Jump to content

HERPDERPHURR

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks for the fast response; after reading, it seems most reasonable to just reinstall windows ty for linking the reformat guide steps as well
  2. I created a restore point before installing a codec pack, made sure to uncheck the selections for extra toolbars/new browser homepage, but immediately following the installation my connection became terrible, so I uninstalled it and System Restore'd to the point I had just created Initially Malwarebytes didn't detect anything, but Anti-Rootkit found the following: Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377\@ --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377\U --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-188122629-993190504-2215698771-1001\$106f1fd83ea41f5b14b9385a471eb377\U --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377\L --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377\L\00000004.@ --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377\L\76603ac3 --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-188122629-993190504-2215698771-1001\$106f1fd83ea41f5b14b9385a471eb377\L --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$106f1fd83ea41f5b14b9385a471eb377 --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-188122629-993190504-2215698771-1001\$106f1fd83ea41f5b14b9385a471eb377 --> [Trojan.Siredef.C] which was removed without a reboot (Removal successful. No system shutdown is required.) afterwards, a second Malwarebytes scan showed them as quarantined, so I deleted them even so, something is continuing to consume bandwidth (the instances of Chrome.exe in the log are the forum instructions minimized in the background) DDS----- DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16618Run by Phillip at 15:12:30 on 2013-07-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8140.5718 [GMT -5:00].SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\AlienRespawn\sftservice.EXEC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exec:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exeC:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Real\RealPlayer\Update\realsched.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exeC:\Program Files (x86)\AlienRespawn\TOASTER.EXEC:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXEC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Alienware\Command Center\AWCCServiceController.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exeC:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exeC:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files\Alienware\Command Center\AlienFusionService.exeC:\Program Files\Alienware\Command Center\AlienFusionController.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============. Attatch----- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 11/23/2011 1:11:04 PMSystem Uptime: 7/13/2013 11:26:22 AM (4 hours ago).Motherboard: Alienware | | M17xR3Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1600mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 688 GiB total, 535.148 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP89: 7/13/2013 8:57:51 AM - PreCodecRP90: 7/13/2013 9:30:36 AM - Restore OperationRP91: 7/13/2013 11:03:53 AM - Malwarebytes Anti-Rootkit Restore Point.==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAdobe Reader 9.1.2Advanced Audio FX EngineAlienRespawnAlienRespawn - Support SoftwareAlienware M17x ManualAlienware On-Screen DisplayAlienware Product RegistrationAMD APP SDK RuntimeAoA Audio ExtractorApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAudacity 2.0.2BandicamBandisoft MPEG-1 DecoderBattlefield 2 DemoCatalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCommand CenterCounter-Strike: SourceD3DX10DAoC PortalDark Age of CamelotDell DataSafe OnlineDirectX 9 RuntimeEMSCFreestyle GunZ Version 7Garry's ModGoogle ChromeGoogle Update HelperHeidiSQL 7.0.0.4053IDT AudioIntegrated Webcam Live! CentralIntel PROSet WirelessIntel® PROSet/Wireless WiFi SoftwareIntel® Rapid Storage TechnologyiTunesKilling FloorKilling Floor SDKLAME v3.99.3 (for Windows)Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft Application Error ReportingMicrosoft Help Viewer 1.0Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2008 R2 Management ObjectsMicrosoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft SQL Server System CLR TypesMicrosoft Visual C# 2010 Express - ENUMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft Visual Studio 2010 ADO.NET Entity Framework ToolsMicrosoft Visual Studio 2010 Express Prerequisites x64 - ENUMSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MySQL Server 5.5Orbit DownloaderPaint.NET v3.5.10Pando Media BoosterPhotoShowExpressPokemon Online 2.0.22PowerXpressHybridPX Profile UpdateQuickTimeRBVirtualFolder64InstRealDownloaderRealNetworks - Microsoft Visual C++ 2008 RuntimeRealNetworks - Microsoft Visual C++ 2010 RuntimeRealPlayerRealUpgrade 1.1Roxio Activation ModuleRoxio BackOnTrackRoxio BurnRoxio Creator StarterRoxio Express Labeler 3Roxio File BackupSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Sonic CinePlayer Decoder PackSource SDKSteamSynaptics Pointing Device DriverTeam Fortress 2Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENUVTFEdit 1.2.5Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinRAR 4.20 (64-bit).==== Event Viewer Messages From Past Week ========.7/9/2013 11:51:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.7/9/2013 11:51:35 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/13/2013 11:27:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.