Strobenz
-
Posts
8 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by Strobenz
-
Hello again, thanks a lot! My computer's speed is now enhanced, by far. Startup and Log out are very fast now! Unfortunately, my internet connection is still awfully slow, but I'm starting to think maybe my comp was not the problem at all... Anyway, thank you very much for your time and help, your procedures were so useful to improve its performance a lot! -
Hello again! Well, the ESET online scanner definitely does not want to cooperate, so I moved to F-Secure, but the "online scanner" there is an application that I had to download, I just had to click Start or something, and it would scan. After the scan, it said that no harmful items were found, but there was no option to generate a report or anything...
-
I could fix the entries in HijackThis, but the ESET online scanner doesn't seem to be working! I accepted the terms of use, and accepted the Addon to install, but it just stays in a pale blue screen. This is what it looks like: http://i.imgur.com/aRf7Mk6.png I tried several times but it doesn't work, what should I do now?
-
Hello again! I successfully uninstalled Adobe Reader and installed Foxit PDF Reader instead. This is MBAM's log: Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.org Versión de la Base de Datos: v2013.06.18.02 Windows 7 Service Pack 1 x86 NTFSInternet Explorer 10.0.9200.16618Emachines :: EMACHINES-PC [administrador] Protección: Habilitado 18/06/2013 08:47:46 a.m.mbam-log-2013-06-18 (08-47-46).txt Tipos de Análisis: Análisis RápidoOpciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUMOpciones de análisis desactivados: P2PObjetos examinados: 211765Tiempo transcurrido: 11 minuto(s), 33 segundo(s) Procesos en Memoria Detectados: 0(No se han detectado elementos maliciosos) Módulos de Memoria Detectados: 0(No se han detectado elementos maliciosos) Claves del Registro Detectados: 0(No se han detectado elementos maliciosos) Valores del Registro Detectados: 0(No se han detectado elementos maliciosos) Elementos de Datos del Registro Detectados: 0(No se han detectado elementos maliciosos) Carpetas Detectadas: 0(No se han detectado elementos maliciosos) Archivos Detectados: 0(No se han detectado elementos maliciosos) fin) And this is the HijackThis log: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 09:01:57 a.m., on 18/06/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v10.0 (10.00.9200.16611)Boot mode: Normal Running processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\system32\taskmgr.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\notepad.exeC:\Users\Emachines\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLLO2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -sO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiO4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')O4 - Startup: Dropbox.lnk = Emachines\AppData\Roaming\Dropbox\bin\Dropbox.exeO4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO8 - Extra context menu item: Descargar con IDM - C:\Program Files\Internet Download Manager\IEExt.htmO8 - Extra context menu item: Descargar con IDM todos los enlaces - C:\Program Files\Internet Download Manager\IEGetAll.htmO9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLLO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exeO23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exeO23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exeO23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exeO23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: Google Update Servicio (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Servicio (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exeO23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exeO23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exeO23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exeO23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exeO23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exeO23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exeO23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exeO23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exeO23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exeO23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exeO23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exeO23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exeO23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exeO23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe --End of file - 20426 bytes I didn't really have problems, but my computer now seems a bit slower than before... it takes longer to open a window using explorer.exe and the Internet connection is once again slow for almost every site!
-
OK, this is the log: ComboFix 13-06-17.01 - Emachines 18/06/2013 1:35.1.1 - x86Microsoft Windows 7 Ultimate 6.1.7601.1.1252.52.3082.18.766.280 [GMT -5:00]Running from: c:\users\Emachines\Desktop\ComboFix.exeAV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Emachines\AppData\Roaming\Microsoft\Windows\Recent\desktop_60951891.icoc:\users\Public\sdelevURL.tmp..((((((((((((((((((((((((( Files Created from 2013-05-18 to 2013-06-18 )))))))))))))))))))))))))))))))..2013-06-18 06:49 . 2013-06-18 06:49 -------- d-----w- c:\users\Emachines\AppData\Local\temp2013-06-18 06:49 . 2013-06-18 06:49 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-18 06:06 . 2013-06-18 06:06 -------- d-----w- c:\windows\ERUNT2013-06-18 06:06 . 2013-06-18 06:06 -------- d-----w- C:\JRT2013-06-18 01:56 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-18 01:56 . 2013-06-18 01:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-14 15:53 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEBFE1D9-AA4A-4A5B-ADC1-63A8238147BE}\mpengine.dll2013-06-12 01:45 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\system32\mshtml.tlb2013-06-12 01:45 . 2013-06-08 11:41 218112 ----a-w- c:\program files\Internet Explorer\sqmapi.dll2013-06-11 20:41 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll2013-06-11 20:41 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll2013-06-11 20:40 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll2013-06-11 20:40 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe2013-06-11 20:40 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\system32\crypt32.dll2013-06-11 20:40 . 2013-05-13 04:45 140288 ----a-w- c:\windows\system32\cryptsvc.dll2013-06-11 20:40 . 2013-05-13 04:45 103936 ----a-w- c:\windows\system32\cryptnet.dll2013-06-11 20:40 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll2013-06-11 20:39 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll2013-06-11 20:39 . 2013-05-06 05:06 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe2013-06-11 20:38 . 2013-05-06 05:06 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-06-11 20:38 . 2013-05-08 05:38 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-06-07 22:20 . 2013-06-07 22:21 -------- d-----w- c:\program files\KMP Modifier2013-06-04 00:44 . 2013-06-04 00:44 -------- d-----w- c:\program files\Wiimm2013-05-28 21:52 . 2013-05-28 21:52 -------- d-----w- c:\users\Emachines\AppData\Local\BrawlBox...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-06-12 14:36 . 2013-02-27 00:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-06-12 14:36 . 2013-02-27 00:17 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-09 08:59 . 2013-03-06 14:42 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-05-09 08:59 . 2013-03-06 14:42 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-05-09 08:59 . 2013-02-17 18:26 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-05-09 08:59 . 2013-02-17 18:26 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-05-09 08:59 . 2013-02-17 18:26 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-05-09 08:59 . 2013-02-17 18:26 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-05-09 08:59 . 2013-02-17 18:26 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-05-09 08:59 . 2013-02-17 18:26 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-05-09 08:58 . 2013-02-17 18:24 41664 ----a-w- c:\windows\avastSS.scr2013-05-09 08:58 . 2013-02-17 18:24 229648 ----a-w- c:\windows\system32\aswBoot.exe2013-05-02 07:06 . 2013-01-04 20:23 238872 ------w- c:\windows\system32\MpSigStub.exe2013-04-13 04:45 . 2013-05-15 21:33 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45 . 2013-05-15 21:33 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll2013-04-12 13:45 . 2013-04-24 14:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys2013-04-10 05:18 . 2013-05-15 21:33 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-04-10 05:18 . 2013-05-15 21:33 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2013-04-10 03:14 . 2013-05-15 21:33 2347520 ----a-w- c:\windows\system32\win32k.sys2013-04-02 16:22 . 2013-04-02 16:22 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe2013-04-02 16:22 . 2013-04-02 16:22 185344 ----a-w- c:\windows\system32\elshyph.dll2013-04-02 16:22 . 2013-04-02 16:22 158720 ----a-w- c:\windows\system32\msls31.dll2013-04-02 16:22 . 2013-04-02 16:22 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2013-04-02 16:22 . 2013-04-02 16:22 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll2013-04-02 16:22 . 2013-04-02 16:22 61952 ----a-w- c:\windows\system32\tdc.ocx2013-04-02 16:22 . 2013-04-02 16:22 523264 ----a-w- c:\windows\system32\vbscript.dll2013-04-02 16:22 . 2013-04-02 16:22 48640 ----a-w- c:\windows\system32\mshtmler.dll2013-04-02 16:22 . 2013-04-02 16:22 38400 ----a-w- c:\windows\system32\imgutil.dll2013-04-02 16:22 . 2013-04-02 16:22 361984 ----a-w- c:\windows\system32\html.iec2013-04-02 16:22 . 2013-04-02 16:22 23040 ----a-w- c:\windows\system32\licmgr10.dll2013-04-02 16:22 . 2013-04-02 16:22 150528 ----a-w- c:\windows\system32\iexpress.exe2013-04-02 16:22 . 2013-04-02 16:22 1441280 ----a-w- c:\windows\system32\inetcpl.cpl2013-04-02 16:22 . 2013-04-02 16:22 138752 ----a-w- c:\windows\system32\wextract.exe2013-04-02 16:22 . 2013-04-02 16:22 137216 ----a-w- c:\windows\system32\ieUnatt.exe2013-04-02 16:22 . 2013-04-02 16:22 12800 ----a-w- c:\windows\system32\mshta.exe2013-04-02 16:22 . 2013-04-02 16:22 110592 ----a-w- c:\windows\system32\IEAdvpack.dll2013-04-02 16:20 . 2013-04-02 16:20 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 1158144 ----a-w- c:\windows\system32\XpsPrint.dll2013-04-02 16:20 . 2013-04-02 16:20 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll2013-04-02 16:20 . 2013-04-02 16:20 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll2013-04-02 16:20 . 2013-04-02 16:20 906240 ----a-w- c:\windows\system32\FntCache.dll2013-04-02 16:20 . 2013-04-02 16:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll2013-04-02 16:20 . 2013-04-02 16:20 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll2013-04-02 16:20 . 2013-04-02 16:20 1247744 ----a-w- c:\windows\system32\DWrite.dll2013-04-02 16:20 . 2013-04-02 16:20 249856 ----a-w- c:\windows\system32\d3d10_1core.dll2013-04-02 16:20 . 2013-04-02 16:20 220160 ----a-w- c:\windows\system32\d3d10core.dll2013-04-02 16:20 . 2013-04-02 16:20 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll2013-04-02 16:20 . 2013-04-02 16:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll2013-04-02 16:20 . 2013-04-02 16:20 1080832 ----a-w- c:\windows\system32\d3d10.dll2013-04-02 16:20 . 2013-04-02 16:20 604160 ----a-w- c:\windows\system32\d3d10level9.dll2013-04-02 16:20 . 2013-04-02 16:20 3419136 ----a-w- c:\windows\system32\d2d1.dll2013-04-02 16:20 . 2013-04-02 16:20 293376 ----a-w- c:\windows\system32\dxgi.dll2013-04-02 16:20 . 2013-04-02 16:20 1988096 ----a-w- c:\windows\system32\d3d10warp.dll2013-04-02 16:20 . 2013-04-02 16:20 187392 ----a-w- c:\windows\system32\UIAnimation.dll2013-03-22 15:38 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-08 23:01 130736 ----a-w- c:\users\Emachines\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-08 23:01 130736 ----a-w- c:\users\Emachines\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-08 23:01 130736 ----a-w- c:\users\Emachines\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-11-20 11733648]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-22 280576].c:\users\Emachines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Emachines\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"mixer1"=wdmaud.drv.[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]"LightShot"=c:\users\Emachines\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe""USB2Check"=RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController.R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-07 1343400]R4 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]R4 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe [2012-03-12 232288]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S1 aswKbd;aswKbd; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 91936]S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-10-08 1699168]S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2012-09-24 100504]S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-18 10088]..[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-06-07 21:02 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 14:36].2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-11 01:38].2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-11 01:38]..------- Supplementary Scan -------.IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htmIE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Manager\IEGetAll.htmIE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.1.254.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - (no file)AddRemove-Driver Genius Professional Edition_is1 - c:\program files\Driver-Soft\DriverGenius\unins000.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-1220478274-4245428937-2032416992-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]@Denied: (Full) (Everyone)"scansk"=hex(0):1d,bd,1b,28,f2,6f,a4,a3,12,17,b3,53,11,ef,31,5f,d2,a2,a3,4d,9c, eb,54,59,b2,35,76,11,34,1d,ef,41,b0,f2,50,ef,b5,0a,5b,8d,00,00,00,00,00,00,\.[HKEY_USERS\S-1-5-21-1220478274-4245428937-2032416992-1000_Classes\CLSID\{7ddba722-e3c0-4a73-9121-51a4d5a503a3}]@Denied: (Full) (Everyone)@Allowed: (Read) (RestrictedCode)"Model"=dword:0000006d"Therad"=dword:0000001b"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-06-18 01:52:39ComboFix-quarantined-files.txt 2013-06-18 06:52.Pre-Run: 106,627,928,064 bytes libresPost-Run: 106,411,466,752 bytes libres.- - End Of File - - 31B562F3CF28DA75455355F5C200D030A36C5E4F47E84449FF07ED3517B43A31 Problems I had? Yes, one... the program said that my antivirus was still running, but I checked many times and disabled and disabled everything again, yet the program still said it was running, and that it would still do its job but under my own risk. Nothing unusual, other than the desktop disappearing, happened though. Also, it didn't reboot a single time, is this normal?
-
All right! I read the logs and it seems like the programs deleted useful stuff. This is AdwCleaner's log (It's in Spanish, since the program was too): # AdwCleaner v2.303 - Fichero creado el 18/06/2013 a 01:01:00# Actualizado el 08/06/2013 por Xplode# Sistema operativo : Windows 7 Ultimate Service Pack 1 (32 bits)# Usuario : Emachines - EMACHINES-PC# Modo de inicio : Normal# Ejecutado desde : C:\Users\Emachines\Desktop\AdwCleaner.exe# Opción [supresión] ***** [servicios] ***** ***** [Ficheros / Carpetas] ***** Carpeta Suprimido : C:\Program Files\ConduitCarpeta Suprimido : C:\ProgramData\AskCarpeta Suprimido : C:\ProgramData\BabylonCarpeta Suprimido : C:\Users\Emachines\AppData\LocalLow\ConduitFichero Suprimido : C:\user.js ***** [Registro] ***** Clave Supprimida : HKCU\Software\582d888b26fba48Clave Supprimida : HKCU\Software\AppDataLow\Software\ConduitClave Supprimida : HKCU\Software\AppDataLow\Software\ConduitSearchScopesClave Supprimida : HKCU\Software\AppDataLow\Software\SmartBarClave Supprimida : HKCU\Software\BabylonToolbarClave Supprimida : HKCU\Software\ConduitClave Supprimida : HKCU\Software\DataMngrClave Supprimida : HKCU\Software\DataMngr_ToolbarClave Supprimida : HKCU\Software\IMClave Supprimida : HKCU\Software\IminentClave Supprimida : HKCU\Software\ImInstallerClave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Clave Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}Clave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettingsClave Supprimida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Clave Supprimida : HKLM\Software\BabylonClave Supprimida : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}Clave Supprimida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}Clave Supprimida : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}Clave Supprimida : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}Clave Supprimida : HKLM\SOFTWARE\Classes\Prod.capClave Supprimida : HKLM\Software\ConduitClave Supprimida : HKLM\Software\DataMngrClave Supprimida : HKLM\Software\Freeze.comClave Supprimida : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdClave Supprimida : HKLM\Software\IB UpdaterClave Supprimida : HKLM\Software\IminentClave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}Clave Supprimida : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCSClave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCSClave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCSClave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Clave Supprimida : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSClave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5Clave Supprimida : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375Valor Supprimida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]Valor Supprimida : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [Navegadores] ***** -\\ Internet Explorer v10.0.9200.16611 -\\ Google Chrome v27.0.1453.110 Fichero : C:\Users\Emachines\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] El fichero no contiene ninguna entrada ilegítima. ************************* AdwCleaner[s1].txt - [8413 octets] - [18/06/2013 01:01:00] ########## EOF - C:\AdwCleaner[s1].txt - [8473 octets] ########## And this is JRT.txt log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Windows 7 Ultimate x86Ran by Emachines on 18/06/2013 at 1:06:45.97~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4B23000C-F53F-4390-AB0B-5DDE35FA48DC} ~~~ Files Successfully deleted: [File] "C:\Windows\system32\turegopt.exe" ~~~ Folders Successfully deleted: [Folder] "C:\Program Files\driver-soft" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 18/06/2013 at 1:09:31.49End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ OK, things I noticed: *Booting was faster after AdwCleaner.*Internet connection is a bit faster compared to before. Some sites like Google or "wiki.tockdom.com" load fast, but others such as Youtube take a little longer, and videos still take a while to load correctly*When I started Chrome again, it didn't send me to my home page, which are 2 tabs: Google and Facebook. It sent me to the "new tab" site, where my apps are at.
-
Hi Gringo! Thanks for replying! This is the Attach.txt log: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2Install Date: 10/12/2012 06:06:13 p.m.System Uptime: 18/06/2013 12:02:21 a.m. (0 hours ago).Motherboard: eMachines | | HM50-YK Processor: AMD Athlon Processor TF-20 | Socket M2/S1G1 | 1600/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 136 GiB total, 99.306 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP95: 14/06/2013 10:51:43 a.m. - Windows Update.==== Image File Execution Options =============.IFEO: 3dsmax.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: dropbox.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: dropboxuninstaller.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: excel.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: groove.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: infopath.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: ltu.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: m3gplayer.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: maxfind.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: msaccess.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: msoxmled.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: mspub.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: mstore.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: offdiag.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: ois.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: onenote.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: onenotem.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: outlook.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: powerpnt.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: unins000.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"IFEO: winword.exe - "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe".==== Installed Programs ======================.2007 Microsoft Office Suite Service Pack 1 (SP1)Adobe Flash Player 11 ActiveXAdobe Reader 9.1 - EspañolAdvertising CenterAMD Catalyst Install ManagerASIO4ALLAutodesk 3ds Max 2010 32-bitAutodesk FBX Converter 2010.2Autodesk FBX Plugin 2009.4 - 3ds Max 2010avast! Free AntivirusCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center HydraVision FullCatalyst Control Center Localization Allccc-core-staticccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCompresor WinRARCToolsDolbyFilesDriver Genius Professional EditionDropboxFileASSASSINFL Studio 10FormatFactory 3.0.1Google ChromeGoogle Update HelperHxD Hex Editor versión 1.7.7.0IL Download ManagerImagXpressInCD HelpInternet Download ManagerK-Lite Mega Codec Pack 5.0.5Kmp CloudKMP Modifier v3.1clightshot-3.4.0.50Malwarebytes Anti-Malware versión 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 Client Profile ESN Language PackMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Extended ESN Language PackMicrosoft Application Error ReportingMicrosoft Office Access MUI (Spanish) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (Spanish) 2007Microsoft Office Groove MUI (Spanish) 2007Microsoft Office InfoPath MUI (Spanish) 2007Microsoft Office OneNote MUI (Spanish) 2007Microsoft Office Outlook MUI (Spanish) 2007Microsoft Office PowerPoint MUI (Spanish) 2007Microsoft Office Proof (Basque) 2007Microsoft Office Proof (Catalan) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Galician) 2007Microsoft Office Proof (Portuguese (Brazil)) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (Spanish) 2007Microsoft Office Publisher MUI (Spanish) 2007Microsoft Office Shared MUI (Spanish) 2007Microsoft Office Word MUI (Spanish) 2007Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Mobile Broadband HL ServiceMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Nero BurnRightsNero BurnRights HelpNero ControlCenterNero CoverDesignerNero CoverDesigner HelpNero Disc Copy GadgetNero Disc Copy Gadget HelpNero DiscSpeedNero DiscSpeed HelpNero DriveSpeedNero DriveSpeed HelpNero Express HelpNero InfoToolNero InfoTool HelpNero InstallerNero Online UpgradeNero PhotoSnapNero PhotoSnap HelpNero RecodeNero Recode HelpNero ShowTimeNero StartSmartNero StartSmart HelpNero StartSmart OEMNero VisionNero Vision HelpNeroExpressneroxmlPaint.NET v3.5.10Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverRealtek High Definition Audio DriverreFX Vanguard VSTi RTAS v1.8.0SketchUp 8SkinsSkype™ 6.3SZS ModifierTuneUp Utilities 2013TuneUp Utilities Language Pack (es-ES).==== End Of File =========================== And this one is the DDS.txt log:DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16611Run by Emachines at 0:15:17 on 2013-06-18Microsoft Windows 7 Ultimate 6.1.7601.1.1252.52.3082.18.766.105 [GMT -5:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\Ati2evxx.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Windows\system32\taskhost.exeC:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exeC:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\System32\svchost.exe -k secsvcs.============== Pseudo HJT Report ===============.uURLSearchHooks: {db131c55-60c8-4adc-84dc-9e76ab06e2dc} - <orphaned>BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dllmRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -smRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /noguidRunOnce: [sPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601StartupFolder: c:\users\emachi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\emachines\appdata\roaming\dropbox\bin\Dropbox.exeStartupFolder: c:\users\emachi~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXEmPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Descargar con IDM - c:\program files\internet download manager\IEExt.htmIE: Descargar con IDM todos los enlaces - c:\program files\internet download manager\IEGetAll.htmIE: E&xportar a Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.1.254TCP: Interfaces\{D1E8E514-E273-4172-B728-32F9B330D8A7} : DHCPNameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{DD4DA356-FCF5-40EB-89DC-EA90A9FD33B8} : DHCPNameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{EC2911DC-9942-48FA-9D25-E5C8FBE97F2F} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{EC2911DC-9942-48FA-9D25-E5C8FBE97F2F}\94E46494E4944555D433636323 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{EC2911DC-9942-48FA-9D25-E5C8FBE97F2F}\94E46494E4944555D483139343 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{EC2911DC-9942-48FA-9D25-E5C8FBE97F2F}\94E46494E4944555D487175763 : DHCPNameServer = 192.168.1.254 0.0.0.0TCP: Interfaces\{F80DB8DB-5DF1-4DF7-B333-6A0F0BA030AD} : DHCPNameServer = 192.168.42.129Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllAppInit_DLLs= c:\progra~2\browse~1\25986~1.67\{c16c1~1\browse~1.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: 3dsmax.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"IFEO: dropbox.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"IFEO: dropboxuninstaller.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"IFEO: excel.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe"IFEO: groove.exe - "c:\program files\tuneup utilities 2013\TUAutoReactivator32.exe".Note: multiple IFEO entries found. Please refer to Attach.txt.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-6 49376]R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-6 174664]R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-4-11 21576]R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-17 765736]R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-17 368944]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-17 29816]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-17 66336]R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-27 46808]R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-2-23 91936]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-17 418376]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-17 701512]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-10-8 1699168]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-10-5 100504]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-17 22856]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-18 10088]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-5-13 30312]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-3 15872]S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-5-13 12776]S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-5-13 136808]S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-5-13 114280]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-18 52224]S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\wat\WatAdminSvc.exe [2013-1-7 1343400]S4 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]S4 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\mobilebrserv\mbbService.exe [2013-2-13 232288].=============== Created Last 30 ================.2013-06-18 01:56:33 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-18 01:56:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-14 15:53:20 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{bebfe1d9-aa4a-4a5b-adc1-63a8238147be}\mpengine.dll2013-06-12 01:45:32 2706432 ----a-w- c:\windows\system32\mshtml.tlb2013-06-12 01:45:31 218112 ----a-w- c:\program files\internet explorer\sqmapi.dll2013-06-11 20:41:25 1505280 ----a-w- c:\windows\system32\d3d11.dll2013-06-11 20:41:12 24576 ----a-w- c:\windows\system32\cryptdlg.dll2013-06-11 20:40:32 492544 ----a-w- c:\windows\system32\win32spl.dll2013-06-11 20:40:14 903168 ----a-w- c:\windows\system32\certutil.exe2013-06-11 20:40:12 1160192 ----a-w- c:\windows\system32\crypt32.dll2013-06-11 20:40:11 140288 ----a-w- c:\windows\system32\cryptsvc.dll2013-06-11 20:40:11 103936 ----a-w- c:\windows\system32\cryptnet.dll2013-06-11 20:40:10 43008 ----a-w- c:\windows\system32\certenc.dll2013-06-11 20:39:09 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll2013-06-11 20:39:00 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe2013-06-11 20:38:58 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-06-11 20:38:47 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys2013-06-11 20:25:23 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll2013-06-07 22:20:59 -------- d-----w- c:\program files\KMP Modifier2013-06-04 00:44:38 -------- d-----w- c:\program files\Wiimm2013-05-28 21:52:54 -------- d-----w- c:\users\emachines\appdata\local\BrawlBox.==================== Find3M ====================.2013-06-12 14:36:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-06-12 14:36:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-17 01:25:57 1767936 ----a-w- c:\windows\system32\wininet.dll2013-05-17 01:25:27 2877440 ----a-w- c:\windows\system32\jscript9.dll2013-05-17 01:25:26 61440 ----a-w- c:\windows\system32\iesetup.dll2013-05-17 01:25:26 109056 ----a-w- c:\windows\system32\iesysprep.dll2013-05-14 08:40:13 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2013-05-09 08:59:10 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-05-09 08:59:10 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-05-09 08:59:10 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr2013-05-02 07:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2013-04-10 03:14:06 2347520 ----a-w- c:\windows\system32\win32k.sys2013-04-02 16:20:56 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-03-22 15:38:54 152576 ----a-w- c:\windows\system32\msclmd.dll.============= FINISH: 0:17:52.04 =============== Should I delete the program now? Thanks
-
Hello, and good night. As the title says, I KNOW I have malware somewhere in my computer. I noticed because my internet suddenly slowed down a lot, pages take ages to load and videos don't load at all sometimes, in the Task Manager, I noticed that the processes csrss.exe and dllhost.exe sometimes do not have Description, I think that's wrong. I installed MBAM but at first it wouldn't run, so I looked up help and found out the Chameleon technology. I tried everything but still didn't work. I even tried RKill, but nothing would allow me to run MBAM, except rebooting on Safe Mode! Once in Chameleon, it opened MBAM and did a scan, but found nothing.... I also tried that Microsoft Malware tool, I forget its name, but it didn't find anything either. As a side note, when I was in Safe Mode, I noticed that csrss.exe DID have a description in the Task Manager; could this be the infection I'm looking for? Still after the scans I ran, my internet connection is very slow, and it takes a little bit longer to boot the computer now. I have no idea what to do now! My major concern is my internet connection, as I am very often active in many forums and sites, I have important stuff here and I'm afraid it's not only malware but spyware or anything else. Please help me!
