Jump to content

My laptop is probably infected and malwarebytes doesnt stop giving me this message all the time


Recommended Posts

Hello and Happy Christmas !

Ive been having a problem lately with malwarebytes. Every time windows 7 starts, malwarebytes pops a message saying "Successfully blocked access to a potentially malicious website" and an ip number after this message. Then it says also type: outgoing and a port number that changes with every single window that pops up. The name of the process is svchost.exe. The thing is that when this happens my internet connection doesnt work at all and I can see an exclamation mark over the internet connection symbol. When I disable the website blocking option in malwarebytes the message stops and I can use my browser. I have eliminated some virus and trojans other antiviruses and antimalwares found in my laptop but I think that there must be something even more powerful there and I dont know what else to do.

Can anybody help me with this please ??

Thank you very much for your time !

Link to post
Share on other sites

Hello petimuky and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hello Maniac !!

Thank you for answering me so quickly !! :)

I read everything and followed instructions. The malwarebytes scan didnt find anything.

Here I leave the two logs from the dds.

Thank you very much !!! :)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457

Run by KADIR at 2:02:42 on 2012-12-25

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3022.2007 [GMT 1:00]

.

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\AVG\AVG2013\avgcfgex.exe

C:\Windows\system32\consent.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = www.google.com

mStart Page = www.google.com

uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Free YouTube Download - c:\users\kadir\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50} : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\244524573796E6563737845726D2634313 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\244524573796E6563737845726D2634313 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2445F40756E6A7F6E656 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2445F40756E6A7F6E656 : DHCPNameServer = 192.168.22.22 192.168.22.23

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2456C6B696E6F5436303431323 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2456C6B696E6F5436303431323 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\44166596E6369623 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\44166596E6369623 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\44D2C496E6B6 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\4514C4B44514C4B4D2644463144344 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\4514C4B44514C4B4D2644463144344 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\94E666F637472716461675966496 : NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\94E666F637472716461675966496 : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2012-4-20 462048]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-13 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-13 676936]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-12-11 364416]

R3 IntcDAud;Audio schermo Intel®;c:\windows\system32\drivers\IntcDAud.sys [2012-8-12 270336]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-13 22856]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-12-11 55104]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2012-8-12 238184]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-11-16 348776]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.17.20\ccSvcHst.exe [2012-8-12 126392]

S2 ServUpdater;Serv Updater;c:\users\kadir\appdata\local\servupdater\ServiceUpd.exe [2012-4-26 156160]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-3-24 15872]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-12-24 52224]

S3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2012-12-13 1343400]

.

=============== Created Last 30 ================

.

2012-12-24 19:15:42 240496 ----a-w- c:\windows\system32\drivers\netio.sys

2012-12-24 19:15:42 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-12-24 19:15:42 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-12-24 02:33:08 -------- d-----w- c:\windows\system32\SPReview

2012-12-24 02:09:41 50688 ----a-w- c:\windows\system32\umb.dll

2012-12-24 02:08:59 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll

2012-12-24 02:07:59 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys

2012-12-24 02:06:55 120320 ----a-w- c:\windows\system32\prntvpt.dll

2012-12-24 02:05:52 33792 ----a-w- c:\windows\system32\vbisurf.ax

2012-12-24 02:04:59 732160 ----a-w- c:\windows\system32\imapi2fs.dll

2012-12-24 02:03:56 283136 ----a-w- c:\windows\system32\qdv.dll

2012-12-24 02:02:55 640512 ----a-w- c:\windows\system32\advapi32.dll

2012-12-23 22:35:20 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-23 22:35:20 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-23 22:24:38 -------- d-----w- c:\windows\system32\EventProviders

2012-12-23 22:10:53 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-23 20:08:56 -------- d-----w- c:\users\kadir\appdata\roaming\AVG2013

2012-12-23 20:05:44 -------- d--h--w- C:\$AVG

2012-12-23 20:05:44 -------- d-----w- c:\programdata\AVG2013

2012-12-23 20:04:42 -------- d-----w- c:\program files\AVG

2012-12-23 19:49:29 -------- d-----w- c:\users\kadir\appdata\local\MFAData

2012-12-23 19:49:29 -------- d-----w- c:\users\kadir\appdata\local\Avg2013

2012-12-23 19:49:29 -------- d-----w- c:\programdata\MFAData

2012-12-21 13:34:20 -------- d-sh--w- C:\$RECYCLE.BIN

2012-12-21 13:34:19 -------- d-----w- c:\users\kadir\appdata\local\temp

2012-12-21 13:26:02 98816 ----a-w- c:\windows\sed.exe

2012-12-21 13:26:02 256000 ----a-w- c:\windows\PEV.exe

2012-12-21 13:26:02 208896 ----a-w- c:\windows\MBR.exe

2012-12-19 19:10:24 -------- d-----w- C:\_OTL

2012-12-15 13:22:40 -------- d-----w- c:\users\kadir\appdata\roaming\Anvisoft

2012-12-15 13:21:58 -------- d-----w- c:\programdata\Anvisoft

2012-12-15 13:21:55 -------- d-----w- c:\program files\Anvisoft

2012-12-15 05:48:31 -------- d-----w- c:\program files\VS Revo Group

2012-12-13 13:43:48 -------- d-----w- C:\_AT-Destroyer

2012-12-13 12:40:55 -------- d-----w- c:\users\kadir\appdata\local\VS Revo Group

2012-12-13 10:04:00 -------- d-----w- c:\users\kadir\appdata\roaming\Malwarebytes

2012-12-13 10:03:27 -------- d-----w- c:\programdata\Malwarebytes

2012-12-13 10:03:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-13 10:03:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-13 09:50:58 -------- d-----w- c:\users\kadir\appdata\roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-12-13 09:50:54 -------- d-----w- c:\program files\Adobe Download Assistant

2012-12-13 09:18:22 -------- d-----w- c:\program files\common files\Symantec Shared

2012-12-13 09:13:11 -------- d-----w- c:\programdata\Symantec

2012-12-13 08:02:41 -------- d-----w- c:\windows\system32\Wat

2012-12-11 10:51:14 -------- d-----w- c:\users\kadir\.smplayer

2012-12-11 10:46:56 -------- d-----w- c:\program files\common files\postureAgent

2012-12-11 10:46:14 55104 ----a-w- c:\windows\system32\drivers\HECI.sys

2012-12-11 10:38:59 -------- d-----w- c:\program files\SMPlayer

2012-12-11 10:36:00 -------- d-----w- c:\users\kadir\appdata\local\Shopping Sidekick

2012-12-11 10:35:28 -------- d-----w- c:\windows\system32\searchplugins

2012-12-11 10:35:28 -------- d-----w- c:\windows\system32\Extensions

2012-12-11 10:35:18 -------- d-----w- c:\users\kadir\appdata\roaming\BabSolution

2012-12-11 09:03:47 -------- d-----w- c:\program files\CCleaner

2012-12-11 08:51:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2012-12-11 04:45:35 -------- d-----w- c:\users\kadir\appdata\local\{EB5DAAB7-A182-4339-ABF3-B51B44308CA2}

2012-12-11 04:27:30 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{69761218-56b9-4291-a6ae-4e3af15a7c11}\mpengine.dll

2012-12-11 04:10:30 -------- d-----w- c:\users\kadir\appdata\local\{71F82E00-9B9C-45C1-A1DA-30090B73C273}

2012-12-11 03:45:11 -------- d-----w- c:\users\kadir\appdata\local\{D08F0529-94C1-48B7-A673-B34D56C8D669}

2012-12-10 23:31:29 -------- d-----w- c:\users\kadir\appdata\local\{CC87D56C-8CE6-4F89-83CB-8642066FBEA1}

2012-12-09 11:59:56 -------- d-----w- c:\users\kadir\appdata\local\{68F1786C-F2F9-4953-9C8E-5EF9743B71C7}

2012-12-07 02:24:04 -------- d-----w- c:\users\kadir\appdata\local\{0E018D35-2597-41A0-A245-EF26967410B3}

2012-12-05 23:58:57 -------- d-----w- c:\users\kadir\appdata\roaming\PCCUStubInstaller

2012-12-05 14:40:54 -------- d-----w- c:\users\kadir\appdata\local\{66D57F7F-99FE-4CAC-A929-1F444E63AD39}

2012-12-04 21:33:36 -------- d-----w- c:\programdata\PC Optimizer Pro

2012-12-04 21:23:21 -------- d-----w- c:\program files\PC Optimizer Pro

2012-12-04 21:23:13 -------- d-----w- c:\programdata\APN

2012-12-04 13:39:28 -------- d-----w- c:\users\kadir\appdata\local\{FA159ACB-8A7F-496A-A908-37300E321DFE}

2012-12-03 15:10:16 -------- d-----w- c:\users\kadir\appdata\local\{1E0351A9-559F-4ED2-BDA2-C18742A7B74F}

2012-12-02 13:24:05 -------- d-----w- c:\users\kadir\appdata\local\{AE540601-4620-4362-89F0-694787072246}

2012-12-01 23:36:39 -------- d-----w- c:\users\kadir\appdata\local\{763299DF-0516-41B9-9585-87C93C67F26A}

2012-12-01 04:12:47 -------- d-----w- c:\users\kadir\appdata\local\{5D965B36-0C9E-4184-ADE7-7D1A82E0FED1}

2012-11-30 16:11:21 -------- d-----w- c:\users\kadir\appdata\local\{43780253-EAA0-403F-AAEF-1164A0E2B4BE}

2012-11-29 15:10:52 -------- d-----w- c:\users\kadir\appdata\local\{ED9FCDD2-4F72-45A0-9812-E06F1E12BAD9}

2012-11-28 14:46:34 -------- d-----w- c:\users\kadir\appdata\local\{082BEB73-D9CB-40AB-87D5-AA9A1542FB22}

2012-11-27 13:15:29 -------- d-----w- c:\users\kadir\appdata\local\{0768D7E3-B740-482D-9F88-7470A93D2951}

2012-11-26 15:55:38 -------- d-----w- c:\users\kadir\appdata\local\{61F077A3-CF6E-4E88-91DC-9A53E6B9F2DE}

.

==================== Find3M ====================

.

2012-12-24 02:40:02 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-12-15 13:08:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-15 13:08:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-22 02:56:02 2345984 ----a-w- c:\windows\system32\win32k.sys

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll

2012-10-22 12:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2012-10-15 02:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll

2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe

2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-10-02 02:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys

.

============= FINISH: 2:03:30,71 ===============

And this is the other one:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 24/03/2012 14:50:48

System Uptime: 24/12/2012 22:15:06 (4 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core i3-2330M CPU @ 2.20GHz | N/A | 2200/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 437,248 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Description: Generic Bluetooth Adapter

Device ID: USB\VID_0489&PID_E027\6&23230D7F&0&5

Manufacturer: GenericAdapter

Name: Generic Bluetooth Adapter

PNP Device ID: USB\VID_0489&PID_E027\6&23230D7F&0&5

Service: BTHUSB

.

==== System Restore Points ===================

.

RP197: 23/12/2012 23:25:03 - Windows 7 Service Pack 1

RP198: 24/12/2012 3:31:52 - Windows Update

RP199: 24/12/2012 20:16:53 - Windows Update

.

==== Installed Programs ======================

.

Updater

Adobe AIR

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Atheros WiFi Driver Installation

aTube Catcher

AVG 2013

CCleaner

D3DX10

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Trusted Connect Service Client

Malwarebytes Anti-Malware versión 1.65.1.1000

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Revo Uninstaller 1.94

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Skype™ 5.10

SMPlayer 0.6.9

VLC media player 2.0.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR 4.11 (32-bit)

.

==== End Of File ===========================

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Hi Maniac!

I did what you told me and here is the log. Thank you very much again! :)

ComboFix 12-12-25.02 - KADIR 25/12/2012 20:08:07.2.4 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3022.1839 [GMT 1:00]

Eseguito da: c:\users\KADIR\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Creati Da 2012-11-25 al 2012-12-25 )))))))))))))))))))))))))))))))))))

.

.

2012-12-25 19:13 . 2012-12-25 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-24 19:15 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-12-24 19:15 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys

2012-12-24 19:15 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-12-24 02:33 . 2012-12-24 02:33 -------- d-----w- c:\windows\system32\SPReview

2012-12-24 02:09 . 2010-11-20 12:21 50688 ----a-w- c:\windows\system32\umb.dll

2012-12-24 02:08 . 2010-11-20 12:21 105984 ----a-w- c:\windows\system32\WPDShServiceObj.dll

2012-12-24 02:07 . 2010-11-20 12:21 156672 ----a-w- c:\windows\system32\winsta.dll

2012-12-24 02:06 . 2010-11-20 12:20 120320 ----a-w- c:\windows\system32\prntvpt.dll

2012-12-24 02:05 . 2010-11-20 12:16 33792 ----a-w- c:\windows\system32\vbisurf.ax

2012-12-24 02:04 . 2010-11-20 12:20 165376 ----a-w- c:\windows\system32\provsvc.dll

2012-12-24 02:03 . 2010-11-20 12:20 283136 ----a-w- c:\windows\system32\qdv.dll

2012-12-24 02:02 . 2010-11-20 12:18 640512 ----a-w- c:\windows\system32\advapi32.dll

2012-12-23 22:35 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-23 22:35 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-23 22:24 . 2012-12-23 22:24 -------- d-----w- c:\windows\system32\EventProviders

2012-12-23 22:10 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll

2012-12-23 20:08 . 2012-12-23 20:08 -------- d-----w- c:\users\KADIR\AppData\Roaming\AVG2013

2012-12-23 20:05 . 2012-12-23 20:07 -------- d-----w- c:\programdata\AVG2013

2012-12-23 20:05 . 2012-12-23 20:05 -------- d-----w- C:\$AVG

2012-12-23 20:04 . 2012-12-23 20:04 -------- d-----w- c:\program files\AVG

2012-12-23 19:49 . 2012-12-25 19:03 -------- d-----w- c:\programdata\MFAData

2012-12-23 19:49 . 2012-12-23 21:12 -------- d-----w- c:\users\KADIR\AppData\Local\Avg2013

2012-12-23 19:49 . 2012-12-23 19:49 -------- d-----w- c:\users\KADIR\AppData\Local\MFAData

2012-12-21 13:34 . 2012-12-25 19:13 -------- d-----w- c:\users\KADIR\AppData\Local\temp

2012-12-19 19:10 . 2012-12-19 19:10 -------- d-----w- C:\_OTL

2012-12-15 13:22 . 2012-12-19 18:57 -------- d-----w- c:\users\KADIR\AppData\Roaming\Anvisoft

2012-12-15 13:21 . 2012-12-15 13:21 -------- d-----w- c:\programdata\Anvisoft

2012-12-15 13:21 . 2012-12-19 18:57 -------- d-----w- c:\program files\Anvisoft

2012-12-15 05:48 . 2012-12-15 05:48 -------- d-----w- c:\program files\VS Revo Group

2012-12-13 13:43 . 2012-12-15 14:46 -------- d-----w- C:\_AT-Destroyer

2012-12-13 12:40 . 2012-12-13 12:40 -------- d-----w- c:\users\KADIR\AppData\Local\VS Revo Group

2012-12-13 10:04 . 2012-12-13 10:04 -------- d-----w- c:\users\KADIR\AppData\Roaming\Malwarebytes

2012-12-13 10:03 . 2012-12-13 10:03 -------- d-----w- c:\programdata\Malwarebytes

2012-12-13 10:03 . 2012-12-13 10:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-13 10:03 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-13 09:50 . 2012-12-13 09:50 -------- d-----w- c:\users\KADIR\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-12-13 09:50 . 2012-12-15 13:50 -------- d-----w- c:\program files\Adobe Download Assistant

2012-12-13 09:50 . 2012-12-13 09:50 -------- d-----w- c:\program files\Common Files\Adobe AIR

2012-12-13 09:18 . 2012-12-16 23:22 -------- d-----w- c:\program files\Common Files\Symantec Shared

2012-12-13 09:13 . 2012-12-13 09:13 -------- d-----w- c:\programdata\Symantec

2012-12-13 08:02 . 2012-12-13 08:02 -------- d-----w- c:\windows\system32\Wat

2012-12-11 10:51 . 2012-12-24 02:48 -------- d-----w- c:\users\KADIR\.smplayer

2012-12-11 10:47 . 2012-12-11 10:47 -------- d-----w- c:\programdata\Intel

2012-12-11 10:46 . 2012-12-11 10:46 -------- d-----w- c:\program files\Common Files\postureAgent

2012-12-11 10:46 . 2000-01-01 00:00 55104 ----a-w- c:\windows\system32\drivers\HECI.sys

2012-12-11 10:38 . 2012-12-11 10:39 -------- d-----w- c:\program files\SMPlayer

2012-12-11 10:36 . 2012-12-11 10:36 -------- d-----w- c:\users\KADIR\AppData\Local\Shopping Sidekick

2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\windows\system32\searchplugins

2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\windows\system32\Extensions

2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\users\KADIR\AppData\Roaming\BabSolution

2012-12-11 09:03 . 2012-12-11 09:03 -------- d-----w- c:\program files\CCleaner

2012-12-11 08:51 . 2012-12-11 08:51 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-12-11 04:27 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69761218-56B9-4291-A6AE-4E3AF15A7C11}\mpengine.dll

2012-12-11 02:31 . 2012-12-11 02:31 -------- d-----w- c:\program files\Microsoft.NET

2012-12-05 23:58 . 2012-12-11 10:53 -------- d-----w- c:\users\KADIR\AppData\Roaming\PCCUStubInstaller

2012-12-04 21:33 . 2012-12-04 21:33 -------- d-----w- c:\programdata\PC Optimizer Pro

2012-12-04 21:23 . 2012-12-05 14:39 -------- d-----w- c:\program files\PC Optimizer Pro

2012-12-04 21:23 . 2012-12-04 21:23 -------- d-----w- c:\programdata\APN

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-24 02:40 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-12-15 13:08 . 2012-03-30 00:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-15 13:08 . 2012-03-30 00:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-22 12:02 . 2012-10-22 12:02 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2012-10-15 02:48 . 2012-10-15 02:48 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2012-10-05 02:32 . 2012-10-05 02:32 93536 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2012-10-02 02:30 . 2012-10-02 02:30 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys

.

.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* i valori vuoti & legittimi/default non sono visualizzati.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2000-01-01 145440]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2000-01-01 180768]

"Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 189472]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [x]

R2 ServUpdater;Serv Updater;c:\users\KADIR\AppData\Local\ServUpdater\ServiceUpd.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 IntcDAud;Audio schermo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]

.

.

Contenuto della cartella 'Scheduled Tasks'

.

2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 13:08]

.

.

------- Scansione supplementare -------

.

uStart Page = www.google.com

mStart Page = www.google.com

uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}

IE: Free YouTube Download - c:\users\KADIR\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\244524573796E6563737845726D2634313: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2445F40756E6A7F6E656: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2456C6B696E6F5436303431323: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\44166596E6369623: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\4514C4B44514C4B4D2644463144344: NameServer = 176.31.229.24,176.31.229.25

TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\94E666F637472716461675966496: NameServer = 176.31.229.24,176.31.229.25

.

- - - - CHIAVI ORFANE RIMOSSE - - - -

.

MSConfigStartUp-CommonToolkitTray - c:\program files\Fighters\Tray\FightersTray.exe

MSConfigStartUp-Facebook Update - c:\users\KADIR\AppData\Local\Facebook\Update\FacebookUpdate.exe

MSConfigStartUp-FDPRO-516 - c:\program files\Fighters\FighterLauncher.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]

"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.17.20\diMaster.dll\" /prefetch:1"

.

--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

.

[HKEY_USERS\S-1-5-21-2433817375-573850760-1329335535-1000\Software\Microsoft\Internet Explorer\Approved Extensions]

@DACL=(02 0000)

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,3b,1b,98,47,3d,

9d,81,c6,7e,09,a2,dc,eb,58,90,13,a3,e1

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,26,

8a,36,17,d1,00,91,c0,16,24,73,4c,25,d2

"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,

57,8a,32,14,0d,8f,f9,ba,9b,00,71,3f,61

"{D0F4A166-B8D4-48B8-9D63-80849FE137CB}"=hex:51,66,7a,6c,4c,1d,3b,1b,76,bd,e2,

ca,e0,e3,d6,02,82,6f,c7,c4,9a,a5,71,df

"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,84,9e,

82,19,1f,b3,03,86,db,9b,c6,6e,ac,3b,a8

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,3b,1b,7b,fd,cb,

85,5b,d8,68,02,b4,13,53,15,ce,ab,b4,9d

"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,

94,19,f6,d1,02,b3,21,96,3f,05,cd,cb,12

"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,cb,fa,

34,70,03,f7,00,ab,ba,53,2b,fd,46,27,2f

"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,60,14,

ce,7e,4e,08,0a,be,a1,05,03,dd,56,32,54

"{11111111-1111-1111-1111-110011501158}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0d,07,

0b,25,4a,7f,5b,0e,1d,56,40,14,14,57,4c

"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1a,64,

e7,ea,c4,23,02,ba,86,4c,eb,44,15,8c,cc

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Ora fine scansione: 2012-12-25 20:16:50

ComboFix-quarantined-files.txt 2012-12-25 19:16

ComboFix2.txt 2012-12-21 13:34

.

Pre-Run: 468.632.121.344 byte disponibili

Post-Run: 468.579.110.912 byte disponibili

.

- - End Of File - - 90F1A571BFD419BCDB67B2149AE6ED84

Link to post
Share on other sites

Please can everyone help me with this ?? I still have my laptop infected and I cant use my laptop because malwarebytes says there is a malicious website trying to access. Im desperate because I need to use my laptop and I cant. And also there are these toolbars at the top of my google chrome browser that always pop up whenever I try to remove them :(

Does anybody know what I can do to remove this virus ??

Thanks !

Link to post
Share on other sites

Yes, during the holidays I couldn't be here.

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.