Jump to content

I think I am infected! Pls check

Kshitij2013
 Share

Recommended Posts

Kshitij2013

Kshitij2013

Posted
Posted

Pls check if I am infected.....

 

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------

dds.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2
Run by Kshitij at 19:28:51 on 2013-08-22
Microsoft Windows 8 Single Language  6.2.9200.0.1252.91.1033.18.6000.4319 [GMT 5.5:30]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Sandboxie\SbieSvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
F:\VMWare9\vmware-authd.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
F:\VMWare9\vmware-hostd.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\windows\System32\alg.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhostex.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RTFTrack.exe
C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
F:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
F:\VMWare9\vmware-tray.exe
F:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
F:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [iDMan] F:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vmware-tray.exe] "F:\VMWare9\vmware-tray.exe"
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
mPolicies-System: DisableCAD = dword:1
IE: Download all links with IDM - F:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - F:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %windir%\system32\vsocklib.dll
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - 
TCP: NameServer = 202.149.208.92 202.149.208.91
TCP: Interfaces\{648BAE61-6F99-4361-B9C1-DC0CBB5BEC80} : DHCPNameServer = 202.149.208.92 202.149.208.91
TCP: Interfaces\{C16E4DAA-0B4D-485F-8FA3-822E82901A4F} : DHCPNameServer = 202.149.208.92 202.149.208.91
TCP: Interfaces\{C16E4DAA-0B4D-485F-8FA3-822E82901A4F}\8414E45647 : DHCPNameServer = 202.149.208.92 202.149.208.91
TCP: Interfaces\{C16E4DAA-0B4D-485F-8FA3-822E82901A4F}\C416074756368667E613 : DHCPNameServer = 59.144.127.16 59.144.127.17
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll, C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtsFT] RTFTrack.exe
x64-Run: [synLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe -start
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-5-11 647736]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-5-11 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\Drivers\nvpciflt.sys [2013-7-29 30496]
R0 vsock;vSockets Driver;C:\windows\System32\Drivers\vsock.sys [2013-7-10 70296]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\windows\System32\Drivers\HWiNFO64A.SYS [2013-8-9 31136]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2013-1-25 227456]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-7-17 70984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-7-17 384840]
R2 IDMWFP;IDMWFP;C:\windows\System32\Drivers\idmwfp.sys [2013-8-6 172920]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-5-11 166720]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-14 230408]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-12-14 70152]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-8-2 14984480]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-30 4153184]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-11 365376]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
R2 VMwareHostd;VMware Workstation Server;F:\VMWare9\vmware-hostd.exe -u "C:\ProgramData\VMware\hostd\config.xml" --> F:\VMWare9\vmware-hostd.exe -u C:\ProgramData\VMware\hostd\config.xml [?]
R2 X5XSEx_Pr148;X5XSEx_Pr148;C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys [2013-5-11 56136]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2013-1-25 323584]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\Drivers\btath_bus.sys [2013-5-11 34384]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-5-11 169752]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2013-2-22 342528]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\System32\Drivers\nvvad64v.sys [2013-8-2 39712]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-5-11 683664]
R3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2013-5-11 8230160]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2013-7-8 199384]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2013-4-11 33008]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-7-17 393032]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-1 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-1 701512]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\Drivers\btath_flt.sys [2013-5-11 89168]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\Drivers\btath_a2dp.sys [2013-5-11 346192]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\Drivers\btath_avdt.sys [2013-5-11 115280]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\Drivers\btath_hcrp.sys [2013-5-11 179432]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\Drivers\btath_lwflt.sys [2013-5-11 77464]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\Drivers\btath_rcp.sys [2013-5-11 136424]
S3 BtFilter;BtFilter;C:\windows\System32\Drivers\btfilter.sys [2013-5-11 581200]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2013-7-28 137336]
S3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-7-1 25928]
S3 OracleDBConsoleKSHITIJ;OracleDBConsoleKSHITIJ;F:\app\Kshitij\product\11.2.0\dbhome_1\BIN\nmesrvc.exe [2013-7-1 35328]
S3 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;F:\app\Kshitij\product\11.2.0\dbhome_1\BIN\TNSLSNR  --> F:\app\Kshitij\product\11.2.0\dbhome_1\BIN\TNSLSNR  [?]
S3 OracleServiceKSHITIJ;OracleServiceKSHITIJ;f:\app\kshitij\product\11.2.0\dbhome_1\bin\ORACLE.EXE KSHITIJ --> f:\app\kshitij\product\11.2.0\dbhome_1\bin\ORACLE.EXE KSHITIJ [?]
S3 OracleVssWriterKSHITIJ;Oracle KSHITIJ VSS Writer Service;f:\app\kshitij\product\11.2.0\dbhome_1\bin\OraVSSW.exe KSHITIJ --> f:\app\kshitij\product\11.2.0\dbhome_1\bin\OraVSSW.exe KSHITIJ [?]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-5-11 315536]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-5-11 102376]
S4 OracleJobSchedulerKSHITIJ;OracleJobSchedulerKSHITIJ;f:\app\kshitij\product\11.2.0\dbhome_1\Bin\extjob.exe KSHITIJ --> f:\app\kshitij\product\11.2.0\dbhome_1\Bin\extjob.exe KSHITIJ [?]
S4 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;F:\app\Kshitij\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:F:\app\Kshitij\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> F:\app\Kshitij\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:F:\app\Kshitij\product\11.2.0\dbhome_1\bin\oraclr11.dll [?]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .vbs: VBSFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .js: JSFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .jse: JSEFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .wsf: WSFFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
.
=============== Created Last 30 ================
.
2013-08-22 11:24:52 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0EA7F09D-E3F5-46B2-81E1-5C0666BA1721}\mpengine.dll
2013-08-21 21:30:12 9515512 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-08-21 12:22:25 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\MultiBit
2013-08-21 12:20:52 -------- d-----w- C:\Program Files (x86)\MultiBit-0.5.13
2013-08-20 21:32:18 240304 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 14:17:36 941720 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B8ED770-D6AE-4EDA-B8C4-F96D8DDA112E}\gapaengine.dll
2013-08-16 13:09:22 -------- d-----w- C:\Users\Kshitij\AppData\Local\stellarium
2013-08-16 13:09:19 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\Stellarium
2013-08-14 12:24:42 1606112 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-08-14 11:37:37 694272 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2013-08-14 11:37:37 1314816 ----a-w- C:\windows\System32\rpcrt4.dll
2013-08-14 11:37:34 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-08-14 11:32:29 98304 ----a-w- C:\windows\System32\apprepsync.dll
2013-08-14 11:32:29 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll
2013-08-14 11:32:29 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll
2013-08-14 11:32:29 68096 ----a-w- C:\windows\System32\cryptsvc.dll
2013-08-14 11:32:29 337408 ----a-w- C:\windows\System32\wintrust.dll
2013-08-14 11:32:29 261120 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-08-14 11:32:29 1889280 ----a-w- C:\windows\System32\crypt32.dll
2013-08-14 11:32:29 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-08-14 11:32:29 124416 ----a-w- C:\windows\System32\apprepapi.dll
2013-08-13 23:53:07 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\Wireshark
2013-08-13 23:18:51 -------- d-----w- C:\Program Files (x86)\WinPcap
2013-08-13 23:18:20 -------- d-----w- C:\Program Files\Wireshark
2013-08-13 11:50:46 -------- d-----w- C:\Users\Kshitij\AppData\Local\ElevatedDiagnostics
2013-08-12 11:09:35 -------- d-----w- C:\ProgramData\Auslogics
2013-08-12 11:09:19 -------- d-----w- C:\Program Files (x86)\Auslogics
2013-08-09 12:25:55 31136 ----a-w- C:\windows\System32\drivers\HWiNFO64A.SYS
2013-08-09 12:24:43 -------- d-----w- C:\Program Files\HWiNFO64
2013-08-06 14:38:13 172920 ----a-w- C:\windows\System32\drivers\idmwfp.sys
2013-08-01 22:06:08 -------- d-----w- C:\Program Files (x86)\Alcohol Soft
2013-08-01 22:03:32 564824 ----a-w- C:\windows\System32\drivers\sptd.sys
2013-08-01 21:52:26 -------- d-----w- C:\NvidiaLogging
2013-08-01 21:51:26 39712 ----a-w- C:\windows\System32\drivers\nvvad64v.sys
2013-08-01 21:51:26 29984 ----a-w- C:\windows\System32\nvaudcap64v.dll
2013-08-01 21:51:26 28448 ----a-w- C:\windows\SysWow64\nvaudcap32v.dll
2013-07-30 12:40:33 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\TeamViewer
2013-07-30 12:28:05 -------- d-----w- C:\Program Files (x86)\TeamViewer
2013-07-29 17:52:28 -------- d-----w- C:\Users\Kshitij\AppData\Local\NVIDIA
2013-07-29 17:25:12 -------- d-----w- C:\Program Files\CPUID
2013-07-29 17:22:02 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\Nico Mak Computing
2013-07-29 17:22:00 18760 ----a-w- C:\windows\System32\roboot64.exe
2013-07-29 17:21:46 -------- d-----w- C:\Program Files (x86)\WinZip Registry Optimizer
2013-07-29 17:21:02 -------- d-----w- C:\FFOutput
2013-07-29 17:20:59 -------- d-----w- C:\ProgramData\APN
2013-07-29 14:31:38 -------- d-----w- C:\Users\Kshitij\AppData\Roaming\NVIDIA
2013-07-29 14:31:19 -------- d-----w- C:\Program Files (x86)\GPU-Z
2013-07-29 14:19:29 -------- d-----w- C:\windows\SysWow64\NV
2013-07-29 14:19:29 -------- d-----w- C:\windows\System32\NV
2013-07-29 14:17:11 884512 ----a-w- C:\windows\System32\nvvsvc.exe
2013-07-29 14:17:11 76064 ----a-w- C:\windows\System32\nv3dappshextr.dll
2013-07-29 14:17:11 6411552 ----a-w- C:\windows\System32\nvcpl.dll
2013-07-29 14:17:11 63776 ----a-w- C:\windows\System32\nvshext.dll
2013-07-29 14:17:11 3462944 ----a-w- C:\windows\System32\nvsvc64.dll
2013-07-29 14:17:11 3035306 ----a-w- C:\windows\System32\nvcoproc.bin
2013-07-29 14:17:11 2558240 ----a-w- C:\windows\System32\nvsvcr.dll
2013-07-29 14:17:11 118560 ----a-w- C:\windows\System32\nvmctray.dll
2013-07-29 14:17:11 1002272 ----a-w- C:\windows\System32\nv3dappshext.dll
2013-07-29 14:17:10 561440 ----a-w- C:\windows\SysWow64\oemdspif.dll
2013-07-29 14:16:32 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-07-29 14:16:28 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-07-28 12:10:27 -------- d-----w- C:\Users\Kshitij\AppData\Local\IsolatedStorage
2013-07-28 12:09:50 -------- d-----w- C:\Users\Kshitij\AppData\Local\Futuremark
2013-07-28 12:09:09 -------- d-----w- C:\Program Files (x86)\Futuremark
2013-07-28 00:21:26 -------- d-----w- C:\Users\Kshitij\jagexcache
2013-07-24 13:13:46 -------- d-----w- C:\windows\System32\MRT
.
==================== Find3M  ====================
.
2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-07-26 05:13:28 915968 ----a-w- C:\windows\System32\uxtheme.dll
2013-07-26 05:13:28 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-07-26 03:13:15 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-07-26 00:54:34 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys
2013-06-30 07:47:41 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 07:47:41 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-30 07:47:41 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-06-27 22:04:51 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-16 22:41:31 997632 ----a-w- C:\windows\System32\drivers\ndis.sys
2013-06-01 11:54:16 194816 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-06-01 11:54:10 125184 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-06-01 11:34:21 2391280 ----a-w- C:\windows\explorer.exe
2013-06-01 11:29:35 337152 ----a-w- C:\windows\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35 213248 ----a-w- C:\windows\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33 327936 ----a-w- C:\windows\System32\drivers\volsnap.sys
2013-06-01 11:26:31 6987008 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-06-01 10:24:46 2106176 ----a-w- C:\windows\SysWow64\explorer.exe
2013-06-01 09:25:52 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25:05 67584 ----a-w- C:\windows\SysWow64\samlib.dll
2013-06-01 09:25:03 496640 ----a-w- C:\windows\SysWow64\qedit.dll
2013-06-01 09:24:19 493056 ----a-w- C:\windows\SysWow64\mscms.dll
2013-06-01 09:24:09 850944 ----a-w- C:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:09 1453568 ----a-w- C:\windows\SysWow64\mfcore.dll
2013-06-01 09:23:46 1842176 ----a-w- C:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23:06 680960 ----a-w- C:\windows\System32\vds.exe
2013-06-01 09:22:47 80896 ----a-w- C:\windows\System32\MbaeParserTask.exe
2013-06-01 09:22:33 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-06-01 09:22:33 446976 ----a-w- C:\windows\System32\wwansvc.dll
2013-06-01 09:22:09 190976 ----a-w- C:\windows\System32\vdsutil.dll
2013-06-01 09:21:39 729600 ----a-w- C:\windows\System32\samsrv.dll
2013-06-01 09:21:39 106496 ----a-w- C:\windows\System32\samlib.dll
2013-06-01 09:21:34 595968 ----a-w- C:\windows\System32\qedit.dll
2013-06-01 09:20:45 583168 ----a-w- C:\windows\System32\mscms.dll
2013-06-01 09:20:34 1527808 ----a-w- C:\windows\System32\mfcore.dll
2013-06-01 09:20:34 1048576 ----a-w- C:\windows\System32\mfasfsrcsnk.dll
2013-06-01 09:20:04 2219520 ----a-w- C:\windows\System32\dwmcore.dll
2013-06-01 09:19:58 207872 ----a-w- C:\windows\System32\DeviceSetupManager.dll
2013-06-01 09:19:42 785408 ----a-w- C:\windows\System32\audiosrv.dll
2013-06-01 03:08:57 37632 ----a-w- C:\windows\System32\drivers\BthAvrcpTg.sys
2013-05-30 23:14:23 4036096 ----a-w- C:\windows\System32\win32k.sys
2013-05-24 22:09:20 1403296 ----a-w- C:\windows\System32\winload.efi
2013-05-24 22:09:20 1271584 ----a-w- C:\windows\System32\winload.exe
2013-05-24 22:09:20 1217352 ----a-w- C:\windows\System32\winresume.efi
2013-05-24 22:09:20 1093904 ----a-w- C:\windows\System32\winresume.exe
.
============= FINISH: 19:29:18.66 ===============
 
 
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Single Language
Boot Device: \Device\HarddiskVolume2
Install Date: 30-06-2013 09:36:12 AM
System Uptime: 18-08-2013 12:41:46 PM (103 hours ago)
.
Motherboard: LENOVO |  | INVALID
Processor: Intel® Core i5-3230M CPU @ 2.60GHz | U3E1 | 2601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 443 GiB total, 383.65 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 22.218 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 441 GiB total, 343.062 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Device ID: USB\VID_0CF3&PID_3004\ALASKA_DAY_2006
Manufacturer: Qualcomm Atheros Communications
Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
PNP Device ID: USB\VID_0CF3&PID_3004\ALASKA_DAY_2006
Service: BTHUSB
.
==== System Restore Points ===================
.
RP20: 13-08-2013 05:32:12 PM - Installed Should I Remove It
RP21: 16-08-2013 07:12:06 PM - Windows Update
RP22: 21-08-2013 06:44:06 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Reader XI (11.0.03)
Auslogics BoostSpeed
BlueStacks App Player
BlueStacks Notification Center
CCleaner
CPUID HWMonitor 1.23
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Home Theater v4
Energy Management
FormatFactory 3.1.1
FreeRide Games
Futuremark SystemInfo
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
HWiNFO64 Version 4.20
Intel AppUp(SM) center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Internet Download Manager
Java 7 Update 25
Java Auto Updater
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo PowerDVD10
Lenovo YouCam
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
MultiBit 0.5.13
Nitro Pro 8
NVIDIA Control Panel 311.27
NVIDIA GeForce Experience 1.6
NVIDIA Graphics Driver 311.27
NVIDIA Install Application
NVIDIA Optimus 7.2.17
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Update 7.2.17
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.1
Onekey Theater
Power2Go
Qualcomm Atheros Bluetooth Suite (64)
Qualcomm Atheros Client Installation Program
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Sandboxie 4.04 (64-bit)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Shared C Run-time for x64
SHIELD Streaming
Stellarium 0.12.2
SugarSync Manager
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TeamViewer 8
TechPowerUp GPU-Z
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
TurboC++ for Windows 3.8.0.1m_r
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
UserGuide
VMware Workstation
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733)
WinPcap 4.1.3
WinRAR 4.20 (64-bit)
Wireshark 1.10.1 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
22-08-2013 07:27:35 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001]  - The ICS_IPV6 failed to configure IPv6 stack.
19-08-2013 06:30:26 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NcdAutoSetup service.
19-08-2013 06:30:26 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
18-08-2013 12:53:29 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {7022A3B3-D004-4F52-AF11-E9E987FEE25F}  and APPID  {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}  to the user Kshitij-PC\Kshitij SID (S-1-5-21-4008833774-2699350555-1950638099-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
15-08-2013 06:33:21 PM, Error: Microsoft-Windows-SharedAccess_NAT [30005]  - The DHCP allocator has detected a DHCP server with IP address 192.168.217.254 on the same network as the interface with IP address 192.168.137.1. The allocator has disabled itself on the interface to avoid confusing DHCP clients.
.
==== End Of File ===========================
 
 
Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello Kshitij2013

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.