Jump to content

cyberfox

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. C:\Program Files (x86)\DnsBasic\dnsbasic.dll a variant of Win32/Adware.OneStep.CE application C:\Program Files (x86)\DragonApps\Operation BlackSquare\OperationBlackSquare.exe Win32/Packed.Autoit.H application C:\Users\Audio\Downloads\7zip-setup.exe multiple threats C:\Users\Audio\Downloads\bs_setup.exe Win32/Packed.Autoit.H application C:\Users\Audio\Downloads\WinRAR 64-Bit.exe a variant of Win32/AirAdInstaller.A application Operating memory a variant of Win32/Adware.OneStep.CE application
  2. Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.07.24.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Audio :: CS450-PC [administrator] Protection: Enabled 7/24/2013 2:37:00 PM mbam-log-2013-07-24 (14-37-00).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 238998 Time elapsed: 4 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) ============================================================================= HijackThis Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:44:59 PM, on 7/24/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Audio\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://windows.microsoft.com/en-US/internet-explorer/ie-10-welcome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (file missing) O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DnsBasic Service - Unknown owner - C:\Program Files (x86)\DnsBasic\dnsbasic.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: JTVNCProxy_11.0 - Unknown owner - C:\Program Files\Freedom Scientific\JAWS\11.0\JTVNCProxy.exe O23 - Service: JTVNCProxy_13.0 - Freedom Scientific BLV Group LLC - C:\Program Files\Freedom Scientific\JAWS\13.0\JTVNCProxy.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVDA (nvda) - NV Access Limited - C:\Program Files (x86)\NVDA\nvda_service.exe O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8944 bytes
  3. A-Pro Control Surface Plug-in (x64) Acronis Original Configuration Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.7) Advertising Center Amazing Slow Downer (remove only) AOL Toolbar Apple Application Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver Audacity 1.3.13 (Unicode) AutoSizer battle zone 13.4 Beatscape 1.0.2 BlindTunes CakeTalking 8.5 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish D3DX10 Dimension Pro 1.2 Dimension Pro Free Expansion Packs 1-3 DnsBasic 1.0 build 111 DolbyFiles EPSON Scan Freedom Scientific JAWS Training XTra DAISY Files Freedom Scientific Ocr Freedom Scientific OmniPage Freedom Scientific Synthesizer Eloquence GMA Tank Commander 1.2 Google Chrome Google Drive Google Update Helper HotSpotClicker iLok Client Helper ImagXpress Junk Mail filter update LADSPA_plugins-win-0.4.15 LAME v3.98.3 for Audacity LibreOffice 3.3 LibreOffice 3.3 Help Pack (English) License Support LightScribe System Software Malwarebytes Anti-Malware version 1.75.0.1300 Marvell Storage Utility V4 Menu Templates - Starter Kit Messenger Companion Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Native Instruments Guitar Rig 3 Native Instruments Service Center Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade NeroExpress NVDA Operation BlackSquare version 1.3.0.0 OverDrive Media Console QuickTime RealSpeak Solo Direct Jill Realtek High Definition Audio Driver Revo Uninstaller 1.95 Road To Rage I - Fires Of War version Patch19 Safari Sarah and the Castle of Witchcraft and Wizardry version 10 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) SendSpace Wizard Sentinel System Driver Installer 7.5.0 Shades of Doom 1.2 Skype Click to Call Skype™ 6.6 SONAR 8.5 Producer x64 SoundRTS 1.1 beta 2 SoundRTS 1.2 alpha 2 Studio Recorder SWClient TimePad v1.3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual C++ 64-bit Redistributables Visual C++ Redistributables Vocalizer Direct English-Spanish Suite Premium Winamp Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Messenger Companion Core Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yamaha USB-MIDI Driver
  4. I have question before I run CCleaner. Under the Applications Tab, there is "Acronis True Image" to be checked. I think this is the manufacturer's system install is on a hidden partition and Acronis is used to restore the computer. Should CCleaner clean it?
  5. A-Pro Control Surface Plug-in (x64) Acronis Original Configuration Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.7) Advertising Center Amazing Slow Downer (remove only) AOL Toolbar Apple Application Support Apple Software Update Asmedia ASM104x USB 3.0 Host Controller Driver Audacity 1.3.13 (Unicode) AutoSizer battle zone 13.4 Beatscape 1.0.2 BlindTunes CakeTalking 8.5 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish D3DX10 Dimension Pro 1.2 Dimension Pro Free Expansion Packs 1-3 DnsBasic 1.0 build 111 DolbyFiles EPSON Scan Freedom Scientific JAWS Training XTra DAISY Files Freedom Scientific Ocr Freedom Scientific OmniPage Freedom Scientific Synthesizer Eloquence GMA Tank Commander 1.2 Google Chrome Google Drive Google Update Helper HotSpotClicker iLok Client Helper ImagXpress Junk Mail filter update LADSPA_plugins-win-0.4.15 LAME v3.98.3 for Audacity LibreOffice 3.3 LibreOffice 3.3 Help Pack (English) License Support LightScribe System Software Malwarebytes Anti-Malware version 1.75.0.1300 Marvell Storage Utility V4 Menu Templates - Starter Kit Messenger Companion Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Native Instruments Guitar Rig 3 Native Instruments Service Center Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade NeroExpress NVDA Operation BlackSquare version 1.3.0.0 OverDrive Media Console QuickTime RealSpeak Solo Direct Jill Realtek High Definition Audio Driver Revo Uninstaller 1.95 Road To Rage I - Fires Of War version Patch19 Safari Sarah and the Castle of Witchcraft and Wizardry version 10 Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) SendSpace Wizard Sentinel System Driver Installer 7.5.0 Shades of Doom 1.2 Skype Click to Call Skype™ 6.6 SONAR 8.5 Producer x64 SoundRTS 1.1 beta 2 SoundRTS 1.2 alpha 2 Studio Recorder SWClient TimePad v1.3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual C++ 64-bit Redistributables Visual C++ Redistributables Vocalizer Direct English-Spanish Suite Premium Winamp Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Messenger Companion Core Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yamaha USB-MIDI Driver
  6. The Stop and Clear button was not available because I don't log in to Google. But I've uninstalled Chrome, restarted and installed it again. The suspect programs are still there. The IP-Blocks have stopped. The browser looks OK.
  7. And, as you stated, I refrained from doing anything like trying to uninstall or modify anything.
  8. Um, the IP-Block are a problem again. This just started. 2013/07/20 10:53:03 -1000 CS450-PC Audio IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 49447, Process: chrome.exe) I looked in the Programs and Features control panel to see if DnsBasic was still around and it is.There were programs which I didn't know how they got installed: "SoundRTS 1.1 beta 2""SoundRTS 1.2 alpha 2""SWClient" I googled just "SoundRTS" but Google Chrome search results didn't appear. What did appear was a blank webpage URL:http://www.dnsbasic.com/b.cgi?bk=H8QubDBk3r1FW43UEiP*uLt6nWaKesyR8ilM8TS2gj0Sems9JHFzOPcUDPdzGpdP1PT1mSew8EuoaYLQtKnafYyLKT3*ZTcui67xlFg5NHzilS5JkMB8-A1LWA And the IP-Blocks started up again.
  9. The IP-blocks have stopped as of July 19. Thank, I appreciate your expertise. Is there anything that can be done about the DnsBasic 1.0 build 111?
  10. Internet Explorer does not run anymore. I thought it was odd when IE recently started with https instead of my regular homepage http://www.google.com Now, the IE window opens with the normal URL but the window is blank and won't refresh.
  11. DNSBasic is still around. IP-Block outgoing has stopped. RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Audio [Admin rights] Mode : Remove -- Date : 07/19/2013 00:52:59 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] swclient.exe -- C:\Users\Audio\AppData\Roaming\SWClient\swclient.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 13 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : SWClient (C:\Users\Audio\AppData\Roaming\SWClient\swclient.exe [-]) -> DELETED [RUN][sUSP PATH] HKUS\S-1-5-21-4170338339-3089535287-139655539-1000\[...]\Run : SWClient (C:\Users\Audio\AppData\Roaming\SWClient\swclient.exe [-]) -> [0x2] The system cannot find the file specified. [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED [HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ POL] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V2][sUSP PATH] Test TimeTrigger : C:\Users\Audio\AppData\Local\Temp\Runner.exe - C:\Users\Audio\AppData\Local\Temp\DNS.exe [x][x] -> DELETED ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST310005 24AS SCSI Disk Device +++++ --- User --- [MBR] 89b2efe3e1111a8ebb54e1e8904f2de3 [bSP] 93230942c404740da7e5981bfc50630e : Legit.C MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 938091 Mo 2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1921417216 | Size: 15677 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_D_07192013_005259.txt >> RKreport[0]_S_07192013_005121.txt
  12. 00:19:11.0472 3416 ============================================================ 00:19:11.0472 3416 Scan finished 00:19:11.0472 3416 ============================================================ 00:19:11.0472 4148 Detected object count: 5 00:19:11.0472 4148 Actual detected object count: 5 00:21:08.0394 4148 DnsBasic Service ( UnsignedFile.Multi.Generic ) - skipped by user 00:21:08.0394 4148 DnsBasic Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:21:08.0394 4148 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 00:21:08.0394 4148 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:21:08.0394 4148 MSUWebService ( UnsignedFile.Multi.Generic ) - skipped by user 00:21:08.0394 4148 MSUWebService ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:21:08.0394 4148 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user 00:21:08.0394 4148 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:21:08.0394 4148 smbusp ( UnsignedFile.Multi.Generic ) - skipped by user 00:21:08.0394 4148 smbusp ( UnsignedFile.Multi.Generic ) - User select action: Skip 00:35:14.0979 3600 Deinitialize success
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.