave up I have uninstalled Malwarebytes on the above computer because of the freezing issue. I use Kaspersky instead. The older version still works on my other computer, and that is running OK. So I cannot instal the new versions at all.
  3. disinfectPL
    Well, well....... A selective startup fixed my problem !!!!! :huh: So by power of elimination the offending startup item turned out to be ..........Malwarebytes itself!! This was way surpisng to me .... I installed SuperAntipspyware then Avira and then used a Kaspersky disk, and all saw minor Ad-cookies and nothing else. Each one run separately. Since I never have two AV programs together, this seemed that MBAM had gotten corrupted. So I cleaned out all caches, temp folders etc., removed all AV programs, rebooted.. And things were swimmingly good !!! I then reinstalled MBAM, and ...... well it got stuck again during scan, and the very same symptoms came back !!!!!!!!!!!!! This very odd, since MBAM has been my workhorse. I saw a general thread where a reseller indicated that the recent updates of MBAM were causing his clients computers to freeze. Maybe he is very right afterall. I cannot continue using MBAM now. THE SCAN ABOVE WAS DONE AFTER i UNINSTALLED MBAM, so it may not show as present, but Superantispyware will show. PLEASE can you verufy this issue...>!! Also, still, I would like to continue a full virus troubleshoot if OK with you.
  4. disinfectPL
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2012 Ran by SYSTEM at 29-12-2012 10:39:36 Running from G:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet003 ==================== Registry (Whitelisted) =================== Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 ==================== Services (Whitelisted) =================== 4 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com) 2 Crypkey License; crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.) 2 Jamcast; "C:\Program Files (x86)\Jamcast\jamcastsvc.exe" [64240 2012-07-09] (Software Development Solutions, Inc.) 2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.) 2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation) 2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation) 2 M4LIC; "C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE" [205312 2010-07-20] (Mediafour Corporation) 4 MacDrive8Service; "C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe" [149504 2010-10-08] (Mediafour Corporation) 2 mxssvr; "C:\Program Files (x86)\National Instruments\MAX\nimxs.exe" [12696 2011-06-14] (National Instruments Corporation) 2 NIApplicationWebServer; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [50336 2011-05-27] (National Instruments Corporation) 4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [68256 2011-05-27] (National Instruments Corporation) 2 NIDomainService; "C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe" [362104 2011-06-14] (National Instruments Corporation) 3 NILM License Manager; "C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe" [1427688 2010-08-02] (Macrovision Corporation) 2 nimDNSResponder; "C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe" [194224 2011-06-01] (National Instruments Corporation) 2 niSvcLoc; "C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe" -system [50328 2011-05-27] (National Instruments Corporation) 2 NITaggerService; "C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe" [676016 2011-06-14] (National Instruments Corporation) 2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-09-21] () 2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] () 2 SSUService; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [370504 2012-03-14] (Splashtop Inc.) ==================== Drivers (Whitelisted) ===================== 3 BTWUSB; C:\Windows\System32\Drivers\BTWUSB.sys [63744 2006-06-07] (Broadcom Corporation.) 1 CBDisk; C:\Windows\System32\Drivers\CBDisk.sys [70344 2010-05-12] (EldoS Corporation) 1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-06-15] (DT Soft Ltd) 0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [307888 2010-10-07] (Mediafour Corporation) 0 MDPMGRNT; C:\Windows\System32\Drivers\MDPMGRNT.sys [32424 2010-10-21] (Mediafour Corporation) 1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () 3 pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] () 3 pwdspio; \??\C:\Windows\system32\pwdspio.sys [13280 2011-09-02] () 1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 3 UBNRedir; C:\Windows\SysWow64\Drivers\UBNRedir.sys [6784 2011-12-31] (UniversalBox) 3 catchme; \??\C:\ComboFix\catchme.sys [x] 2 MCSTRM; [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-12-29 10:39 - 2012-12-29 10:39 - 00000000 ____D C:\FRST 2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe 2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 __SHD C:\found.000 2012-12-28 22:06 - 2012-12-28 22:29 - 00000000 ____D C:\Windows\pss 2012-12-28 21:18 - 2012-12-28 21:21 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe 2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt 2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe 2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt 2012-12-28 19:10 - 2012-12-28 19:10 - 00028566 ____A C:\Users\Dibbs\Desktop\attach.txt 2012-12-28 19:10 - 2012-12-28 19:10 - 00018388 ____A C:\Users\Dibbs\Desktop\dds.txt 2012-12-28 18:37 - 2012-12-28 18:37 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan 2012-12-28 18:02 - 2012-12-28 22:17 - 00001961 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2012-12-28 18:02 - 2012-12-28 18:02 - 00000510 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d986d00e-25d1-405b-96c2-dc3b8566477f.job 2012-12-28 18:02 - 2012-12-28 18:02 - 00000510 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 022ee9cf-c190-4db8-938c-6aec1c83e949.job 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\SUPERAntiSpyware.com 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt 2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt 2012-12-28 17:51 - 2012-12-28 17:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-12-28 17:42 - 2012-12-28 17:42 - 00019990 ____A C:\ComboFix.txt 2012-12-28 17:20 - 2012-12-28 17:42 - 00000000 ____D C:\Qoobox 2012-12-28 17:20 - 2012-12-28 17:41 - 00000000 ____D C:\Windows\erdnt 2012-12-28 17:20 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe 2012-12-28 17:20 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe 2012-12-28 17:20 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe 2012-12-28 17:20 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe 2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt 2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt 2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt 2012-12-28 16:59 - 2012-12-28 17:53 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine 2012-12-28 16:57 - 2012-12-28 21:07 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-28 16:54 - 2012-12-28 16:57 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7 2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon 2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt 2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe 2012-12-28 14:46 - 2012-12-28 15:20 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk 2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2012-12-28 11:46 - 2012-12-28 11:47 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe 2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 08:03 - 2010-03-15 01:31 - 00165376 ____A C:\Windows\SysWOW64\unrar.dll 2012-12-28 08:00 - 2012-12-28 08:00 - 00000536 ____A C:\Windows\NLSDownlevelMapping.log 2012-12-28 07:59 - 2012-12-28 11:03 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft 2012-12-28 07:56 - 2012-12-28 07:56 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng 2012-12-28 07:50 - 2012-12-28 07:55 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar 2012-12-27 19:52 - 2012-12-27 20:05 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED 2012-12-27 19:50 - 2012-12-27 19:53 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb 2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip 2012-12-26 12:22 - 2012-12-26 12:22 - 00002055 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk 2012-12-08 08:09 - 2012-12-15 16:19 - 00000000 ____D C:\Users\All Users\Pure Networks 2012-12-08 08:09 - 2009-07-07 11:48 - 00035376 ____A (Cisco Systems, Inc.) C:\Windows\System32\Drivers\purendis.sys 2012-12-08 08:09 - 2009-07-07 11:48 - 00033328 ____A (Cisco Systems, Inc.) C:\Windows\System32\Drivers\pnarp.sys 2012-12-04 19:11 - 2012-12-04 19:11 - 00000000 ____D C:\Program Files (x86)\Pure Networks 2012-12-04 17:33 - 2012-12-04 18:41 - 00000000 ____D C:\Users\Dibbs\Downloads\Cisco Network Magic Pro 5.5.9195 incl.Patch{H33T}{Easypath} 2012-12-04 16:50 - 2012-12-04 16:50 - 00000000 ___AH C:\Users\Dibbs\Documents\Default.rdp 2012-12-03 14:21 - 2012-12-03 14:59 - 00000021 ____A C:\Users\Dibbs\Documents\hertz.txt 2012-11-29 17:52 - 2012-11-29 17:52 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk ==================== One Month Modified Files and Folders ======= 2012-12-29 07:37 - 2011-12-10 22:45 - 01117558 ____A C:\Windows\WindowsUpdate.log 2012-12-29 07:36 - 2009-07-13 21:13 - 00778150 ____A C:\Windows\System32\PerfStringBackup.INI 2012-12-29 07:35 - 2012-12-29 07:35 - 01463381 ____A (Farbar) C:\Users\Dibbs\Downloads\FRST64.exe 2012-12-29 07:35 - 2009-07-13 20:51 - 00117060 ____A C:\Windows\setupact.log 2012-12-29 07:33 - 2012-01-09 14:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000UA.job 2012-12-29 03:33 - 2012-01-09 14:03 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1616424981-3898423210-350200610-1000Core.job 2012-12-28 23:52 - 2012-12-28 23:52 - 00000000 __SHD C:\found.000 2012-12-28 22:38 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-12-28 22:38 - 2009-07-13 20:45 - 00014592 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-12-28 22:30 - 2011-12-11 00:50 - 00014136 ____A C:\Windows\error.log 2012-12-28 22:30 - 2011-12-11 00:50 - 00003276 ____A C:\Windows\errord.log 2012-12-28 22:30 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-12-28 22:29 - 2012-12-28 22:06 - 00000000 ____D C:\Windows\pss 2012-12-28 22:26 - 2011-12-27 19:10 - 00000000 ____D C:\Program Files (x86)\Steam 2012-12-28 22:19 - 2011-12-11 00:59 - 00406022 ____A C:\Windows\PFRO.log 2012-12-28 22:17 - 2012-12-28 18:02 - 00001961 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2012-12-28 21:21 - 2012-12-28 21:18 - 105603488 ____A C:\Users\Dibbs\Downloads\avira_free_antivirus_en.exe 2012-12-28 21:07 - 2012-12-28 16:57 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\EurekaLog 2012-12-28 20:41 - 2012-12-28 20:41 - 00003636 ____A C:\AdwCleaner[s2].txt 2012-12-28 20:40 - 2012-12-28 20:40 - 00550017 ____A C:\Users\Dibbs\Downloads\adwcleaner.exe 2012-12-28 20:40 - 2012-12-28 20:40 - 00039699 ____A C:\AdwCleaner[R1].txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00028566 ____A C:\Users\Dibbs\Documents\Attach.txt 2012-12-28 19:11 - 2012-12-28 19:11 - 00018388 ____A C:\Users\Dibbs\Documents\DDS.txt 2012-12-28 19:10 - 2012-12-28 19:10 - 00028566 ____A C:\Users\Dibbs\Desktop\attach.txt 2012-12-28 19:10 - 2012-12-28 19:10 - 00018388 ____A C:\Users\Dibbs\Desktop\dds.txt 2012-12-28 19:09 - 2012-07-26 15:27 - 00000000 ____D C:\Users\Dibbs\Downloads\TOSHIBA 2012-12-28 18:37 - 2012-12-28 18:37 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\QuickScan 2012-12-28 18:02 - 2012-12-28 18:02 - 00000510 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d986d00e-25d1-405b-96c2-dc3b8566477f.job 2012-12-28 18:02 - 2012-12-28 18:02 - 00000510 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 022ee9cf-c190-4db8-938c-6aec1c83e949.job 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\SUPERAntiSpyware.com 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com 2012-12-28 18:02 - 2012-12-28 18:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2012-12-28 17:57 - 2012-12-28 17:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-12-28 17:57 - 2012-03-31 05:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2012-12-28 17:53 - 2012-12-28 17:53 - 00001491 ____A C:\Users\Dibbs\Desktop\RKreport[3]_S_12282012_02d2053.txt 2012-12-28 17:53 - 2012-12-28 17:53 - 00001457 ____A C:\Users\Dibbs\Desktop\RKreport[4]_D_12282012_02d2053.txt 2012-12-28 17:53 - 2012-12-28 16:59 - 00000000 ____D C:\Users\Dibbs\Desktop\RK_Quarantine 2012-12-28 17:42 - 2012-12-28 17:42 - 00019990 ____A C:\ComboFix.txt 2012-12-28 17:42 - 2012-12-28 17:20 - 00000000 ____D C:\Qoobox 2012-12-28 17:41 - 2012-12-28 17:20 - 00000000 ____D C:\Windows\erdnt 2012-12-28 17:40 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini 2012-12-28 17:14 - 2012-12-28 17:14 - 00000132 ____A C:\Users\Dibbs\Documents\CFScript.txt 2012-12-28 17:01 - 2012-12-28 17:01 - 00002162 ____A C:\Users\Dibbs\Desktop\RKreport[2]_D_12282012_02d2001.txt 2012-12-28 17:00 - 2012-12-28 17:00 - 00002107 ____A C:\Users\Dibbs\Desktop\RKreport[1]_S_12282012_02d2000.txt 2012-12-28 16:57 - 2012-12-28 16:54 - 00000000 ____D C:\Program Files (x86)\Your Uninstaller! 7 2012-12-28 16:54 - 2012-12-28 16:54 - 00001072 ____A C:\Users\Dibbs\Desktop\Your Unin-staller!.lnk 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\URSoft 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Babylon 2012-12-28 16:54 - 2012-12-28 16:54 - 00000000 ____D C:\Users\All Users\Babylon 2012-12-28 16:36 - 2012-12-28 16:36 - 00000513 ____A C:\Users\Dibbs\Documents\WinZip TrialPzy.txt 2012-12-28 16:34 - 2012-12-28 16:34 - 00368856 ____A (WinZip Computing) C:\Users\Dibbs\Downloads\WinZip170.exe 2012-12-28 15:20 - 2012-12-28 14:46 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-12-28 11:49 - 2012-05-06 17:36 - 00870128 ____A C:\Users\Dibbs\AppData\Roaming\mcs.rma 2012-12-28 11:47 - 2012-12-28 11:47 - 00001264 ____A C:\Users\Dibbs\Desktop\Revo Uninstaller.lnk 2012-12-28 11:47 - 2012-12-28 11:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2012-12-28 11:47 - 2012-12-28 11:46 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\Dibbs\Downloads\revosetup.exe 2012-12-28 11:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Resources 2012-12-28 11:06 - 2012-06-02 11:25 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\DiskAid 2012-12-28 11:03 - 2012-12-28 07:59 - 00000000 ____D C:\Users\Dibbs\Documents\Multisoft 2012-12-28 08:08 - 2012-12-28 08:08 - 00000000 ____D C:\Users\Dibbs\AppData\Local\RadonLabs 2012-12-28 08:02 - 2011-12-23 12:32 - 00400029 ____A C:\Windows\DirectX.log 2012-12-28 08:00 - 2012-12-28 08:00 - 00000536 ____A C:\Windows\NLSDownlevelMapping.log 2012-12-28 07:56 - 2012-12-28 07:56 - 00000000 ____D C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng 2012-12-28 07:56 - 2011-12-11 00:42 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\uTorrent 2012-12-28 07:55 - 2012-12-28 07:50 - 408504248 ____A C:\Users\Dibbs\Downloads\CityCarDriving.v.1.2.Eng.rar 2012-12-28 04:34 - 2011-12-27 16:52 - 00000000 ____D C:\Users\Dibbs\AppData\Local\CrashDumps 2012-12-28 04:14 - 2009-07-13 21:08 - 00029700 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-12-27 21:47 - 2011-12-10 22:18 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Skype 2012-12-27 20:05 - 2012-12-27 19:52 - 00000000 ____D C:\Users\Dibbs\Desktop\4GB USB DRIVE RED 2012-12-27 19:53 - 2012-12-27 19:50 - 00000000 ____D C:\Users\Dibbs\Downloads\imageusb 2012-12-27 19:49 - 2012-12-27 19:49 - 00432327 ___RA C:\Users\Dibbs\Downloads\imageusb.zip 2012-12-26 12:23 - 2011-12-11 15:36 - 00000000 ____D C:\Users\All Users\Adobe 2012-12-26 12:22 - 2012-12-26 12:22 - 00002055 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk 2012-12-26 12:22 - 2011-12-11 15:36 - 00000000 ____D C:\Program Files (x86)\Adobe 2012-12-21 14:35 - 2012-01-21 15:19 - 00000000 ____D C:\Users\Dibbs\AppData\Roaming\Spotify 2012-12-21 13:52 - 2012-07-02 14:18 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-12-21 13:52 - 2011-12-11 00:18 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-12-20 04:14 - 2009-07-13 20:45 - 03021104 ____A C:\Windows\System32\FNTCACHE.DAT 2012-12-15 16:19 - 2012-12-08 08:09 - 00000000 ____D C:\Users\All Users\Pure Networks 2012-12-12 12:52 - 2012-01-09 14:04 - 00002445 ____A C:\Users\Dibbs\Desktop\Google Chrome.lnk 2012-12-08 08:42 - 2012-05-20 17:08 - 05020203 ____A C:\formatter.log 2012-12-08 08:30 - 2012-02-13 18:16 - 00000000 ____D C:\Users\Dibbs\AppData\Local\Corel 2012-12-08 08:28 - 2012-02-13 18:17 - 00000952 __ASH C:\Windows\SysWOW64\KGyGaAvL.sys 2012-12-08 08:28 - 2011-12-11 15:06 - 00110080 ____A C:\Users\Dibbs\AppData\Local\GDIPFONTCACHEV1.DAT 2012-12-08 07:53 - 2009-07-13 20:46 - 00002304 ____A C:\Windows\DtcInstall.log 2012-12-08 07:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2012-12-07 17:17 - 2011-12-17 06:32 - 00000000 ____D C:\Users\Dibbs\Documents\WBFS Manager Covers 2012-12-04 19:11 - 2012-12-04 19:11 - 00000000 ____D C:\Program Files (x86)\Pure Networks 2012-12-04 18:41 - 2012-12-04 17:33 - 00000000 ____D C:\Users\Dibbs\Downloads\Cisco Network Magic Pro 5.5.9195 incl.Patch{H33T}{Easypath} 2012-12-04 17:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2012-12-04 16:50 - 2012-12-04 16:50 - 00000000 ___AH C:\Users\Dibbs\Documents\Default.rdp 2012-12-03 14:59 - 2012-12-03 14:21 - 00000021 ____A C:\Users\Dibbs\Documents\hertz.txt 2012-11-29 17:52 - 2012-11-29 17:52 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk 2012-11-29 17:52 - 2011-12-10 22:18 - 00000000 ___RD C:\Program Files (x86)\Skype 2012-11-29 17:52 - 2011-12-10 22:16 - 00000000 ____D C:\Users\All Users\Skype ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-12-28 22:59:06 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3893.86 MB Available physical RAM: 3274.33 MB Total Pagefile: 3892.01 MB Available Pagefile: 3258.38 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:337.41 GB) (Free:149.37 GB) NTFS 2 Drive e: (MACOS) (Fixed) (Total:128.21 GB) (Free:128.2 GB) FAT32 ==>[system with boot components (obtained from reading drive)] 4 Drive g: (USB20FD) (Removable) (Total:30.44 GB) (Free:30.44 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 8 MB Disk 1 Online 30 GB 0 B Disk 2 No Media 0 B 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 100 MB 1024 KB Partition 2 Primary 337 GB 101 MB Partition 3 Primary 128 GB 337 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y System Rese NTFS Partition 100 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 337 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E MACOS FAT32 Partition 128 GB Healthy ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 30 GB 18 MB ================================================================================== Disk: 1 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G USB20FD FAT32 Removable 30 GB Healthy ========================================================= Last Boot: 2012-12-25 06:44 ==================== End Of Log =============================
  5. disinfectPL
    Hey... Thanks so much for the reply. Yes, the proxy was set by me. Working on your instructions.
  6. disinfectPL
    I am convinced I am infected ! This is my first time being shutdown like this... 1. The computer lags on the "Welcome" screen and desktop does not load... Wheel keeps on spinning and nothing else. 2. Safe Mode works. BUT, in safe mode, MBAM scan hangs on certain files....The computer just freezes. Same for Superantispyware and Bitdefender web scan. So I am pretty sure I am hosed... 3. Chameleon modes in MBAM also freeze the computer when scanner starts. Tried only first three steps in Chameleon help... My logs are attached. Thanks ! Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.