Jump to content

Recommended Posts

Hey, hope you can help :) 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16843
Run by MayG at 1:40:37 on 2014-03-27
Microsoft Windows 8  6.2.9200.0.1252.47.1044.18.7366.5531 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhostex.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\explorer.exe
C:\Users\MayG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\7-Zip\7zFM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [spotify Web Helper] "C:\Users\MayG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
uRun: [skyDrive] "C:\Users\MayG\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2386136Z05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0D5A8877-EDEA-4BED-A4E9-66F5F8CB4A62} : DHCPNameServer = 40.24.1.201 40.24.1.202
TCP: Interfaces\{15D119E3-5E22-49FF-83D0-EBB4438AB2EA} : DHCPNameServer = 77.234.40.79
TCP: Interfaces\{4D496785-45B5-4FCE-A415-8F211FE1AA5E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4D496785-45B5-4FCE-A415-8F211FE1AA5E}\74564726F687D2734464444344 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4D496785-45B5-4FCE-A415-8F211FE1AA5E}\E45687477456E64556C6541434432333 : DHCPNameServer = 10.0.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableSecureUIAPath = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-11-30 80552]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-11-30 26280]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2013-2-14 37472]
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2014-1-12 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2014-1-12 207904]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\Drivers\aswndisflt.sys [2014-2-12 440672]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2014-1-12 1038072]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2014-1-12 421704]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2014-1-15 91712]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-17 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-4-17 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2014-1-12 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-12 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-2-12 113704]
R2 ClickToRunSvc;Tjenesten Microsoft Office ClickToRun;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-25 2169016]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2013-3-1 43320]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-8 1039160]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2013-11-12 246488]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2013-4-24 98744]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;C:\Windows\System32\Drivers\BtAudioBus.sys [2012-6-15 23136]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;C:\Windows\System32\Drivers\BtL2caScoIf.sys [2013-4-26 54064]
R3 BthLEEnum;Driver for Bluetooth Low Energy;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2013-3-25 49584]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\Drivers\clwvd.sys [2013-11-12 41408]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2013-12-4 2505904]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-11-12 290008]
R3 rtbth;RTBTH Bluetooth Device Driver;C:\Windows\System32\Drivers\rtbth.sys [2013-12-2 1204424]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-11-12 801864]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
R3 tapnhp6;Norton Hotspot Privacy Adapter 6;C:\Windows\System32\Drivers\tapnhp6.sys [2013-3-6 41560]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-11-12 58536]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S?3 aswStm;aswStm;C:\Windows\System32\Drivers\aswstm.sys [2014-1-12 80184]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\Drivers\aswTap.sys [2014-1-12 44640]
S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-4-30 677360]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-6-5 29424]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-6-5 33008]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-03-25 23:12:59 -------- d-----w- C:\Users\MayG\AppData\Local\ElevatedDiagnostics
2014-03-23 20:04:24 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-03-23 20:01:02 -------- d-sh--w- C:\$RECYCLE.BIN
2014-03-23 18:40:01 388096 ----a-r- C:\Users\MayG\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-23 18:40:01 -------- d-----w- C:\Program Files (x86)\Trend Micro
2014-03-23 16:25:18 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-03-23 16:25:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-23 16:20:50 -------- d-----w- C:\Users\MayG\AppData\Local\temp
2014-03-20 05:07:56 -------- d-----w- C:\Program Files (x86)\ESET
2014-03-18 22:39:05 -------- d-----w- C:\Users\MayG\AppData\Local\Microsoft Help
2014-03-14 18:36:09 254640 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10236.bin
2014-03-12 22:02:01 28032 ----a-w- C:\Program Files\Windows Defender\mpuxhostproxy.dll
2014-03-12 22:02:01 1571328 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2014-03-12 22:02:01 1330792 ----a-w- C:\Program Files\Windows Defender\MSASCui.exe
2014-03-12 22:02:00 868448 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2014-03-12 22:02:00 507392 ----a-w- C:\Program Files\Windows Defender\MpRtp.dll
2014-03-12 22:02:00 118776 ----a-w- C:\Program Files\Windows Defender\MpOAV.dll
2014-03-12 02:46:51 -------- d-----w- C:\Users\MayG\AppData\Local\Google
2014-03-12 02:30:02 4036608 ----a-w- C:\Windows\System32\win32k.sys
2014-03-06 20:38:15 -------- d-----w- C:\Users\MayG\AppData\Roaming\WinPatrol
2014-03-06 20:38:09 -------- d-----w- C:\ProgramData\InstallMate
2014-03-06 20:38:09 -------- d-----w- C:\Program Files (x86)\BillP Studios
2014-03-06 20:04:22 -------- d-----w- C:\Program Files\CCleaner
2014-03-06 19:06:13 -------- d-----w- C:\Windows\ERUNT
2014-03-06 17:38:52 -------- d-----w- C:\Users\MayG\AppData\Roaming\Malwarebytes
2014-03-06 17:37:55 -------- d-----w- C:\Users\MayG\AppData\Local\Programs
2014-03-06 16:56:14 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-06 16:56:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-04 10:17:56 19104 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1044\VSTOLoaderUI.dll
2014-03-04 10:17:56 10912 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1044\VSTOInstallerUI.dll
.
==================== Find3M  ====================
.
2014-03-04 22:52:34 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 22:52:34 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-24 13:38:25 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-02-23 08:13:41 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-23 08:13:31 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-23 08:13:31 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-23 08:11:59 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-23 08:11:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-23 08:11:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-23 06:54:46 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-23 06:54:37 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-23 06:53:22 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-23 06:53:18 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-23 06:53:18 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-23 06:35:36 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-23 06:31:25 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-23 05:34:05 440672 ----a-w- C:\Windows\System32\drivers\aswndisflt.sys
2014-02-23 04:06:33 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-02-12 17:33:33 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-02-12 17:33:33 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-02-12 17:33:33 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-02-12 17:33:32 43152 ----a-w- C:\Windows\avastSS.scr
2014-02-05 23:41:39 595968 ----a-w- C:\Windows\System32\qedit.dll
2014-02-05 23:37:51 496640 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-02-04 19:38:34 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2014-02-04 19:38:32 524016 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2014-02-04 19:38:32 421616 ----a-w- C:\Windows\System32\SynTPCo19.dll
2014-02-04 19:38:32 251632 ----a-w- C:\Windows\System32\SynTPAPI.dll
2014-02-04 19:38:32 169712 ----a-w- C:\Windows\SysWow64\SynTPCom.dll
2014-02-04 19:38:29 722160 ----a-w- C:\Windows\System32\SynCOM.dll
2014-02-04 19:38:29 400112 ----a-w- C:\Windows\SysWow64\SynCom.dll
2014-02-04 18:24:06 3692632 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2014-02-04 18:24:06 2810072 ----a-w- C:\Windows\System32\RtPgEx64.dll
2014-02-04 18:24:03 2587352 ----a-w- C:\Windows\System32\RtkAPO64.dll
2014-02-04 18:24:03 1021656 ----a-w- C:\Windows\System32\RtkApi64.dll
2014-02-04 18:24:01 617176 ----a-w- C:\Windows\System32\RtDataProc64.dll
2014-02-04 18:24:00 1286360 ----a-w- C:\Windows\System32\RTCOM64.dll
2014-02-04 18:23:58 37850112 ----a-w- C:\Windows\System32\RCoRes64.dat
2014-02-04 18:23:57 151256 ----a-w- C:\Windows\System32\RCoInstII64.dll
2014-02-04 18:23:28 113576 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2014-02-04 18:23:27 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2014-02-04 18:22:52 2080472 ----a-w- C:\Windows\RtlExUpd.dll
2014-01-31 17:29:54 9889352 ----a-w- C:\Windows\SysWow64\RtsP2StorIcon.dll
2014-01-31 17:29:54 290008 ----a-w- C:\Windows\System32\drivers\RtsP2Stor.sys
2014-01-31 00:48:33 1339392 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-01-31 00:06:01 1628160 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-01-22 07:52:10 206080 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-01-22 07:52:10 108800 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-01-12 23:30:39 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-01-12 23:30:18 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-01-12 20:12:58 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-01-12 20:12:58 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-01-12 20:12:58 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-01-12 20:12:45 44640 ----a-w- C:\Windows\System32\drivers\aswTap.sys
.
============= FINISH:  1:41:28,38 ===============
 
Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Please post up the attach.txt, tell us about any symptoms you have while using your computer and run the following tool:
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.

Link to post
Share on other sites

What I've noticed the last week is basically when I run several programs at once, like spotify, browser and word the computer runs slowly. Watching series online or listening to music gets really annoying since the sound or picture plays slowly or almost stops. All of this is new and the computer is only two months old. Not had the problem before now! 

 

I'll run the TDSS-Killer. Do you want me to post it in a post or attach the file itself ? 

 

 

 

Here's the attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 06.01.2014 18:15:10
System Uptime: 23.03.2014 16:34:39 (81 hours ago)
.
Motherboard: Hewlett-Packard |  | 216C
Processor: AMD A10-5745M APU with Radeon HD Graphics   | Socket FT1 | 1100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 911 GiB total, 845,202 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 1,913 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! SecureLine TAP Adapter v3
Device ID: ROOT\NET\0001
Manufacturer: TAP-Windows Provider V9
Name: avast! SecureLine TAP Adapter v3
PNP Device ID: ROOT\NET\0001
Service: aswTap
.
==== System Restore Points ===================
.
RP26: 23.03.2014 21:00:34 - ComboFix created restore point
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06) - Norsk
Adobe Shockwave Player 12.0
AMD Accelerated Video Transcoding
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
µTorrent
avast! Free Antivirus
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CyberLink LabelPrint
CyberLink Media Suite 10
Cyberlink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink YouCam
D3DX10
DisableMSDefender
Energy Star
Equalify v2.2.1 (Stable)
Fotogalleriet
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.2.3
HiJackThis
HP 3D DriveGuard
HP Connected Music (Meridian - installer)
HP CoolSense
HP Customer Experience Enhancements
HP Deskjet 3070 B611 series basisprogramvare
HP Deskjet 3070 B611 series Hjelp
HP Documentation
HP Photo Creations
HP Postscript Converter
HP Quick Start
HP Recovery Manager
HP Registration Service
HP Support Assistant
HP System Event Utility
HP Update
HP Utility Center
HP Wireless Button Driver
Java 7 Update 51 (64-bit)
Malwarebytes Anti-Malware versjon 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Office 365 Home Premium - nb-no
Microsoft OneDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
OEM Application Profile
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Opera Stable 20.0.1387.82
Photo Common
Photo Gallery
Produktforbedringsundersøkelse for HP Deskjet 3070 B611 series
Ralink Bluetooth Stack64
Ralink RT3290 802.11bgn Wi-Fi Adapter
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Spotify
swMSM
Synaptics Pointing Device Driver
Valokuvavalikoima
VLC media player 2.1.3
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Liven peruspaketti
WinPatrol
.
==== End Of File ===========================
Link to post
Share on other sites

No, thats ok.

 

 

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes Anti-Malware to your desktop. Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

[*]Click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Nothing on the Eset scan

 

 

MBAM Scan:

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Databaseversjon: v2014.03.28.05
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16843
MayG :: MAY [administrator]
 
28.03.2014 17:13:30
mbam-log-2014-03-28 (17-13-30).txt
 
Skanntype: Full skann (C:\|D:\|E:\|)
Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM
Deaktiverte skanninnstillinger: P2P
Objekter skannet: 410649
Tid tilbakelagt: 18 time®, 47 minutt(er), 43 sekund(er)
 
Minneprosesser oppdaget: 0
(Ingen skadelige objekter funnet)
 
Minnemoduler oppdaget: 0
(Ingen skadelige objekter funnet)
 
Registernøkler oppdaget: 0
(Ingen skadelige objekter funnet)
 
Registerverdier oppdaget: 0
(Ingen skadelige objekter funnet)
 
Registerfiler oppdaget: 0
(Ingen skadelige objekter funnet)
Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

# AdwCleaner v3.023 - Report created 01/04/2014 at 13:52:19

# Updated 01/04/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : MayG - MAY

# Running from : C:\Users\MayG\Downloads\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16843

 

 

*************************

 

AdwCleaner[R0].txt - [604 octets] - [01/04/2014 13:50:16]

AdwCleaner[s0].txt - [526 octets] - [01/04/2014 13:52:19]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [585 octets] ##########
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Windows 8 x64

Ran by MayG on 01.04.2014 at 13:58:29,37

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 01.04.2014 at 14:13:01,86

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.81  

   x64 (UAC is enabled)  

 Internet Explorer 10 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

Windows Defender   

avast! Antivirus   

 Antivirus out of date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Adobe Flash Player 12.0.0.77  

 Adobe Reader XI  

 Google Chrome 33.0.1750.149  

 Google Chrome 33.0.1750.154  

````````Process Check: objlist.exe by Laurent````````  

 WinPatrol winpatrol.exe 

 system32 AvastSvc.exe -?-   

 AVAST Software Avast AvastUI.exe  

 system32 AvastEmUpdate.exe -?-   

 BillP Studios WinPatrol WinPatrol.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Loooks like some stuff isn´t working properly:

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender



    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

Farbar Service Scanner Version: 25-02-2014

Ran by MayG (administrator) on 01-04-2014 at 14:57:23

Running from "C:\Users\MayG\Downloads"

Microsoft Windows 8  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is set to Demand. The default start type is Auto.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2014-01-08 05:24] - [2013-09-04 05:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

 

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2014-02-12 07:05] - [2013-11-01 07:53] - 2232664 ____A (Microsoft Corporation) DD4249F03598043DED6FA540EB14898A

 

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2014-01-15 07:59] - [2013-10-31 07:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D

 

C:\Windows\System32\bfe.dll

[2014-01-08 05:28] - [2013-10-10 11:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

 

C:\Windows\System32\drivers\mpsdrv.sys

[2014-01-15 07:59] - [2013-10-31 05:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F

 

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll

[2014-01-12 20:46] - [2013-10-09 00:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

 

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll

[2014-03-13 00:02] - [2013-10-25 00:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799

 

C:\Program Files\Windows Defender\MsMpEng.exe

[2014-03-13 00:01] - [2013-10-25 09:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF

 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

Link to post
Share on other sites

Windows Repair (all-in-one)

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

Link to post
Share on other sites

Microsoft Windows [Version 6.2.9200]

© 2012 Microsoft Corporation. Med enerett.

 

C:\Users\MayG\Desktop>

CD /D C:\

 

C:\>

chkdsk C:

 

The type of the file system is NTFS.

 

The volume is in use by another process. Chkdsk

might report errors when no corruption is present.

 

Volume label is Windows.

 

WARNING!  F parameter not specified.

Running CHKDSK in read-only mode.

 

 

CHKDSK is verifying files (stage 1 of 3)...

 

0 percent complete. (0 of 344832 file records processed)     

 

1 percent complete. (34484 of 344832 file records processed)     

 

2 percent complete. (68967 of 344832 file records processed)     

 

3 percent complete. (103450 of 344832 file records processed)     

 

4 percent complete. (137933 of 344832 file records processed)     

 

5 percent complete. (172416 of 344832 file records processed)     

 

6 percent complete. (206900 of 344832 file records processed)     

 

7 percent complete. (241383 of 344832 file records processed)     

 

8 percent complete. (275866 of 344832 file records processed)     

 

9 percent complete. (310349 of 344832 file records processed)     

 

344832 file records processed.                                         

 

File verification completed.

 

2778 large file records processed.                                   

 

  0 bad file records processed.                                     

 

 

CHKDSK is verifying indexes (stage 2 of 3)...

 

11 percent complete. (6130 of 422442 index entries processed)    

 

12 percent complete. (13186 of 422442 index entries processed)    

 

13 percent complete. (20242 of 422442 index entries processed)    

 

14 percent complete. (27297 of 422442 index entries processed)    

 

15 percent complete. (34353 of 422442 index entries processed)    

 

16 percent complete. (41409 of 422442 index entries processed)    

 

17 percent complete. (48464 of 422442 index entries processed)    

 

18 percent complete. (55520 of 422442 index entries processed)    

 

19 percent complete. (62576 of 422442 index entries processed)    

 

20 percent complete. (69632 of 422442 index entries processed)    

 

21 percent complete. (76687 of 422442 index entries processed)    

 

22 percent complete. (83743 of 422442 index entries processed)    

 

23 percent complete. (90799 of 422442 index entries processed)    

 

24 percent complete. (97854 of 422442 index entries processed)    

 

25 percent complete. (104910 of 422442 index entries processed)    

 

26 percent complete. (111966 of 422442 index entries processed)    

 

27 percent complete. (119021 of 422442 index entries processed)    

 

28 percent complete. (126077 of 422442 index entries processed)    

 

29 percent complete. (133133 of 422442 index entries processed)    

 

30 percent complete. (140189 of 422442 index entries processed)    

31 percent complete. (147244 of 422442 index entries processed)    

 

32 percent complete. (154300 of 422442 index entries processed)    

 

33 percent complete. (161356 of 422442 index entries processed)    

 

34 percent complete. (168411 of 422442 index entries processed)    

 

35 percent complete. (175467 of 422442 index entries processed)    

 

36 percent complete. (182523 of 422442 index entries processed)    

 

37 percent complete. (189578 of 422442 index entries processed)    

 

38 percent complete. (196634 of 422442 index entries processed)    

 

39 percent complete. (203690 of 422442 index entries processed)    

 

40 percent complete. (210746 of 422442 index entries processed)    

 

41 percent complete. (217801 of 422442 index entries processed)    

 

42 percent complete. (224857 of 422442 index entries processed)    

 

43 percent complete. (231913 of 422442 index entries processed)    

 

44 percent complete. (238968 of 422442 index entries processed)    

 

45 percent complete. (246024 of 422442 index entries processed)    

 

46 percent complete. (253080 of 422442 index entries processed)    

 

47 percent complete. (260136 of 422442 index entries processed)    

 

48 percent complete. (267191 of 422442 index entries processed)    

 

49 percent complete. (274247 of 422442 index entries processed)    

50 percent complete. (281303 of 422442 index entries processed)    

 

51 percent complete. (288358 of 422442 index entries processed)    

 

52 percent complete. (295414 of 422442 index entries processed)    

 

53 percent complete. (302470 of 422442 index entries processed)    

54 percent complete. (309525 of 422442 index entries processed)    

55 percent complete. (316581 of 422442 index entries processed)    

 

56 percent complete. (323637 of 422442 index entries processed)    

57 percent complete. (330693 of 422442 index entries processed)    

 

58 percent complete. (337748 of 422442 index entries processed)    

59 percent complete. (344804 of 422442 index entries processed)    

 

59 percent complete. (345579 of 422442 index entries processed)    

 

60 percent complete. (351860 of 422442 index entries processed)    

 

61 percent complete. (358915 of 422442 index entries processed)    

 

62 percent complete. (365971 of 422442 index entries processed)    

 

63 percent complete. (373027 of 422442 index entries processed)    

 

64 percent complete. (380082 of 422442 index entries processed)    

 

422442 index entries processed.                                        

 

Index verification completed.

 

0 unindexed files scanned.                                        

 

  0 unindexed files recovered.                                      

 

 

 

CHKDSK is verifying security descriptors (stage 3 of 3)...

 

Security descriptor verification completed.

 

38806 data files processed.                                           

 

CHKDSK is verifying Usn Journal...

 

81 percent complete. (0 of 40828384 USN bytes processed)        

 

40828384 USN bytes processed.                                            

 

Usn Journal verification completed.

 

The Volume Bitmap is incorrect.

Windows has checked the file system and found problems.

Please run chkdsk /scan to find the problems and queue them for repair.

 

 955209727 KB total disk space.

  78105844 KB in 169878 files.

    125528 KB in 38807 indexes.

         0 KB in bad sectors.

 

481835 KB in use by the system.

     65536 KB occupied by the log file.

 876496520 KB available on disk.

 

      4096 bytes in each allocation unit.

 238802431 total allocation units on disk.

 219124130 allocation units available on disk.

 

 

C:\>
Link to post
Share on other sites

Could it be that I posted the wrong log ? And this is the one you wanted ? 

 

Sorry for the trouble, not that good with computers :) 

 
System Variables
--------------------------------------------------------------------------------
OS: Windows 8
OS Architecture: 64-bit
OS Version: 6.2.9200
OS Service Pack: 
Computer Name: MAY
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\MayG
Current Profile SID: S-1-5-21-1291676698-635018738-4242492724-1002
Current Profile Classes: S-1-5-21-1291676698-635018738-4242492724-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\MayG\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:10:21
 
Process Count: 75
Commit Total: 1,95 GB
Commit Limit: 14,44 GB
Commit Peak: 2,31 GB
Handle Count: 25017
Kernel Total: 347,33 MB
Kernel Paged: 278,41 MB
Kernel Non Paged: 68,92 MB
System Cache: 2,18 GB
Thread Count: 1057
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,19 GB
Memory Used: 1,61 GB(22,3245%)
Memory Avail.: 5,59 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,19 GB
Memory Used: 1,53 GB(21,3311%)
Memory Avail.: 5,66 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Start (01.04.2014 15:59:44)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (01.04.2014 15:59:44)
   Running Repair Under Current User Account
   Done (01.04.2014 15:59:56)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (01.04.2014 15:59:56)
   Running Repair Under System Account
   Done (01.04.2014 16:05:33)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (01.04.2014 16:05:33)
   Running Repair Under System Account
   Done (01.04.2014 16:07:18)
 
03 - Register System Files
   Start (01.04.2014 16:07:18)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:08:34)
 
04 - Repair WMI
   Start (01.04.2014 16:08:34)
   Running Repair Under Current User Account
   Done (01.04.2014 16:14:50)
 
05 - Repair Windows Firewall
   Start (01.04.2014 16:14:50)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:15:36)
 
06 - Repair Internet Explorer
   Start (01.04.2014 16:15:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:16:28)
 
07 - Repair MDAC/MS Jet
   Start (01.04.2014 16:16:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:16:46)
 
08 - Repair Hosts File
   Start (01.04.2014 16:16:46)
   Running Repair Under System Account
   Done (01.04.2014 16:16:48)
 
09 - Remove Policies Set By Infections
   Start (01.04.2014 16:16:48)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:16:53)
 
11 - Repair Icons
   Start (01.04.2014 16:16:53)
   Running Repair Under Current User Account
   Done (01.04.2014 16:16:55)
 
12 - Repair Winsock & DNS Cache
   Start (01.04.2014 16:16:56)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:17:12)
 
14 - Repair Proxy Settings
   Start (01.04.2014 16:17:12)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:17:17)
 
16 - Repair Windows Updates
   Start (01.04.2014 16:17:17)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:17:54)
 
17 - Repair CD/DVD Missing/Not Working
   Start (01.04.2014 16:17:54)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (01.04.2014 16:17:55)
 
18 - Repair Volume Shadow Copy Service
   Start (01.04.2014 16:17:55)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:08)
 
20 - Repair MSI (Windows Installer)
   Start (01.04.2014 16:18:08)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:22)
 
22.01 - Repair bat Association
   Start (01.04.2014 16:18:22)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:27)
 
22.02 - Repair cmd Association
   Start (01.04.2014 16:18:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:32)
 
22.03 - Repair com Association
   Start (01.04.2014 16:18:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:37)
 
22.04 - Repair Directory Association
   Start (01.04.2014 16:18:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:42)
 
22.05 - Repair Drive Association
   Start (01.04.2014 16:18:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:46)
 
22.06 - Repair exe Association
   Start (01.04.2014 16:18:47)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:51)
 
22.07 - Repair Folder Association
   Start (01.04.2014 16:18:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:18:56)
 
22.08 - Repair inf Association
   Start (01.04.2014 16:18:56)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:01)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (01.04.2014 16:19:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:06)
 
22.10 - Repair msc Association
   Start (01.04.2014 16:19:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:11)
 
22.11 - Repair reg Association
   Start (01.04.2014 16:19:11)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:16)
 
22.12 - Repair scr Association
   Start (01.04.2014 16:19:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:21)
 
23 - Repair Windows Safe Mode
   Start (01.04.2014 16:19:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:26)
 
24 - Repair Print Spooler
   Start (01.04.2014 16:19:26)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:19:43)
 
25 - Restore Important Windows Services
   Start (01.04.2014 16:19:44)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:20:16)
 
26 - Set Windows Services To Default Startup
   Start (01.04.2014 16:20:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (01.04.2014 16:20:25)
 
27 - Repair Windows 8 App Store
   Start (01.04.2014 16:20:25)
   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (01.04.2014 16:20:59)
 
28 - Repair Windows 8 Component Store
   Start (01.04.2014 16:20:59)
   Running Repair Under Current User Account
   Done (01.04.2014 17:40:35)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (01.04.2014 17:40:35)
   Total Repair Time: 01:40:53
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
Link to post
Share on other sites

Farbar Service Scanner Version: 25-02-2014

Ran by MayG (administrator) on 01-04-2014 at 20:24:39

Running from "C:\Users\MayG\Downloads"

Microsoft Windows 8  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is set to Demand. The default start type is Auto.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2014-01-08 05:24] - [2013-09-04 05:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

 

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2014-02-12 07:05] - [2013-11-01 07:53] - 2232664 ____A (Microsoft Corporation) DD4249F03598043DED6FA540EB14898A

 

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2014-01-15 07:59] - [2013-10-31 07:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D

 

C:\Windows\System32\bfe.dll

[2014-01-08 05:28] - [2013-10-10 11:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

 

C:\Windows\System32\drivers\mpsdrv.sys

[2014-01-15 07:59] - [2013-10-31 05:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F

 

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll

[2014-01-12 20:46] - [2013-10-09 00:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

 

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll

[2014-03-13 00:02] - [2013-10-25 00:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799

 

C:\Program Files\Windows Defender\MsMpEng.exe

[2014-03-13 00:01] - [2013-10-25 09:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF

 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

Link to post
Share on other sites

Right click "Computer", select "Manage".

Navigate to and expand "services".

 

There, search for Windows Updates.

 

Right click the entry and select "Properties".

 

In the windows, change the start type of the service to "automatic".

 

Hit OK, reboot your computer and provide a new FSS log. :)

Link to post
Share on other sites

Farbar Service Scanner Version: 25-02-2014

Ran by MayG (administrator) on 01-04-2014 at 20:50:42

Running from "C:\Users\MayG\Downloads"

Microsoft Windows 8  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Attempt to access Yahoo.com returned error: Yahoo.com is unreachable

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2014-01-08 05:24] - [2013-09-04 05:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

 

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2014-02-12 07:05] - [2013-11-01 07:53] - 2232664 ____A (Microsoft Corporation) DD4249F03598043DED6FA540EB14898A

 

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2014-01-15 07:59] - [2013-10-31 07:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D

 

C:\Windows\System32\bfe.dll

[2014-01-08 05:28] - [2013-10-10 11:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

 

C:\Windows\System32\drivers\mpsdrv.sys

[2014-01-15 07:59] - [2013-10-31 05:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F

 

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll

[2014-01-12 20:46] - [2013-10-09 00:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

 

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll

[2014-03-13 00:02] - [2013-10-25 00:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799

 

C:\Program Files\Windows Defender\MsMpEng.exe

[2014-03-13 00:01] - [2013-10-25 09:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF

 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

Link to post
Share on other sites

Your system is clean! :)

 

 

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

  1. Please download IE 11 from here
  2. Save it to your desktop.
  3. Double click on the file on your desktop to start the installation process.
  4. Reboot

 

 

 

Also, please update your avast! antivirus.

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.