Jump to content

cpocholo

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

Reputation

0 Neutral
  1. cpocholo
    I think its ok sir....because since I installed the adblock there's no pop up alert.
  2. cpocholo
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-10-2015 02 Ran by Pocholo (administrator) on POCHOLO-PC (29-10-2015 06:46:49) Running from C:\Users\Pocholo\Downloads Loaded Profiles: Pocholo & (Available Profiles: Pocholo) Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-1243576578-3494730903-3224598209-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2015-10-21] (SUPERAntiSpyware) HKU\S-1-5-21-1243576578-3494730903-3224598209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2015-10-21] (SUPERAntiSpyware) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{20A3354F-6CC5-4023-8959-A7373639936E}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{20A3354F-6CC5-4023-8959-A7373639936E}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1243576578-3494730903-3224598209-1001\Software\Microsoft\Internet Explorer\Main,Start Page = gogoanime.com HKU\S-1-5-21-1243576578-3494730903-3224598209-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp HKU\S-1-5-21-1243576578-3494730903-3224598209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = gogoanime.com HKU\S-1-5-21-1243576578-3494730903-3224598209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp FireFox: ======== FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-18] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-18] CHR Extension: (Google Docs) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18] CHR Extension: (Google Drive) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18] CHR Extension: (Google Search) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Tampermonkey) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-10-20] CHR Extension: (SmarterPassword) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahdkacgpocedihpehmmhbcadaaacdmf [2015-10-24] CHR Extension: (Google Sheets) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-18] CHR Extension: (Google Docs Offline) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-18] CHR Extension: (Gmail) - C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18] CHR HKU\S-1-5-21-1243576578-3494730903-3224598209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1243576578-3494730903-3224598209-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-10-22] (SurfRight B.V.) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 eapihdrv; C:\Users\Pocholo\AppData\Local\Temp\ehdrv.sys [135760 2015-10-28] (ESET) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-29] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-29 06:46 - 2015-10-29 06:47 - 00008020 _____ C:\Users\Pocholo\Downloads\FRST.txt 2015-10-29 06:23 - 2015-10-29 06:26 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-10-29 06:22 - 2015-10-29 06:22 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-10-29 06:22 - 2015-10-29 06:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-10-29 06:22 - 2015-10-29 06:22 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-10-29 06:22 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-10-29 06:22 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-10-29 06:22 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-10-29 06:16 - 2015-10-29 06:20 - 00000000 ____D C:\AdwCleaner 2015-10-29 06:15 - 2015-10-29 06:15 - 01694208 _____ C:\Users\Pocholo\Downloads\adwcleaner_5.015.exe 2015-10-29 00:53 - 2015-10-29 06:46 - 00000000 ____D C:\FRST 2015-10-29 00:52 - 2015-10-29 00:52 - 01701376 _____ (Farbar) C:\Users\Pocholo\Downloads\FRST.exe 2015-10-28 13:51 - 2015-10-28 13:51 - 00000000 ____D C:\Program Files\ESET 2015-10-28 13:50 - 2015-10-28 13:50 - 02870984 _____ (ESET) C:\Users\Pocholo\Downloads\esetsmartinstaller_enu.exe 2015-10-28 13:34 - 2015-10-28 13:35 - 01801288 _____ (Malwarebytes) C:\Users\Pocholo\Downloads\JRT.exe 2015-10-28 13:24 - 2015-10-28 13:24 - 00000000 ____D C:\Windows\ERDNT 2015-10-28 13:23 - 2015-10-28 13:23 - 00000898 _____ C:\Users\Pocholo\Desktop\NTREGOPT.lnk 2015-10-28 13:23 - 2015-10-28 13:23 - 00000879 _____ C:\Users\Pocholo\Desktop\ERUNT.lnk 2015-10-28 13:23 - 2015-10-28 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\erunt 2015-10-28 13:23 - 2015-10-28 13:23 - 00000000 ____D C:\Program Files\ERUNT 2015-10-28 13:15 - 2015-10-28 13:15 - 00791393 _____ (Lars Hederer ) C:\Users\Pocholo\Downloads\erunt-setup.exe 2015-10-28 13:12 - 2015-10-28 13:13 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Pocholo\Downloads\rkill.exe 2015-10-28 05:20 - 2015-10-29 06:21 - 00000784 _____ C:\Windows\setupact.log 2015-10-28 05:20 - 2015-10-28 05:20 - 00000354 _____ C:\Windows\PFRO.log 2015-10-28 05:20 - 2015-10-28 05:20 - 00000000 _____ C:\Windows\setuperr.log 2015-10-28 04:45 - 2015-10-28 04:45 - 00000288 _____ C:\Users\Pocholo\Documents\cc_20151028_044517.reg 2015-10-28 04:45 - 2015-10-28 04:45 - 00000180 _____ C:\Users\Pocholo\Documents\cc_20151028_044529.reg 2015-10-27 22:59 - 2015-10-27 23:00 - 00000000 ___HD C:\Program Files\Temp 2015-10-27 22:59 - 2015-10-27 22:59 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-10-27 22:59 - 2015-10-27 22:59 - 00000000 ____D C:\Program Files\Realtek 2015-10-27 22:59 - 2014-10-23 17:34 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-10-27 22:57 - 2015-10-27 22:57 - 00000000 ____D C:\Intel 2015-10-27 16:34 - 2015-10-27 16:34 - 00000000 ____D C:\Windows\pss 2015-10-27 04:11 - 2015-10-27 04:11 - 00000000 ____D C:\Users\Nikko\AppData\Roaming\Apple Computer 2015-10-27 04:10 - 2015-10-27 04:10 - 00001417 _____ C:\Users\Nikko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-27 04:10 - 2015-10-27 04:10 - 00000020 ___SH C:\Users\Nikko\ntuser.ini 2015-10-27 04:10 - 2015-10-27 04:10 - 00000000 ____D C:\Users\Nikko\AppData\Local\VirtualStore 2015-10-27 04:10 - 2015-10-27 04:10 - 00000000 ____D C:\Users\Nikko\AppData\Local\Google 2015-10-27 04:10 - 2015-10-27 04:10 - 00000000 ____D C:\Users\Nikko 2015-10-27 04:10 - 2009-07-13 21:42 - 00000000 ___RD C:\Users\Nikko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-27 04:10 - 2009-07-13 21:37 - 00000000 ___RD C:\Users\Nikko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-10-25 13:49 - 2015-10-29 00:59 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e6c163d8-d52b-4f8c-971d-79741c668e28.job 2015-10-25 13:49 - 2015-10-28 02:00 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c3eda460-696f-466a-b51c-a76c737e0f9b.job 2015-10-24 21:35 - 2015-10-24 21:36 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\Pocholo\Downloads\procexp.exe 2015-10-24 21:32 - 2015-10-29 06:24 - 00081671 _____ C:\Windows\WindowsUpdate.log 2015-10-24 21:29 - 2015-10-24 21:29 - 00000079 _____ C:\Windows\wininit.ini 2015-10-24 20:56 - 2015-10-24 20:56 - 00000000 ____D C:\Program Files\Common Files\AV 2015-10-24 20:46 - 2015-10-24 21:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-10-24 20:45 - 2015-10-24 21:29 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2 2015-10-24 20:36 - 2015-10-24 20:37 - 01186640 _____ C:\Users\Pocholo\Downloads\ProcessExplorer.zip 2015-10-24 13:35 - 2015-10-24 13:35 - 00000000 ____D C:\Users\Pocholo\.android 2015-10-24 11:55 - 2015-10-24 11:59 - 22908888 _____ (Malwarebytes ) C:\Users\Pocholo\Downloads\mbam-setup-2.2.0.1024.exe 2015-10-22 23:01 - 2015-10-22 23:01 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2015-10-22 22:54 - 2015-10-22 23:02 - 00155400 _____ (SurfRight B.V.) C:\Windows\system32\LnkProtect.dll 2015-10-22 22:54 - 2015-10-22 23:02 - 00000000 ____D C:\ProgramData\HitmanPro 2015-10-22 22:54 - 2015-10-22 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2015-10-22 22:54 - 2015-10-22 22:54 - 00000000 ____D C:\Program Files\HitmanPro 2015-10-21 23:10 - 2015-10-21 23:10 - 00000000 ____H C:\Users\Pocholo\Documents\Default.rdp 2015-10-21 15:31 - 2015-10-21 15:31 - 00000000 ____D C:\ProgramData\VIPRE 2015-10-21 15:31 - 2013-05-23 08:39 - 00043368 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys 2015-10-21 15:06 - 2014-01-22 07:34 - 00044424 _____ (GFI Software) C:\Windows\system32\sbbd.exe 2015-10-20 23:03 - 2015-10-20 23:03 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-20 15:22 - 2015-10-20 15:23 - 00000000 ____D C:\Users\Pocholo\AppData\Roaming\Apple Computer 2015-10-20 15:22 - 2015-10-20 15:22 - 00000000 ____D C:\Users\Pocholo\AppData\Local\Apple Computer 2015-10-20 15:21 - 2015-10-20 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-20 15:21 - 2015-10-20 23:03 - 00000000 ____D C:\Program Files\iTunes 2015-10-20 15:21 - 2015-10-20 15:21 - 00000000 ____D C:\ProgramData\Apple Computer 2015-10-20 15:21 - 2015-10-20 15:21 - 00000000 ____D C:\Program Files\iPod 2015-10-20 15:20 - 2015-10-20 15:20 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-10-20 15:20 - 2015-10-20 15:20 - 00000000 ____D C:\Users\Pocholo\AppData\Local\Apple 2015-10-20 15:20 - 2015-10-20 15:20 - 00000000 ____D C:\Program Files\Bonjour 2015-10-20 15:20 - 2015-10-20 15:20 - 00000000 ____D C:\Program Files\Apple Software Update 2015-10-20 15:19 - 2015-10-20 15:21 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-20 15:19 - 2015-10-20 15:20 - 00000000 ____D C:\ProgramData\Apple 2015-10-20 15:17 - 2015-10-20 15:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-10-19 22:47 - 2015-10-19 22:47 - 00000000 ____D C:\Users\Pocholo\AppData\Roaming\WinRAR 2015-10-19 22:46 - 2015-10-19 22:46 - 00000000 ____D C:\Users\Pocholo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-19 22:46 - 2015-10-19 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-19 22:45 - 2015-10-19 22:46 - 00000000 ____D C:\Program Files\WinRAR 2015-10-19 17:05 - 2015-10-19 17:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-19 16:59 - 2015-10-19 16:59 - 00000000 ____D C:\Users\Pocholo\AppData\Roaming\SUPERAntiSpyware.com 2015-10-19 16:58 - 2015-10-25 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-10-19 16:58 - 2015-10-21 16:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-10-19 16:58 - 2015-10-19 16:58 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk 2015-10-19 16:58 - 2015-10-19 16:58 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2015-10-19 08:54 - 2015-10-19 08:54 - 00000000 ____D C:\Users\Pocholo\AppData\Local\Apps\2.0 2015-10-19 08:54 - 2015-10-18 17:56 - 00000000 ____D C:\Users\Pocholo\AppData\Local\Deployment 2015-10-19 08:52 - 2015-10-29 06:26 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-19 02:14 - 2015-10-19 17:03 - 00000000 ____D C:\Windows\Panther 2015-10-19 01:26 - 2015-10-19 01:26 - 00057560 _____ C:\Users\Pocholo\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-19 01:23 - 2015-10-24 13:35 - 00000000 ____D C:\Users\Pocholo 2015-10-19 01:23 - 2015-10-19 01:23 - 00001417 _____ C:\Users\Pocholo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-19 01:23 - 2015-10-19 01:23 - 00000020 ___SH C:\Users\Pocholo\ntuser.ini 2015-10-19 01:23 - 2015-10-19 01:23 - 00000000 ____D C:\Users\Pocholo\AppData\Local\VirtualStore 2015-10-19 01:23 - 2009-07-13 21:42 - 00000000 ___RD C:\Users\Pocholo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-19 01:23 - 2009-07-13 21:37 - 00000000 ___RD C:\Users\Pocholo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-10-19 01:21 - 2015-10-19 01:21 - 00000000 __SHD C:\Recovery 2015-10-19 01:18 - 2015-10-19 01:18 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-10-19 01:18 - 2015-10-19 01:18 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-10-19 01:16 - 2015-10-19 01:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2015-10-18 18:17 - 2015-06-23 13:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-10-18 18:03 - 2015-10-23 22:08 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-18 18:03 - 2015-10-18 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-18 17:56 - 2015-10-29 06:21 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-18 17:56 - 2015-10-29 06:01 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-18 17:56 - 2015-10-19 11:16 - 00000000 ____D C:\Users\Pocholo\AppData\Local\Google 2015-10-18 17:56 - 2015-10-18 18:03 - 00000000 ____D C:\Program Files\Google ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-29 06:21 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-28 11:23 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\NDF 2015-10-28 10:09 - 2009-07-13 21:34 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-28 10:09 - 2009-07-13 21:34 - 00009776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-28 02:44 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system 2015-10-24 14:47 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-10-24 14:34 - 2009-07-13 19:37 - 00000000 __RHD C:\Users\Public\Libraries 2015-10-21 23:01 - 2009-07-14 00:48 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-10-21 13:28 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\LiveKernelReports 2015-10-20 14:25 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\LogFiles 2015-10-19 02:14 - 2009-07-13 21:57 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG 2015-10-19 02:14 - 2009-07-13 21:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2015-10-19 01:26 - 2009-07-13 21:52 - 00000000 ____D C:\Windows\system32\restore 2015-10-19 01:26 - 2009-07-13 16:40 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2015-10-19 01:26 - 2009-07-13 16:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2015-10-19 01:26 - 2009-07-13 16:24 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-10-19 01:19 - 2009-07-13 21:33 - 00266808 _____ C:\Windows\system32\FNTCACHE.DAT 2015-10-19 01:18 - 2009-07-13 21:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-10-19 01:18 - 2009-07-13 19:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-19 01:15 - 2009-07-14 00:49 - 00000000 ____D C:\Windows\CSC Some files in TEMP: ==================== C:\Users\Pocholo\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-22 17:53 ==================== End of FRST.txt ============================
  3. cpocholo
    HERE IS THE MALWAREBYTES LOG Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/29/2015 Scan Time: 6:46 AM Logfile: MALWARE.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.10.28.02 Rootkit Database: v2015.10.23.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 CPU: x86 File System: NTFS User: Pocholo Scan Type: Threat Scan Result: Completed Objects Scanned: 310141 Time Elapsed: 12 min, 9 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  4. cpocholo
    HERE IS THE ADWCLEANER LOG # AdwCleaner v5.015 - Logfile created 29/10/2015 at 06:20:23 # Updated 26/10/2015 by Xplode # Database : 2015-10-26.2 [server] # Operating system : Windows 7 Ultimate (x86) # Username : Pocholo - POCHOLO-PC # Running from : C:\Users\Pocholo\Downloads\adwcleaner_5.015.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] [C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : aol.com [-] [C:\Users\Pocholo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com ************************* :: Proxy settings cleared :: Winsock settings cleared :: TCP/IP settings cleared :: Firewall settings cleared :: IPSec settings cleared :: BITS queue cleared :: Chrome policies deleted ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1036 bytes] ##########
  5. cpocholo
    please help me with pops up adware......I already did the following instruction and here is the Farbar Recovery Scan Tool results.FRST.txtAddition.txt
  6. cpocholo
    please help me with pop ups adware.....when I open some webpage there is some random ads and my internet runs slowly... please help me.. :'(
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.