Jump to content

Recommended Posts

I think I have a virus in my computer. It slowed down a lot for some reason. It says %100 CPU Usage. I can not even watch a video online because my computer lags(not the internet). I am really sorry for any inconvenience caused by me. Thanks in advance.

 

I did dds and quick scan with malwarebytes. I put the results here:

 

DDS results:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11/15/2013 11:38:26 AM
System Uptime: 2/5/2014 5:27:33 PM (2 hours ago)
.
Motherboard: Acer |  | Aspire 5810T
Processor: Genuine Intel® CPU           U2700  @ 1.30GHz | CPU | 1300/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 426.041 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP19: 12/7/2013 1:01:54 PM - Windows Update
RP20: 12/11/2013 10:59:30 AM - Windows Update
RP22: 12/12/2013 3:05:25 PM - Windows Backup
RP23: 12/14/2013 10:11:04 PM - Windows Update
RP24: 12/21/2013 10:39:41 PM - Windows Backup
RP25: 12/21/2013 10:55:48 PM - Windows Update
RP26: 12/22/2013 2:34:30 PM - Windows Update
RP29: 12/23/2013 11:52:48 AM - Windows Modules Installer
RP30: 12/25/2013 6:56:57 PM - Windows Update
RP31: 1/7/2014 11:17:55 AM - Windows Update
RP33: 1/7/2014 11:35:46 AM - Installed Bradford Persistent Agent
RP34: 1/7/2014 6:54:12 PM - Installed Bradford Persistent Agent
RP36: 1/17/2014 10:54:26 AM - Windows Update
RP37: 1/18/2014 3:02:06 PM - Windows Update
RP39: 1/21/2014 3:59:44 PM - Windows Update
RP42: 2/2/2014 11:21:28 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
Adobe Reader X (10.1.4)
avast! Free Antivirus
Bradford Persistent Agent
EPSON WF-2540 Series Printer Uninstall
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
Itibiti RTC
K-Lite Codec Pack 7.0.0 (Standard)
Knctr
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Norton Security Scan
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Yahoo Browser Settings
.
==== Event Viewer Messages From Past Week ========
.
2/5/2014 1:20:44 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/4/2014 7:33:25 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
2/3/2014 8:58:20 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
1/31/2014 2:36:44 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
.
==== End Of File ===========================
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428
Run by Owner at 19:17:51 on 2014-02-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3002.1310 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [bncsaui.exe] C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 152.44.159.240 152.44.159.234
TCP: Interfaces\{7B92CBD1-74BC-4801-8985-AE236239C0D0} : DHCPNameServer = 152.44.159.240 152.44.159.234
TCP: Interfaces\{7B92CBD1-74BC-4801-8985-AE236239C0D0}\4416E69656C686F6573756 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{FF08CEFA-54B4-4D11-90A4-75D3913A9D20} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-11-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-11-15 205320]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-11-15 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-11-15 409832]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-11-15 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-11-15 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-15 50344]
R2 BNPagent;Bradford Persistent Agent Service;C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [2012-9-24 3082384]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-4 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-4 701512]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-4 25928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-23 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-18 1255736]
S4 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2013-12-2 151648]
.
=============== Created Last 30 ================
.
2014-02-05 19:22:13 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-02-05 19:22:09 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2014-02-05 03:24:53 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-02-05 03:24:45 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-05 03:24:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-05 03:24:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 03:24:29 -------- d-----w- C:\Users\Owner\AppData\Local\Programs
2014-02-05 03:11:58 -------- d-----w- C:\Windows\pss
2014-02-04 17:48:07 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1F084C5-6BDD-4278-8C06-8FD3349896B0}\mpengine.dll
2014-01-17 15:54:26 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-17 15:54:26 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-17 15:54:26 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-17 15:54:26 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-17 15:54:26 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-17 15:54:26 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-17 15:54:25 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-17 15:54:22 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-17 15:54:20 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-07 23:55:31 -------- d-----w- C:\ProgramData\Bradford Networks
2014-01-07 23:55:25 -------- d-----w- C:\Program Files (x86)\Bradford Networks
.
==================== Find3M  ====================
.
2014-02-05 18:22:01 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 18:22:01 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-15 20:47:21 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-15 20:47:21 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-15 20:47:21 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-15 20:47:21 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-15 20:47:19 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-15 20:47:18 43152 ----a-w- C:\Windows\avastSS.scr
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 19:18:26.01 ===============
 
 
MalwareBytes :
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.05.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Owner :: OWNER-PC [administrator]
 
Protection: Enabled
 
2/4/2014 10:27:51 PM
mbam-log-2014-02-04 (22-27-51).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210574
Time elapsed: 7 minute(s), 21 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Severe Weather Alerts (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
C:\Users\Owner\AppData\Local\SevereWeatherAlerts (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
 
Files Detected: 11
C:\Users\Owner\Downloads\freeopener_1390.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\uninstall.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe.config (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\ICSharpCode.SharpZipLib.dll (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\mod.SevereWeatherAlertsApp0.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp0.dat (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsAppAPI.dll (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsBrowser.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SWAUpdater.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
 
(end)

 

Link to post
Share on other sites

Hi and Welcome!!   

 

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

 

  • The fixes are specific to your problem and should only be used for the issues on this machine.

It's often worth reading through these instructions and printing them for ease of reference.

If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.

Please reply to this thread. Do not start a new topic.

If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.

Please be sure to subscribe to the topic if you have not already done so.


IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 

Having said that....   YBCQLm4.gif   Let's get going!!  

----------

Link to post
Share on other sites

weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------
 

81mYIKe.jpg  AdwCleaner
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.