Jump to content

brzdy

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Okay im pretty sure my systems clean now, thanks for all your help I would not know what to do without you.
  2. Okay I have done everything you said to, logs are all in attachments. RKreport0_S_07302013_220453.txt Addition.txt AdwCleanerS2.txt ESETlog.txt FRST.txt JRT.txt mbar-log-2013-07-30 (22-08-22).txt system-log.txt
  3. Do you mean to just press "Remove Selected? If so I did that, I have tried scanning with malware bytes and pressing "Remove Selected" three times, and below are logs from what the sticky thread says. .AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\system32\dwm.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\atieclxx.exeC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Windows\system32\svchost.exe -k apphostC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exeC:\Program Files\Viscosity\ViscosityService.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\taskhostex.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\Explorer.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Windows\System32\RuntimeBroker.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Users\nick\AppData\Roaming\Microsoft\update.exeC:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\notepad.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uWinlogon: Shell = C:\Users\nick\AppData\Roaming\Microsoft\update.exe,explorer.exemWinlogon: Userinit = userinit.exe,BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dllBHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dlluRun: [work] C:\Users\nick\AppData\Roaming\Microsoft\update.exemRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /RmRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\nick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\windows.lnk - C:\Users\nick\AppData\Roaming\Microsoft\update.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTCP: NameServer = 192.168.1.230 64.233.207.8TCP: Interfaces\{3D5E1E35-B44F-4D75-A080-1CB601822BDF} : DHCPNameServer = 8.8.8.8 8.8.4.4TCP: Interfaces\{5A451449-BDD1-4077-B031-3782EE7AABEE} : DHCPNameServer = 192.168.1.230 64.233.207.8Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\nick\AppData\Roaming\Mozilla\Firefox\Profiles\ifr05d98.default\FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-07-25 14:03; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgnFF - ExtSQL: 2013-07-25 14:04; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgnFF - ExtSQL: 2013-07-28 05:46; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-23 79528]R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-23 26280]R0 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\symds64.sys [2013-7-26 493656]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\symefa64.sys [2013-7-26 1139800]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-15 1393240]R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2013-7-26 169048]R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-6-8 92536]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130727.001\IDSviA64.sys [2013-7-29 513184]R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\ironx64.sys [2013-7-26 224416]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-7-26 433752]R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-6-8 98208]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-2 239616]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-6 361984]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-30 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-30 701512]R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-7-26 144368]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-7-12 3289472]R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-28 4153184]R2 ViscosityService;Viscosity Service;C:\Program Files\Viscosity\ViscosityService.exe [2013-7-28 46680]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-7-27 138912]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-7-30 25928]R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-6-8 266896]R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-8 683664]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-6-8 57000]R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288]S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symelam.sys [2013-7-26 23448]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-6-8 41272]S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-6-8 43832]S3 visctap0901;Viscosity Virtual Adapter V9.1;C:\Windows\System32\Drivers\visctap0901.sys [2013-7-28 38856].=============== Created Last 30 ================.2013-07-30 23:53:58 -------- d-----w- C:\Users\nick\AppData\Roaming\dclogs2013-07-30 23:38:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-07-30 23:38:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-30 03:41:15 67632 ----a-w- C:\Windows\System32\msln.exe2013-07-30 03:30:52 -------- d-----w- C:\Users\nick\AppData\Roaming\Malwarebytes2013-07-30 03:30:37 -------- d-----w- C:\ProgramData\Malwarebytes2013-07-30 00:38:12 1539702 ----a-w- C:\Users\nick\AppData\Roaming\Microsoft\update.exe2013-07-29 14:37:58 -------- d-----w- C:\Users\nick\AppData\Local\gtk-2.02013-07-29 14:37:55 -------- d-----w- C:\Users\nick\.thumbnails2013-07-29 01:58:56 -------- d-----w- C:\Program Files\Common Files\Viscosity2013-07-29 01:30:43 -------- d-----w- C:\Users\nick\AppData\Roaming\Viscosity2013-07-29 01:28:58 38856 ----a-w- C:\Windows\System32\drivers\visctap0901.sys2013-07-29 01:28:58 -------- d-----w- C:\Program Files\Viscosity2013-07-28 23:31:02 144384 ----a-w- C:\Windows\System32\tssdisai.dll2013-07-28 23:10:24 1075424 ----a-w- C:\ProgramData\Microsoft\WDExpress\11.0\1033\ResourceCache.dll2013-07-28 22:54:48 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft2013-07-28 22:54:26 -------- d-----w- C:\Program Files (x86)\Windows Kits2013-07-28 22:51:22 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer2013-07-28 22:48:18 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server2013-07-28 22:48:17 -------- d-----w- C:\Program Files\Microsoft SQL Server2013-07-28 22:47:33 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition2013-07-28 22:45:22 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 11.02013-07-28 22:43:08 -------- d-----w- C:\ProgramData\Package Cache2013-07-28 13:58:54 -------- d-----w- C:\Users\nick\AppData\Roaming\TeamViewer2013-07-28 13:56:36 -------- d-----w- C:\Program Files (x86)\TeamViewer2013-07-28 12:45:54 -------- d-----r- C:\Program Files (x86)\Skype2013-07-28 05:24:27 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-07-28 05:24:26 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-07-27 20:04:01 -------- d-----w- C:\Users\nick\jagexcache2013-07-27 02:16:56 433752 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\symnets.sys2013-07-27 02:16:56 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1404000.028\symelam.sys2013-07-27 02:16:55 796760 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\srtsp64.sys2013-07-27 02:16:55 493656 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\symds64.sys2013-07-27 02:16:55 36952 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\srtspx64.sys2013-07-27 02:16:55 224416 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\ironx64.sys2013-07-27 02:16:55 169048 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\ccsetx64.sys2013-07-27 02:16:55 1139800 ----a-w- C:\Windows\System32\drivers\NISx64\1404000.028\symefa64.sys2013-07-27 02:16:26 -------- d-----w- C:\Windows\System32\drivers\NISx64\1404000.0282013-07-26 22:28:09 -------- d-----w- C:\Users\nick\AppData\Roaming\uTorrent2013-07-26 22:20:36 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll2013-07-26 22:20:33 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll2013-07-26 22:13:15 -------- d-----w- C:\Users\nick\AppData\Local\Vitalwerks2013-07-26 22:11:59 148480 ----a-w- C:\Windows\System32\poqexec.exe2013-07-26 22:11:59 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe2013-07-26 22:00:27 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin2013-07-26 21:54:48 1838080 ----a-w- C:\Windows\System32\DWrite.dll2013-07-26 21:54:48 1421312 ----a-w- C:\Windows\SysWow64\DWrite.dll2013-07-26 21:54:46 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-26 21:54:08 3552768 ----a-w- C:\Windows\System32\tquery.dll2013-07-26 21:52:59 95744 ----a-w- C:\Windows\System32\drivers\hidbth.sys2013-07-26 21:51:44 83688 ----a-w- C:\Windows\System32\mcupdate_AuthenticAMD.dll2013-07-26 21:51:43 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-26 21:51:43 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-26 21:49:23 1889280 ----a-w- C:\Windows\System32\crypt32.dll2013-07-26 21:49:22 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-26 21:49:21 68096 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-26 21:49:21 141312 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-26 21:49:21 1255936 ----a-w- C:\Windows\System32\certutil.exe2013-07-26 21:49:21 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-26 21:49:21 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe2013-07-26 21:45:48 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll2013-07-26 21:44:55 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll2013-07-26 19:46:21 -------- d-----w- C:\Users\nick\AppData\Roaming\Philipp Winterberg2013-07-26 19:46:07 -------- d-----w- C:\Program Files (x86)\Free RAR Extract Frog2013-07-26 19:12:27 -------- d-----w- C:\Users\nick\AppData\Local\gegl-0.22013-07-26 19:12:27 -------- d-----w- C:\Users\nick\.gimp-2.82013-07-26 19:10:17 -------- d-----w- C:\Program Files\GIMP 22013-07-26 19:08:59 -------- d-----w- C:\Users\nick\AppData\Local\Programs2013-07-26 19:05:08 -------- d-----w- C:\Users\nick\AppData\Roaming\hpqlog2013-07-26 19:05:07 -------- d-----w- C:\Users\nick\AppData\Local\Hewlett-Packard2013-07-26 07:55:23 11264 ----a-w- C:\Windows\SysWow64\SPORDER.DLL2013-07-26 06:11:51 -------- d-----w- C:\Users\nick\AppData\Local\Macromedia2013-07-26 05:46:28 -------- d-----w- C:\Users\nick\AppData\Local\Adobe2013-07-26 05:42:21 -------- d-----w- C:\Users\nick\AppData\Local\ElevatedDiagnostics2013-07-26 05:42:18 -------- d-----w- C:\Users\nick\AppData\Local\Diagnostics2013-07-26 04:10:08 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-07-26 04:01:45 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-07-26 04:01:45 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-07-26 02:27:46 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys2013-07-26 01:47:54 -------- d-----w- C:\Users\nick\AppData\Roaming\WildTangent2013-07-26 01:36:45 -------- d-----w- C:\Users\nick\AppData\Local\CyberLink2013-07-25 21:37:58 -------- d-----w- C:\Users\nick\AppData\Local\Google2013-07-25 21:36:52 -------- d-----w- C:\Users\nick\AppData\Local\Apps2013-07-25 21:36:51 -------- d-----w- C:\Users\nick\AppData\Local\Deployment2013-07-25 21:28:47 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared2013-07-25 21:11:31 -------- d-----w- C:\Users\nick\AppData\Local\AMD2013-07-25 21:10:32 -------- d-----w- C:\Users\nick\AppData\Local\ATI2013-07-25 21:08:35 -------- d-----r- C:\Users\nick\Searches2013-07-25 21:08:35 -------- d-----r- C:\Users\nick\Contacts2013-07-25 21:05:31 -------- d-----w- C:\Users\nick\AppData\Local\Power2Go82013-07-25 21:05:23 -------- d-----w- C:\Users\nick\AppData\Roaming\Synaptics2013-07-25 21:03:51 -------- d-----w- C:\Users\nick\AppData\Local\VirtualStore2013-07-25 21:03:26 -------- d-----w- C:\Users\nick\AppData\Local\Packages2013-07-12 21:42:18 6129024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll2013-07-12 21:42:18 6129024 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll.==================== Find3M ====================.2013-07-27 02:19:25 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-06-08 09:02:07 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll2013-06-08 09:02:06 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll2013-06-08 09:02:06 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll2013-06-01 09:25:03 496640 ----a-w- C:\Windows\SysWow64\qedit.dll2013-06-01 09:21:34 595968 ----a-w- C:\Windows\System32\qedit.dll2013-05-30 23:14:23 4036096 ----a-w- C:\Windows\System32\win32k.sys2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-05-17 02:12:26 819440 ----a-w- C:\Windows\System32\SynCOM.dll2013-05-17 02:12:26 351984 ----a-w- C:\Windows\SysWow64\SynCom.dll2013-05-17 02:12:22 524016 ----a-w- C:\Windows\System32\drivers\SynTP.sys2013-05-17 02:12:22 192240 ----a-w- C:\Windows\System32\SynTPCo19.dll2013-05-17 02:12:22 151280 ----a-w- C:\Windows\SysWow64\SynTPCom.dll2013-05-17 02:12:20 264432 ----a-w- C:\Windows\System32\SynTPAPI.dll2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll2013-05-15 02:25:59 888320 ----a-w- C:\Windows\System32\autochk.exe2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs.============= FINISH: 18:41:58.67 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8Boot Device: \Device\HarddiskVolume2Install Date: 7/25/2013 2:03:05 PMSystem Uptime: 7/30/2013 4:51:51 PM (2 hours ago).Motherboard: Hewlett-Packard | | 188BProcessor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 274 GiB total, 227.53 GiB free.D: is FIXED (NTFS) - 23 GiB total, 2.825 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Viscosity Virtual Adapter V9.1Device ID: ROOT\NET\0000Manufacturer: SparklabsName: Viscosity Virtual Adapter V9.1PNP Device ID: ROOT\NET\0000Service: visctap0901.==== System Restore Points ===================.RP3: 7/25/2013 9:00:36 PM - Installed Java 7 Update 25RP4: 7/28/2013 3:42:01 PM - Microsoft Visual Studio Express 2012 for Windows Desktop - ENU.==== Installed Programs ======================.µTorrent4 Elements IIAdobe Flash Player 11 PluginAdobe Shockwave Player 11.6AMD APP SDK RuntimeAMD Catalyst Install ManagerAMD FuelAMD VISION Engine Control CenterBejeweled 3BonjourBuild-a-lot 4 - Power SourceCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishChuzzle DeluxeCradle Of Egypt Collector's EditionCradle of Rome 2CyberLink LabelPrintCyberLink Media Suite 10CyberLink Power2Go 8CyberLink PowerDVDCyberLink YouCamD3DX10Energy StarEntity Framework Designer for Visual Studio 2012 - enuFarm FrenzyFATE: The Cursed KingFinal Drive FuryFlatOut 2Free RAR Extract FrogGIMP 2.8.6Google ChromeGoogle Update HelperGovernor of Poker 2 Premium EditionHewlett-Packard ACLM.NET v1.2.0.0Hoyle Card GamesHP Customer Experience EnhancementsHP DocumentationHP GamesHP MyRoomHP Postscript ConverterHP Quick LaunchHP Recovery ManagerHP Registration ServiceHP Software FrameworkHP Support AssistantHP Utility CenterHP Wireless Button DriverJava 7 Update 25Java Auto UpdaterJewel Match 3John Deere Drive GreenLuxor EvolvedMahjongg Dimensions Deluxe: Tiles in TimeMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Multi-Targeting PackMicrosoft .NET Framework 4.5 Multi-Targeting PackMicrosoft .NET Framework 4.5 SDKMicrosoft Application Error ReportingMicrosoft Help Viewer 2.0Microsoft OfficeMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64)Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 x64 ENUMicrosoft SQL Server Data Tools - enu (11.1.20828.01)Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)Microsoft System CLR Types for SQL Server 2012Microsoft System CLR Types for SQL Server 2012 (x64)Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft Visual C++ 2012 32bit Compilers - ENU ResourcesMicrosoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727Microsoft Visual C++ 2012 x86-x64 CompilersMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727Microsoft Visual Studio 2012 Express Prerequisites x64 - ENUMicrosoft Visual Studio 2012 Shell (Minimum)Microsoft Visual Studio 2012 Shell (Minimum) Interop AssembliesMicrosoft Visual Studio 2012 Shell (Minimum) ResourcesMicrosoft Visual Studio Express 2012 for Windows DesktopMicrosoft Visual Studio Express 2012 for Windows Desktop - ENUMicrosoft Visual Studio Team Foundation Server 2012 Object ModelMicrosoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENUMicrosoft Visual Studio Team Foundation Server 2012 Team ExplorerMicrosoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENUMortimer Beckett and the Crimson Thief Premium EditionMozilla Firefox 22.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMystery P.I. - Curious Case of Counterfeit CoveNo-IP DUCNorton Internet SecurityPeggle NightsPenguins!Polar BowlerPolar GolferPrerequisites for SSDT Qualcomm Atheros Driver Installation ProgramRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek PCIE Card ReaderRoads of Rome 3Skype Click to CallSkype™ 6.6swMSMSynaptics Pointing Device DriverTales of LagoonaTeamViewer 8Update for (KB2504637)Update for Microsoft Visual Studio 2012 (KB2781514)Update Installer for WildTangent Games AppVacation Quest™ - AustraliaViscosity 1.4.5 (1203)WildTangent GamesWildTangent Games AppWindows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live Language SelectorWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Software Development KitWindows Software Development Kit DirectX x64 RemoteWindows Software Development Kit DirectX x86 RemoteWindows Software Development Kit for Windows Store AppsWindows Software Development Kit for Windows Store Apps DirectX x64 RemoteWindows Software Development Kit for Windows Store Apps DirectX x86 RemoteZuma's Revenge.==== Event Viewer Messages From Past Week ========.7/29/2013 9:13:49 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.7/29/2013 1:25:21 PM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.7/27/2013 10:39:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.7/25/2013 2:36:55 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900..==== End Of File ===========================
  4. I had a problem opening Norton earlier, so I tried downloaded malwarebytes and I was not able to run it. I restarted my computer and then was able to open norton and download malwarebytes, I did a quick scan with malwarebytes and I have 5 malicious software on my computer, I then clicked Remove Selected, and restarted my pc, but then when I did another quick scan the same 5 things came up, I don't know how to get rid of these the 5 things that come up are: Stolen.Data (File) Stolen.Data (Folder) Trojan.FakeAlert (Registry Value) Malware.Trace (Registry Key) Trojan.Agent (Registry Value) Protection: Enabled 7/30/2013 5:55:23 PMMBAM-log-2013-07-30 (18-20-12).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 212525Time elapsed: 7 minute(s), 9 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKCU\Software\DC3_FEXEC (Malware.Trace) -> No action taken. Registry Values Detected: 2HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.FakeAlert) -> Data: %APPDATA%\Microsoft\update.exe,explorer.exe -> No action taken.HKCU\Software\Microsoft\Windows\CurrentVersion\Run|work (Trojan.Agent) -> Data: %APPDATA%\Microsoft\update.exe -> No action taken. Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 1C:\Users\nick\AppData\Roaming\dclogs (Stolen.Data) -> No action taken. Files Detected: 1C:\Users\nick\AppData\Roaming\dclogs\2013-07-30-3.dc (Stolen.Data) -> No action taken. (end) I also did a quickscan with Norton and none of these came up, I am currently doing a full system scan with norton. I really need help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.