netgizmo234 Posted January 13, 2014 ID:777335 Share Posted January 13, 2014 Hi There, My Windows 7 laptop is dragging it's feet . The CPU is constantly very high and taking ages to browse or do any task. Many times I don't see a process causing High CPU so it's very frustrating A MBAM and Spy Bot scan came up with nothing. Please assist Thanks netgizmo234 Link to post Share on other sites More sharing options...
MrCharlie Posted January 13, 2014 ID:777380 Share Posted January 13, 2014 Welcome to the forum, please start HERE Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8) (please don't put logs in code or quotes and use the default font) General P2P/Piracy Warning: 1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided. 2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy. Failure to remove such software will result in your topic being closed and no further assistance being provided. <====><====><====><====><====><====><====><====> Next................ Please download and run RogueKiller 32 bit to your desktop. RogueKiller<---use this one for 64 bit systems Which system am I using? Quit all running programs. For Windows XP, double-click to start. For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run. Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything! Don't run any other options, they're not all bad!!!!!!! Post back the report which should be located on your desktop. (please don't put logs in code or quotes and use the default font) MrC Note: Please read all of my instructions completely including these. Make sure system restore is turned on and running, please create a new restore point Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive <+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you. <+>The removal of malware isn't instantaneous, please be patient. <+>When we are done, I'll give to instructions on how to cleanup all the tools and logs <+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. ------->Your topic will be closed if you haven't replied within 3 days!<-------- (If I don't respond within 24 hours, please send me a PM) Link to post Share on other sites More sharing options...
netgizmo234 Posted January 13, 2014 Author ID:777414 Share Posted January 13, 2014 MBAM scan didn't reveal anything. DDSDDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2Run by nz at 16:05:22 on 2014-01-13Microsoft Windows 7 Ultimate N 6.1.7601.1.1252.44.1033.18.2038.857 [GMT 0:00].AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exec:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exeC:\Windows\system32\vmnat.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\VMware\VMware Player\vmware-authd.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\vmnetdhcp.exeC:\Program Files\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Google\Update\GoogleUpdate.exeC:\Windows\System32\igfxtray.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\AVG\AVG2014\avgidsagent.exeC:\Program Files\AVG\AVG2014\avgwdsvc.exeC:\Program Files\AVG\AVG2014\avgnsx.exeC:\Program Files\AVG\AVG2014\avgemcx.exeC:\Program Files\AVG\AVG2014\avgrsx.exeC:\Program Files\AVG\AVG2014\avgcsrvx.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\AVG\AVG2014\avgui.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\system32\conhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\System32\svchost.exe -k WerSvcGroup.============== Pseudo HJT Report ===============.BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServicesmRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLYuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:255mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllLSP: c:\program files\vmware\vmware player\vsocklib.dllTCP: NameServer = 194.168.4.100 194.168.8.100TCP: Interfaces\{139195BD-B311-4695-A67C-BC187E8BF067} : DHCPNameServer = 194.168.4.100 194.168.8.100TCP: Interfaces\{139195BD-B311-4695-A67C-BC187E8BF067}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23TCP: Interfaces\{139195BD-B311-4695-A67C-BC187E8BF067}\244575966496D277964786D264F4E4 : DHCPNameServer = 192.168.22.22 192.168.22.23TCP: Interfaces\{139195BD-B311-4695-A67C-BC187E8BF067}\6796277696E6D65646961643639383934343 : DHCPNameServer = 62.253.162.232 194.168.4.37Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllNotify: igfxcui - igfxdev.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-2 22856]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-12 62464]SUnknown MpKslefe700d9;MpKslefe700d9; [x].=============== Created Last 30 ================.2014-01-13 14:41:59 -------- d-----w- c:\users\atul\appdata\roaming\AVG20142014-01-13 14:34:40 -------- d--h--w- C:\$AVG2014-01-13 14:34:39 -------- d-----w- c:\programdata\AVG20142014-01-13 14:30:43 -------- d-----w- c:\program files\AVG2014-01-13 14:25:53 -------- d-----w- c:\users\atul\appdata\local\Avg20142014-01-13 14:07:35 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ab245e5b-ade1-4a06-80e4-6407bee19ced}\MpKsl3f364048.sys2014-01-13 08:43:13 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ab245e5b-ade1-4a06-80e4-6407bee19ced}\mpengine.dll2014-01-12 22:46:28 -------- d-----w- C:\AdwCleaner2014-01-12 22:34:50 7760024 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2014-01-12 22:13:15 -------- d-sh--w- C:\$RECYCLE.BIN2014-01-12 22:12:50 -------- d-----w- c:\users\atul\appdata\local\temp2014-01-12 20:59:23 98816 ----a-w- c:\windows\sed.exe2014-01-12 20:59:23 256000 ----a-w- c:\windows\PEV.exe2014-01-12 20:59:23 208896 ----a-w- c:\windows\MBR.exe2013-12-23 19:32:50 4558848 ----a-w- c:\windows\system32\GPhotos.scr2013-12-21 22:56:32 107256 ----a-w- c:\windows\system32\drivers\RapportKELL.sys.==================== Find3M ====================.2014-01-12 23:09:59 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys.bak2014-01-12 23:08:59 60416 ----a-w- c:\windows\system32\drivers\mpsdrv.sys.bak2014-01-12 23:07:59 274304 ----a-w- c:\windows\system32\drivers\acpi.sys.bak2014-01-12 23:07:59 164864 ----a-w- c:\windows\system32\drivers\1394ohci.sys.bak2014-01-12 23:07:59 10240 ----a-w- c:\windows\system32\drivers\acpipmi.sys.bak2014-01-12 23:07:58 54784 ----a-w- c:\windows\system32\drivers\1394bus.sys.bak2013-12-12 14:14:41 98304 ----a-w- c:\windows\system32\bsreffs.dll2013-12-12 14:14:41 90112 ----a-w- c:\windows\system32\bsrlback.dll2013-12-12 14:14:39 81920 ----a-w- c:\windows\system32\bsrgvas.dll2013-12-12 14:14:39 692224 ----a-w- c:\windows\system32\bsrmgcv.dll2013-12-12 14:14:39 192512 ----a-w- c:\windows\system32\bsrmgps.dll2013-12-12 14:13:13 585728 ----a-w- c:\windows\system32\bsratswf.dll2013-12-12 14:13:13 147456 ----a-w- c:\windows\system32\bsratwmv.dll2013-11-26 09:23:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb2013-11-26 09:22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll2013-11-26 08:53:56 61952 ----a-w- c:\windows\system32\iesetup.dll2013-11-26 08:52:26 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll2013-11-26 08:29:55 112128 ----a-w- c:\windows\system32\ieUnatt.exe2013-11-26 08:29:52 108032 ----a-w- c:\windows\system32\ieetwcollector.exe2013-11-26 08:28:16 553472 ----a-w- c:\windows\system32\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- c:\windows\system32\jscript9.dll2013-11-26 07:32:06 1928192 ----a-w- c:\windows\system32\inetcpl.cpl2013-11-26 06:33:33 1820160 ----a-w- c:\windows\system32\wininet.dll2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe2013-11-12 02:07:29 2048 ----a-w- c:\windows\system32\tzres.dll2013-11-05 21:50:48 120600 ----a-w- c:\windows\system32\drivers\avgdiskx.sys2013-11-04 21:57:30 209176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys2013-10-31 23:00:28 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys2013-10-31 22:30:08 222520 ----a-w- c:\windows\system32\drivers\avglogx.sys2013-10-30 02:19:52 301568 ----a-w- c:\windows\system32\msieftp.dll2013-10-30 01:27:28 2349056 ----a-w- c:\windows\system32\win32k.sys2013-10-24 22:28:32 147768 ----a-w- c:\windows\system32\drivers\avgidshx.sys2013-10-19 01:36:59 159232 ----a-w- c:\windows\system32\imagehlp.dll.============= FINISH: 16:11:09.36 ===============Attach . DDS (Ver_2012-11-20.01).Microsoft Windows 7 Ultimate N Boot Device: \Device\HarddiskVolume1Install Date: 26/06/2012 09:58:14System Uptime: 13/01/2014 14:05:22 (2 hours ago).Motherboard: Dell Inc. | | 0MG532Processor: Genuine Intel® CPU T2080 @ 1.73GHz | Microprocessor | 797/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 466 GiB total, 276.137 GiB free.D: is CDROM ()F: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: MpKslefe700d9Device ID: ROOT\LEGACY_MPKSLEFE700D9\0000Manufacturer: Name: MpKslefe700d9PNP Device ID: ROOT\LEGACY_MPKSLEFE700D9\0000Service: MpKslefe700d9.==== System Restore Points ===================.RP239: 16/12/2013 10:08:30 - Windows UpdateRP240: 20/12/2013 09:19:51 - Windows UpdateRP241: 24/12/2013 14:14:13 - Windows UpdateRP242: 30/12/2013 12:18:05 - Windows UpdateRP243: 02/01/2014 15:03:03 - Windows UpdateRP245: 03/01/2014 08:55:26 - Installed RapportRP246: 06/01/2014 09:24:48 - Windows UpdateRP247: 10/01/2014 09:23:39 - Windows UpdateRP249: 13/01/2014 14:28:07 - Installed AVG 2014RP250: 13/01/2014 14:31:18 - Installed AVG 2014.==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.3)Apple Application SupportApple Mobile Device SupportApple Software UpdateAVG 2014BonjourBSR Screen Recorder 6CCleanerD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDropboxESET Online Scanner v3GetFLV 9.1.2.7GNS3 0.8.6Google ChromeGoogle Earth Plug-inGoogle Talk (remove only)Google Update HelperGoogle+ Auto BackupHaihaisoft PDF ReaderHP Deskjet 1050 J410 series Basic Device SoftwareHP Deskjet 1050 J410 series HelpHP Deskjet 1050 J410 series Product Improvement StudyHP Photo CreationsHP UpdateHUPlayerIntel® Graphics Media Accelerator DriveriTunesJava 7 Update 25Java Auto UpdaterJavaFX 2.1.1Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Lync Server 2010, Planning Tool Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC100_CRT_SP1_x86MSVC80_x86_v2MSVC90_x86MSVCRTMSVCRT110MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MySpeed ActiveX v3.8.4Nokia Connectivity Cable DriverNokia SuitePC Connectivity SolutionPhilips Media ConverterPhilips SongbirdPhoto CommonPicasa 3RapportRICOH Media Driver ver.2.07.01.04Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2850016) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2837597) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionSkype™ 6.11Spybot - Search & DestroyTrusteer Endpoint ProtectionUltraISO Premium V9.36Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2850079) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2837593) 32-Bit EditionVisual CertExam SuiteVisual Studio 2012 x86 RedistributablesVLC media player 2.0.2VMware PlayerWindows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002)Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MessengerWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinPcap 4.1.3WinRAR 4.20 (32-bit)WinZip 16.5Wireshark 1.10.2 (32-bit)Yahoo!7 Messenger.==== Event Viewer Messages From Past Week ========.12/01/2014 23:21:18, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly..==== End Of File =========================== Link to post Share on other sites More sharing options...
MrCharlie Posted January 13, 2014 ID:777416 Share Posted January 13, 2014 RogueKiller log??? MrC Link to post Share on other sites More sharing options...
netgizmo234 Posted January 13, 2014 Author ID:777428 Share Posted January 13, 2014 RogueKiller is stuck at following point and scan is not even started Staus Checking processes... -->dllhost.exe Link to post Share on other sites More sharing options...
netgizmo234 Posted January 13, 2014 Author ID:777430 Share Posted January 13, 2014 Its not going any further and been there for a while . Shall I kill it ? Link to post Share on other sites More sharing options...
MrCharlie Posted January 13, 2014 ID:777439 Share Posted January 13, 2014 Kill it and try it in safe mode. MrC Link to post Share on other sites More sharing options...
netgizmo234 Posted January 13, 2014 Author ID:777448 Share Posted January 13, 2014 OK ran it in safe mode RogueKiller V8.8.0 [Dec 27 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits versionStarted in : Safe mode with network supportUser : nz [Admin rights]Mode : Scan -- Date : 01/13/2014 17:37:22| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++--- User ---[MBR] 7b84db1955b59f4cd760e965dfdb9d6c[bSP] 7c178d4403f0e1c37edaac2021b2c9fc : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_01132014_173722.txt >> Link to post Share on other sites More sharing options...
MrCharlie Posted January 13, 2014 ID:777455 Share Posted January 13, 2014 OK...lets run some scans: Download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txtTo attach a log if needed: Bottom right corner of this page. New window that comes up. ~~~~~~~~~~~~~~~~~~~~~~~ Note: If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional: Internet access Windows Update Windows Firewall If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot. It's located in the Plugins folder which is in the MBAR folder. Just run fixdamage.exe. Verify that they are now functioning normally. MrC Link to post Share on other sites More sharing options...
Staff gringo_pr Posted January 17, 2014 Staff ID:779209 Share Posted January 17, 2014 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts