Jump to content

Malicious Website Blocking Disabled


Sivana

Recommended Posts

Hi, this is my first time posting here in your forums, though I have had your product for a long time now. A while back (few months or so) I noticed that the IP module was changed from "Enabled" to "Partially Enabled" and that the malicious website blocking box was unchecked. I tried to check it but it doesn't turn back on. I have followed the FAQ section K for the Avast! 6 exclusions and rebooted, but nothing has changed. I have run numerous scans and tested my other protection software. Malwarebytes website blocking seems to be the only thing having trouble turning on.

I have Windows 7 64bit. I use Avast! Internet Security 7, Spybot Search & Destroy 1.6 and sometimes clean up with CCleaner. I read somewhere about someone who had my problem and was asked to paste the scan log from RougeKiller (just the log, not to fix anything). I'll paste mine here in case that helps get the ball rolling. Please let me know what else I should use to get a scan log.

RogueKiller V8.4.3 _x64_ [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Sivie [Admin rights]

Mode : Scan -- Date : 01/19/2013 12:04:12

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤

[TASK][sUSP PATH] winupd : C:\Users\Sivie\AppData\Local\Temp:winupd.exe -> FOUND

[HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyDocs (0) -> FOUND

[HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyPics (0) -> FOUND

[HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ SMENU] HKCU\[...]\Services\Microsoft\Advanced : Start_TrackProgs (0) -> FOUND

[HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKX-001CA SCSI Disk Device +++++

--- User ---

[MBR] 40b0a84d76d8d6c73ab5d025006b5d35

[bSP] 6a9d56f5cf2c5703b7c73733e02cf1ff : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[2]_S_01192013_02d1204.txt >>

RKreport[1]_S_11122012_02d1012.txt ; RKreport[2]_S_01192013_02d1204.txt

Btw, I had to make a second scan because I recently ran a registry cleaner and there were a lot of issues to fix. I wasn't sure if this would have an affect on the log or not.

Link to post
Share on other sites

Hello Sivana and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Btw, I had to make a second scan because I recently ran a registry cleaner and there were a lot of issues to fix. I wasn't sure if this would have an affect on the log or not.

It is not recommended that you use the Registry feature unless you are very familiar with the registry as it has been known to find legitimate items for removal, which can cause issues with other programs. I suggest you to read this article:

http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_32

Run by Sivie at 17:54:18 on 2013-01-19

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.6604 [GMT -7:00]

.

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SysWOW64\XSrvSetup.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

StartupFolder: C:\Users\Sivie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AdFender.lnk - C:\Program Files (x86)\AdFender\AdFender.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Free YouTube Download - C:\Users\Sivie\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: LastPass - C:\Users\Sivie\AppData\LocalLow\LastPass\context.html?cmd=lastpass

IE: LastPass Fill Forms - C:\Users\Sivie\AppData\LocalLow\LastPass\context.html?cmd=fillforms

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{4962AA5A-DEA8-44BA-A383-5CBF9E73D14C} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E8685C2B-2F7F-4A03-AB58-CED127927242} : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Sivie\AppData\Roaming\Mozilla\Firefox\Profiles\5zisdtmu.default\

FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en&source=mpes

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Users\Sivie\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll

FF - plugin: C:\Users\Sivie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Sivie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2012-12-24 20:16; {37fa1426-b82d-11db-8314-0800200c9a66}; C:\Users\Sivie\AppData\Roaming\Mozilla\Firefox\Profiles\5zisdtmu.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-2-7 12368]

R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-2-7 262656]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-10-16 52856]

R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-2-7 132864]

R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-2-26 21136]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-2-7 984144]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-2-7 370288]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-1-10 279616]

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2012/02/28 17:51:03];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2010-1-12 146928]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-2-7 25232]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-2-7 71600]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-12 44808]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-11-12 133912]

R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2012-1-8 72304]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-17 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-17 682344]

R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-1-5 46592]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-8 46136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-1-19 24176]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11-20 75776]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-11-20 177152]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-8 347680]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-8 1153368]

S3 P0620VID;Creative WebCam Instant;C:\Windows\System32\drivers\P0620Vid.sys [2012-11-5 126848]

S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2012-1-8 438784]

S3 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2012-10-16 5414184]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-25 59392]

S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2012-10-16 18216]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-8 1255736]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S4 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2012-10-16 127272]

.

=============== Created Last 30 ================

.

2013-01-19 18:12:34 -------- d-----w- C:\Users\Sivie\AppData\Local\Programs

2013-01-18 17:53:07 -------- d-----w- C:\Program Files (x86)\AMD AVT

2013-01-18 17:53:01 -------- d-----w- C:\Program Files (x86)\AMD APP

2013-01-15 19:57:08 -------- d-----w- C:\Users\Sivie\AppData\Roaming\MinMaxGames

2013-01-14 20:35:07 -------- d-----w- C:\Users\Sivie\AppData\Local\Daedalic Entertainment

2013-01-12 02:18:35 -------- d-----w- C:\Program Files (x86)\TERA

2013-01-05 23:38:39 -------- d-----w- C:\Users\Sivie\AppData\Roaming\logs

2012-12-29 19:05:20 -------- d-----w- C:\Users\Sivie\AppData\Roaming\collection

2012-12-25 11:32:24 -------- d-----w- C:\Users\Sivie\AppData\Roaming\GameRanger

2012-12-24 02:33:26 -------- d-----w- C:\GOG Games

2012-12-23 22:09:50 -------- d-----w- C:\Users\Sivie\AppData\Roaming\LoneSurvivor

2012-12-23 21:57:21 -------- d-----w- C:\Users\Sivie\AppData\Local\GOG.com

2012-12-23 21:57:15 -------- d-----w- C:\Program Files (x86)\GOG.com

2012-12-23 04:30:52 -------- d-----w- C:\Users\Sivie\AppData\Roaming\Natural Selection 2

2012-12-22 23:38:38 19131904 ----a-w- C:\Windows\SysWow64\rapture3d_oal.dll

2012-12-22 23:38:37 -------- d-----w- C:\Program Files (x86)\BRS

.

==================== Find3M ====================

.

2013-01-14 22:33:47 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-14 22:33:47 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-22 23:38:36 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2012-12-22 23:38:36 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2012-12-22 23:38:36 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2012-12-22 23:38:35 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2012-12-19 22:45:12 222720 ----a-w- C:\Windows\System32\clinfo.exe

2012-12-19 22:44:48 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-12-19 22:44:42 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-12-19 22:44:36 64000 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-12-19 22:44:32 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-12-19 22:44:20 34518016 ----a-w- C:\Windows\System32\amdocl64.dll

2012-12-19 22:38:48 28732928 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-12-19 20:50:14 5630200 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-12-19 20:48:48 11278336 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-12-19 20:29:36 23461376 ----a-w- C:\Windows\System32\atio6axx.dll

2012-12-19 20:22:50 70144 ----a-w- C:\Windows\System32\coinst_9.012.dll

2012-12-19 20:19:46 163840 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-12-19 20:18:04 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-12-19 20:18:02 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-12-19 20:17:54 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-12-19 20:17:52 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-12-19 20:17:40 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-12-19 20:13:24 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-12-19 20:12:44 18982400 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-12-19 20:09:52 960512 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-12-19 20:08:04 1151488 ----a-w- C:\Windows\System32\aticfx64.dll

2012-12-19 20:06:00 6681088 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-12-19 19:59:44 5087744 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-12-19 19:57:00 442368 ----a-w- C:\Windows\System32\atidemgy.dll

2012-12-19 19:56:46 550912 ----a-w- C:\Windows\System32\atieclxx.exe

2012-12-19 19:56:00 240640 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-12-19 19:54:38 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-12-19 19:54:22 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-12-19 19:54:18 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-12-19 19:54:12 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-12-19 19:49:00 7370752 ----a-w- C:\Windows\System32\atidxx64.dll

2012-12-19 19:44:28 4162048 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-12-19 19:44:12 6786560 ----a-w- C:\Windows\System32\atiumd64.dll

2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\atimpc64.dll

2012-12-19 19:33:50 56320 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-12-19 19:33:42 619008 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-12-19 19:33:40 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2012-12-19 19:33:32 421888 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-12-19 19:33:18 17920 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-12-19 19:33:14 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-12-19 19:33:14 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-12-19 19:33:10 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-12-19 19:33:04 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-12-19 19:32:54 552960 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-12-19 19:31:14 130048 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-12-19 19:31:08 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-12-19 19:31:00 104448 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-12-19 19:30:52 83968 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-12-19 19:30:16 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-12-14 23:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-26 03:04:44 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-11-26 03:04:44 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-11-15 20:01:28 54784 ----a-w- C:\Windows\System32\OpenCL.dll

2012-11-15 20:01:24 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-11-06 11:11:52 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys

2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

2012-10-30 23:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-10-30 23:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-10-30 23:51:55 262656 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys

2012-10-30 23:51:55 21136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys

2012-10-30 23:51:53 132864 ----a-w- C:\Windows\System32\drivers\aswFW.sys

2012-10-30 23:51:07 41224 ----a-w- C:\Windows\avastSS.scr

2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll

.

============= FINISH: 17:54:51.09 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 1/8/2012 9:07:24 AM

System Uptime: 1/19/2013 1:51:19 PM (4 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | GA-890GPA-UD3H

Processor: AMD Phenom II X6 1090T Processor | Socket M2 | 3200/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 173.158 GiB free.

D: is CDROM ()

G: is CDROM ()

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Ralink RT61 Turbo Wireless LAN Card

Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&E7415D2&0&38A4

Manufacturer: Ralink Technology Corp.

Name: Ralink RT61 Turbo Wireless LAN Card

PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&E7415D2&0&38A4

Service: rt61x64

.

==== System Restore Points ===================

.

RP312: 1/18/2013 5:12:45 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

.

7-Zip 9.20 (x64 edition)

AdFender

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 7.0

Adobe Reader 9.5.2

Adobe Shockwave Player 11.6

Akamai NetSession Interface

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Fuel

AMD Media Foundation Decoders

AMD VISION Engine Control Center

applicationupdater

ArcSoft PhotoImpression 5

Audiosurf

Auslogics Disk Defrag

avast! Internet Security

Bamboo

BioWare Premium Module: Neverwinter Nights Kingmaker

Brother MFC-295CN

Castle Crashers

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cheat Engine 6.1

Cities in Motion

Closure

Color Efex Pro 3.0 Wacom Edition 3

Core Temp 1.0 RC2

Corel Painter Essentials 4

Creative WebCam Center

Creative WebCam Instant Driver (2.00.04.0825)

CyberLink PowerDVD 8

DAEMON Tools Lite

Dead Rising 2

DivX Setup

Evernote v. 4.5.6

FileZilla Client 3.5.3

Free Studio version 5.3.3

Free YouTube Download version 3.1.37.918

Free YouTube to MP3 Converter version 3.11.32.918

gamelauncher-ps2-live

GameRanger

Gigabyte Raid Configurer

GIMP 2.6.11

GOG.com Downloader version 3.3.5

Google Chrome

Google Talk Plugin

Gratuitous Space Battles

Greed: Black Border

HandBrake 0.9.8

Hinterland

IDroo 1.0.0.154

Java Auto Updater

Java 6 Update 31 (64-bit)

Java 6 Update 32

join.me

K-Lite Codec Pack 9.2.0 (64-bit)

K-Lite Mega Codec Pack 9.2.0

LAME v3.99.3 (for Windows)

LastPass (uninstall only)

Lyrics Plugin for Winamp

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Xbox 360 Accessories 1.2

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Miner Wars 2081

MiniLyrics

Mozilla Firefox 18.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mumble 1.2.3

Natural Selection 2

NEC Electronics USB 3.0 Host Controller Driver

neroxml

Neverwinter Nights Diamond Edition

Nikopol: Secrets of the Immortals

No-IP DUC

Notepad++

NVIDIA PhysX

Oasis2Service 1.0

OpenAL

OpenOffice.org 3.3

Paint XP version 1.1

Paint.NET v3.5.10

QuickTime Alternative 3.2.2

Ralink RT6x Wireless LAN Card

Rapture3D 2.5.1 Game

Realtek Ethernet Controller Driver For Windows 7

Realtek HDMI Audio Driver for ATI

Realtek High Definition Audio Driver

Red Faction: Armageddon

Resonance

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

SereneScreen Marine Aquarium 3

Skype™ 6.0

SlimDX SDK (September 2011)

Source Filmmaker

Space Pirates and Zombies

Spybot - Search & Destroy

Steam

swMSM

Team Fortress 2

TeamSpeak 3 Client

TERA

Terraria

The Basement Collection

Titan Quest: Immortal Throne

Torchlight II

Trine 2

Ulead Photo Express 6

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

VC80CRTRedist - 8.0.50727.6195

Viking: Battle for Asgard

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.11

Vuze

Winamp

Winamp Detector Plug-in

Windows Live ID Sign-in Assistant

WinRAR 4.01 (64-bit)

Yahoo! Messenger

.

==== Event Viewer Messages From Past Week ========

.

1/19/2013 11:54:06 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

1/19/2013 11:53:20 AM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

1/18/2013 4:26:31 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/18/2013 4:26:31 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

1/18/2013 4:25:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Oasis2Service service to connect.

1/18/2013 4:25:34 AM, Error: Service Control Manager [7000] - The Oasis2Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/18/2013 4:24:32 AM, Error: Service Control Manager [7000] - The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

1/18/2013 1:34:41 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

Please uninstall this application: Vuze

Step 3

Please download Malwarebytes Anti-Rootkit from here.

  1. Unzip the contents to a folder in a convenient location.
  2. Open the folder where the contents were unzipped and run mbar.exe ( right click and select Run as adminsistrator for Vista and Windows 7)
  3. Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  4. Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  5. Wait while the system shuts down and the cleanup process is performed.
  6. Please post the two logs produced.

In your next reply, post the following log files:

  • Malwarebytes Anti-Rootkit log
  • a new fresh DDS log

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.