Jump to content

rohitshakti

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. rohitshakti
    I scanned the PC with combofix software and its report is given below for information and further help to resolve the problem. ComboFix 15-03-25.01 - acer 03/26/2015 15:21:40.2.8 - x64Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3892.2625 [GMT 5.5:30]Running from: c:\users\acer\Desktop\ComboFix.exeAV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\ntuser.pol.---- Previous Run -------.c:\windows\BACKUP.35305634.inst_tsp.exec:\windows\BACKUP.91894146.killproc.exec:\windows\BACKUP.99389272.inst_tspx.exe.Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected Restored copy from - c:\windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe ..((((((((((((((((((((((((( Files Created from 2015-02-26 to 2015-03-26 )))))))))))))))))))))))))))))))..2015-03-26 09:54 . 2015-03-26 09:57 -------- d-----w- c:\users\acer\AppData\Local\temp2015-03-26 09:54 . 2015-03-26 09:54 -------- d-----w- c:\users\Default\AppData\Local\temp2015-03-26 09:54 . 2015-03-26 09:54 -------- d-----w- c:\users\Administrator\AppData\Local\temp2015-03-26 09:14 . 2015-03-26 09:15 47493120 ----a-w- c:\program files (x86)\GUTB6EC.tmp2015-03-26 09:14 . 2015-03-26 09:14 -------- d-----w- c:\program files (x86)\GUMB6DB.tmp2015-03-26 08:17 . 2015-03-26 08:35 -------- d-----w- C:\FRST2015-03-26 06:33 . 2015-03-26 09:49 -------- d-----w- c:\users\acer\AppData\Local\ElevatedDiagnostics2015-03-26 05:47 . 2015-03-26 05:47 -------- d-----w- c:\programdata\McAfee Security Scan2015-03-26 05:47 . 2015-03-26 05:47 -------- d-----w- c:\programdata\McAfee2015-03-26 05:47 . 2015-03-26 05:47 -------- d-----w- c:\program files (x86)\McAfee Security Scan2015-03-26 05:39 . 2015-03-26 07:32 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2015-03-26 05:38 . 2015-03-17 00:45 64216 ----a-w- c:\windows\system32\drivers\mwac.sys2015-03-26 05:38 . 2015-03-17 00:45 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2015-03-26 05:38 . 2015-03-17 00:45 25816 ----a-w- c:\windows\system32\drivers\mbam.sys2015-03-26 05:23 . 2015-03-26 05:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2015-03-26 04:55 . 2015-03-26 04:55 -------- d-----w- c:\program files\CCleaner2015-03-26 03:34 . 2015-03-26 03:34 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin2015-03-26 03:28 . 2015-03-26 03:28 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys2015-03-26 03:24 . 2015-02-05 05:00 364512 ----a-w- c:\windows\system32\aswBoot.exe2015-03-26 03:20 . 2015-03-26 03:20 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp2015-03-25 08:34 . 2015-03-25 08:34 -------- d-----w- c:\users\acer\AppData\Roaming\AVAST Software2015-03-25 07:25 . 2015-03-25 07:25 -------- d-----w- c:\users\acer\AppData\Roaming\Nero2015-03-25 03:40 . 2015-03-26 05:00 -------- d-----w- c:\users\acer\AppData\Local\CrashDumps2015-03-24 11:28 . 2015-03-24 11:28 -------- d-----w- c:\program files (x86)\Kaspersky Lab2015-03-24 11:28 . 2015-03-25 09:59 -------- d-----w- c:\programdata\Kaspersky Lab2015-03-24 08:55 . 2015-03-24 08:55 -------- d-----w- c:\program files\Enigma Software Group2015-03-24 08:43 . 2015-03-24 11:31 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files2015-03-24 08:22 . 2015-03-24 08:22 -------- d-----w- C:\NPE2015-03-24 08:08 . 2015-03-25 11:22 -------- d-----w- c:\programdata\Norton2015-03-24 08:08 . 2015-03-25 04:31 -------- d-----w- c:\users\acer\AppData\Local\NPE2015-03-24 03:38 . 2015-03-24 03:38 -------- d-----w- c:\program files\HitmanPro2015-03-23 11:10 . 2015-03-23 11:10 -------- d-----w- c:\users\acer\.android2015-03-23 09:40 . 2015-03-23 09:40 -------- d-s---w- c:\windows\SysWow64\Microsoft2015-03-23 09:19 . 2015-03-24 08:53 -------- d-----w- c:\programdata\HitmanPro2015-03-23 09:00 . 2015-03-24 03:48 -------- d-----w- C:\AdwCleaner2015-03-23 05:23 . 2015-03-23 05:23 -------- d-----w- c:\users\Administrator\AppData\Local\Avg20152015-03-23 05:23 . 2015-03-23 05:23 -------- d-----w- c:\users\Administrator\AppData\Local\Mozilla2015-03-23 04:14 . 2015-03-25 11:22 -------- d-----w- c:\programdata\Avg_Update_0215pit2015-03-20 11:33 . 2015-03-20 11:33 -------- d-----w- c:\users\acer\AppData\Local\Mozilla2015-03-20 10:45 . 2015-03-20 10:45 -------- d-----w- c:\users\acer\AppData\Roaming\AVG20152015-03-20 10:42 . 2015-03-20 10:42 -------- d-----w- c:\users\acer\AppData\Roaming\TuneUp Software2015-03-20 10:41 . 2015-03-20 10:43 -------- d-----w- c:\programdata\AVG20152015-03-20 10:41 . 2015-03-20 10:41 -------- d-----w- C:\$AVG2015-03-20 10:40 . 2015-03-24 11:09 -------- d-----w- c:\program files (x86)\AVG2015-03-20 10:25 . 2015-03-25 11:22 -------- d-----w- c:\programdata\MFAData2015-03-20 10:25 . 2015-03-20 11:42 -------- d-----w- c:\users\acer\AppData\Local\Avg20152015-03-20 10:25 . 2015-03-20 10:25 -------- d--h--w- c:\programdata\Common Files2015-03-20 10:25 . 2015-03-20 10:25 -------- d-----w- c:\users\acer\AppData\Local\MFAData2015-03-19 10:19 . 2015-03-19 10:19 -------- d-----w- c:\users\acer\AppData\Local\Deployment2015-03-19 10:19 . 2015-03-19 10:19 -------- d-----w- c:\users\acer\AppData\Local\Apps2015-03-19 05:19 . 2015-03-26 05:38 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware2015-03-19 05:19 . 2015-03-26 05:23 -------- d-----w- c:\programdata\Malwarebytes2015-03-18 15:13 . 2015-03-18 15:13 -------- d-----w- c:\windows\system32\Logs2015-03-18 15:06 . 2015-03-25 11:16 -------- d-s---w- c:\windows\system32\CompatTel2015-03-17 07:29 . 2015-03-06 05:48 452608 ------w- c:\windows\SysWow64\SHCore.dll2015-03-13 11:32 . 2015-03-25 11:24 -------- d-----w- c:\program files\Everything2015-03-05 12:02 . 2015-03-05 12:02 -------- d-----w- C:\AVAST Software2015-03-05 09:08 . 2015-03-05 10:32 -------- d-----w- C:\FFOutput2015-03-05 09:04 . 2015-03-05 09:04 -------- d-----w- c:\program files (x86)\FreeTime2015-03-03 05:06 . 2015-03-03 05:06 -------- d-----w- c:\users\acer\AppData\Roaming\Foxit Software2015-03-03 05:06 . 2015-03-03 05:06 -------- d-----w- c:\program files (x86)\Foxit Software2015-02-28 03:06 . 2015-02-28 03:06 -------- d-----w- c:\users\acer\ultracopier2015-02-28 03:05 . 2015-03-26 02:09 -------- d-----w- c:\program files\Supercopier...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2015-03-26 03:24 . 2015-02-05 05:00 83280 ----a-w- c:\windows\system32\drivers\aswmonflt.sys2015-02-23 03:45 . 2015-02-23 03:45 118 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat2015-02-06 02:20 . 2015-02-06 02:20 425 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat2015-02-05 10:09 . 2015-02-05 10:09 454416 ----a-w- c:\windows\system32\drivers\IntcDAud.sys2015-02-05 10:09 . 2015-02-05 10:09 2990808 ----a-w- c:\windows\system32\drivers\RTWlanU.sys2015-02-05 10:08 . 2015-02-05 10:08 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys2015-02-05 09:55 . 2015-02-05 09:55 2893824 ----a-w- c:\windows\system32\msmpeg2vdec.dll2015-02-05 09:55 . 2015-02-05 09:55 2400256 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll2015-02-05 09:45 . 2015-02-05 09:45 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS2015-02-05 05:00 . 2015-02-05 05:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2015-02-05 05:00 . 2015-02-05 05:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2015-02-05 05:00 . 2015-02-05 05:00 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys2015-02-05 05:00 . 2015-02-05 05:00 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys2015-02-05 05:00 . 2015-02-05 05:00 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys2015-02-05 05:00 . 2015-02-05 05:00 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys2015-02-05 05:00 . 2015-02-05 05:00 43152 ----a-w- c:\windows\avastSS.scr2015-01-30 12:57 . 2014-06-12 11:55 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll2015-01-30 12:57 . 2014-06-12 11:55 319912 ----a-w- c:\windows\system32\javaws.exe2015-01-30 12:57 . 2014-06-12 11:55 191400 ----a-w- c:\windows\system32\javaw.exe2015-01-30 12:57 . 2014-06-12 11:55 190888 ----a-w- c:\windows\system32\java.exe2015-01-30 10:41 . 2015-01-30 10:41 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys2015-01-29 07:46 . 2015-01-29 06:41 3698408 ----a-w- c:\windows\SysWow64\asapsdk.dll2015-01-29 07:46 . 2015-01-29 06:41 1651432 ----a-w- c:\windows\SysWow64\contfilt.dll2015-01-29 07:46 . 2015-01-29 06:41 180968 ----a-w- c:\windows\SysWow64\mwnsp64.dll2015-01-29 07:46 . 2015-01-29 06:40 1681640 ----a-w- c:\windows\SysWow64\mwtsp64.dll2015-01-29 07:46 . 2015-01-29 06:41 173288 ----a-w- c:\windows\SysWow64\mwnsp.dll2015-01-29 07:46 . 2015-01-29 06:40 1377512 ----a-w- c:\windows\SysWow64\mwtsp.dll2015-01-29 07:46 . 2015-01-29 06:40 238312 ----a-w- c:\windows\inst_tspx.exe2015-01-29 07:46 . 2015-01-29 06:40 95976 ----a-w- c:\windows\inst_tsp.exe2015-01-29 07:46 . 2015-01-29 07:46 350160 ----a-w- c:\windows\system32\drivers\trufos.sys2015-01-29 07:45 . 2015-01-29 07:45 158 ----a-w- c:\windows\ERS.BAT2015-01-29 07:45 . 2015-01-29 06:41 1982184 ----a-w- c:\windows\system32\test2.exe2015-01-29 07:44 . 2015-01-29 06:41 1891048 ----a-w- c:\windows\SysWow64\contf64.dll2015-01-29 07:44 . 2015-01-29 06:41 80616 ----a-w- c:\windows\killproc.exe2015-01-29 06:42 . 2015-01-29 06:42 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll2015-01-29 06:42 . 2015-01-29 06:42 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll2015-01-29 06:42 . 2015-01-29 06:42 572928 ----a-w- c:\windows\SysWow64\msvcp90.dll2015-01-29 06:42 . 2015-01-29 06:42 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll2015-01-29 06:41 . 2015-01-29 06:41 3800 ----a-w- c:\windows\winsbak.reg2015-01-29 06:41 . 2015-01-29 06:41 139004 ----a-w- c:\windows\winsbak2.reg2015-01-29 06:40 . 2015-01-29 06:40 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin2015-01-29 06:40 . 2015-01-29 06:40 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin2015-01-29 06:32 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2014-12-31 07:42 . 2015-02-05 07:48 113365784 ----a-w- c:\windows\system32\MRT.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]"ultracopier"="c:\program files\Supercopier\supercopier.exe" [2014-02-19 1089024]"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2014-04-03 134616]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-26 5227648]"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-02-03 847576].c:\users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eyecare_0.8.lnk - c:\program files (x86)\Eyecare\eyecare_0.8.exe [2009-11-5 878563].c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2015-1-30 848384].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"PromptOnSecureDesktop"= 0 (0x0)"ConsentPromptBehaviorAdmin"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0)"EnableCursorSuppression"= 1 (0x1)"ConsentPromptBehaviorUser"= 3 (0x3)"SoftwareSASGeneration"= 1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]@="Service".R2 IMFservice;IMF Service; [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]R2 StartMenuService;StartMenu8 Service; [x]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe;c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [x]R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [x]R3 RegFilter;RegFilter; [x]R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]R3 UrlFilter;UrlFilter; [x]R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]R4 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]R4 FileMonitor;FileMonitor; [x]R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys;c:\windows\SYSNATIVE\DRIVERS\jswpslwfx.sys [x]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]S2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]S3 e1dexpress;Intel® PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d63x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d63x64.sys [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2015-03-26 09:14 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2015-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29 07:19].2015-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29 07:19].2015-03-26 c:\windows\Tasks\Uninstaller_SkipUac_acer.job- c:\program files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-02-05 09:45]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]2015-02-05 09:42 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2015-02-05 05:00 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-05-09 13672152]"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2014-08-04 36352].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://acer13.msn.commStart Page = https://www.google.com/?trackid=sp-006mSearch Bar = https://www.google.com/?trackid=sp-006IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000Trusted Zone: dataservice.net.inTrusted Zone: mastermarts.com\directTCP: DhcpNameServer = 91.194.254.105 8.8.8.8.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Wow6432Node-HKU-Default-Run-Advanced SystemCare 8 - c:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exeToolbar-Locked - (no file)...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone)@SACL=(02 0000).------------------------ Other Running Processes ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exec:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exec:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exec:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe.**************************************************************************.Completion time: 2015-03-26 15:31:32 - machine was rebootedComboFix-quarantined-files.txt 2015-03-26 10:01.Pre-Run: 191,225,864,192 bytes freePost-Run: 191,250,915,328 bytes free.- - End Of File - - E9225FCF471C72A146121DC7C001947EA36C5E4F47E84449FF07ED3517B43A31
  2. rohitshakti
    I am using Windows 8 on my PC. When I go online I am getting adult popups on my PC web pages. Whatever I click or whatever I do, this pop up keeps on coming and mostly on every new page or site, sometimes in the middle of the website but mostly on the right side. This virus also blocks my internet many a times a day and is making my PC extremely slow. I was earlier using AVG antivirus but after these popup coming I switched to anti-malware and avg internet security. But AVG was not able to detect it, but anti-malware is able to detect it sometimes and it shows it as Trojen.DNSchanger malware/virus but is not able to delete it. It only quantries it but it is still coming up. It is shown somewhere in registry files. I now run antimalwarebytes in safe mode and removed the virus and then did run the antivirus and antimalwarebytes and it is now not showing any virus but it is still poping up and also some of the times if I click a link on any website, it converts that link to an ad or takes me to a adult site. Currently my internet is working after that removal done in safe mode but the malware is still present in PC. I am enclosing the txt files generated and below is the link from where I have taken the help till now (just for info.) http://www.digit.in/forum/software-q/190653-unwanted-adult-popup-coming-up-while-browsing-2.html#post2212954 Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.