Jump to content

justmeee

Members
  • Posts

    17
  • Joined

  • Last visited

Reputation

0 Neutral
  1. MrC helped Me! Thank you

  2. I'll do those in the morning Thanks again so much!!
  3. Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Internet Security 2014 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 JavaFX 2.1.1 Java 6 Update 14 Java 7 Update 45 Adobe Flash Player 11.7.700.202 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (26.0) Google Chrome 31.0.1650.57 Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
  4. They're gone!! It must have been nortons all along lol I wish I uninstalled it properly before, but my computers had a big clean up at least Thank you so much mrc you are awesome comp wizard
  5. Yes I did. I was going to ask about that part of the log but since you didn't say anything I thought it was ok... I uninstalled nortons, it's not in my programs and features or desktop I disabled windows defender like I said I kept avg
  6. And my laptops running pretty well like normal, it's a tiny bit slow on the internet but that's probably just my connection.
  7. Sorry it took ages to reply Here's the AdwCleaner log # AdwCleaner v3.017 - Report created 13/01/2014 at 20:41:59# Updated 12/01/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)# Username : Home - HOME# Running from : C:\Users\Home\Desktop\AdwCleaner (1).exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Home\AppData\Local\NativeMessagingFolder Deleted : C:\Users\Home\AppData\LocalLow\AVG Security Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v26.0 (en-GB) [ File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\t263i4zc.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11494 octets] - [27/11/2013 18:19:59]AdwCleaner[R1].txt - [1126 octets] - [13/01/2014 20:37:50]AdwCleaner[s0].txt - [11541 octets] - [27/11/2013 18:21:21]AdwCleaner[s1].txt - [1056 octets] - [13/01/2014 20:41:59] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1116 octets] ########## Here's the MBAM scan Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.01.13.03 Windows 7 Service Pack 1 x86 NTFSInternet Explorer 11.0.9600.16476Home :: HOME [administrator] 13/01/2014 8:51:50 PMmbam-log-2014-01-13 (20-51-50).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 346274Time elapsed: 1 hour(s), 50 minute(s), 32 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) That's awesome that you don't see rootkits I'm so relieved. But AVG still says I have 3 rootkits with these names Threat: Service function NtMapViewOfSection hook -> 0xFFFFFFFF8782F280 Severity: Medium State: Infected Threat: Service function NtCreateThreadEx hook -> 0xFFFFFFFF878517A0 Severity: Medium State: Infected Threat: Service function NtalpcConnectPort hook -> 0xFFFFFFFF869E5428 Severity: Medium State: Infected is it just picking up something it thinks is bad but actually isn't? Could that be it since the other programs haven't found anything?
  8. I found out a way to save to my desktop all I have to do is download it then drag it to my desktop from the download list, just in case someone else has that problem. And here's the log from aswmbr aswMBR version 0.9.9.1771 Copyright© 2011 AVAST SoftwareRun date: 2014-01-11 21:06:32-----------------------------21:06:32.983 OS Version: Windows 6.1.7601 Service Pack 121:06:32.983 Number of processors: 2 586 0x170A21:06:33.108 ComputerName: HOME UserName: Home21:06:38.942 Initialize success21:06:44.444 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-121:06:44.444 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 321:06:44.647 Disk 0 MBR read successfully21:06:44.647 Disk 0 MBR scan21:06:44.647 Disk 0 Windows VISTA default MBR code21:06:44.694 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 204821:06:44.694 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 293192 MB offset 307404821:06:45.042 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10552 MB offset 60353126421:06:45.072 Disk 0 scanning sectors +62514176021:06:45.692 Disk 0 scanning C:\windows\system32\drivers21:07:52.127 Service scanning21:08:27.180 Modules scanning21:08:40.409 Disk 0 trace - called modules:21:08:40.424 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 21:08:40.970 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x868d3ac8]21:08:40.970 3 CLASSPNP.SYS[88a0459e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85aad028]21:08:40.986 Scan finished successfully21:08:56.555 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"21:08:56.555 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"
  9. That was all there was in the notepad from top to bottom Should I run it again?
  10. Thanks that worked! Sorry it took a while to answer Here's what I got from combofix ComboFix 14-01-08.03 - Home 10/01/2014 20:02:08.1.2 - x86Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1913.1143 [GMT 11:00]Running from: C:\Users\Home\Desktop\ComboFix.exeAV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Windows\Downloaded Program Files\f3initialsetup1.0.1.1.infC:\windows\system32\CacheC:\windows\system32\Cache\26c630d098e22dd5.fbC:\windows\system32\Cache\272512937d9e61a4.fbC:\windows\system32\Cache\287204568329e189.fbC:\windows\system32\Cache\28bc8f716fd76a47.fbC:\windows\system32\Cache\2c53092c95605355.fbC:\windows\system32\Cache\31a0997e9a5b5eb3.fbC:\windows\system32\Cache\32c84fe32bb74d60.fbC:\windows\system32\Cache\3917078cb68ec657.fbC:\windows\system32\Cache\3d926535536943a5.fbC:\windows\system32\Cache\4da2557131712d98.fbC:\windows\system32\Cache\590ba23ce359fd0c.fbC:\windows\system32\Cache\610289e025a3ee9a.fbC:\windows\system32\Cache\651c5d3cdbfb8bd1.fbC:\windows\system32\Cache\6c59ac5e7e7a3ad0.fbC:\windows\system32\Cache\6d03dad1035885d3.fbC:\windows\system32\Cache\760ede6c908e56d7.fbC:\windows\system32\Cache\95f567698be8a182.fbC:\windows\system32\Cache\9673e99bffe78cbc.fbC:\windows\system32\Cache\a462ac06ec7459c6.fbC:\windows\system32\Cache\a8556537add6dfc5.fbC:\windows\system32\Cache\ad10a52aff5e038d.fbC:\windows\system32\Cache\c1fa887b03019701.fbC:\windows\system32\Cache\c4d28dca2e7648be.fbC:\windows\system32\Cache\c53864855be6162a.fbC:\windows\system32\Cache\d201ef9910cd39de.fbC:\windows\system32\Cache\d2e94710a5708128.fbC:\windows\system32\Cache\d79b9dfe81484ec4.fbC:\windows\system32\Cache\e702177d165e2429.fbC:\windows\system32\Cache\f998975c9cc711ee.fb ((((((((((((((((((((((((( Files Created from 2013-12-10 to 2014-01-10 ))))))))))))))))))))))))))))))) 2014-01-10 11:26:15 . 2014-01-10 11:30:06 -------- d-----w- C:\Users\Home\AppData\Local\temp2014-01-10 11:26:15 . 2014-01-10 11:26:15 -------- d-----w- C:\Users\hedev\AppData\Local\temp2014-01-10 11:26:15 . 2014-01-10 11:26:15 -------- d-----w- C:\Users\Default\AppData\Local\temp2014-01-07 09:56:22 . 2013-12-15 14:54:26 7760024 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{286DADF7-5A6E-4E6E-BF05-BCCB3C76618A}\mpengine.dll2014-01-03 06:43:43 . 2014-01-03 06:43:43 -------- d-----w- C:\Users\Home\AppData\Roaming\AVG20142014-01-03 06:43:09 . 2014-01-03 06:43:09 -------- d-----w- C:\Users\Home\AppData\Roaming\TuneUp Software2014-01-03 06:37:13 . 2014-01-03 06:43:49 -------- d-----w- C:\ProgramData\AVG20142014-01-03 06:30:26 . 2014-01-03 06:50:51 -------- d-----w- C:\windows\system32\config\systemprofile\AppData\Local\Avg20142014-01-03 06:12:33 . 2014-01-03 06:50:20 -------- d-----w- C:\Users\Home\AppData\Local\Avg20142014-01-03 06:12:33 . 2014-01-03 06:12:33 -------- d-----w- C:\Users\Home\AppData\Local\MFAData2013-12-22 14:16:34 . 2013-12-22 14:16:26 94632 ----a-w- C:\windows\system32\WindowsAccessBridge.dll2013-12-11 13:35:40 . 2013-10-19 01:36:59 159232 ----a-w- C:\windows\system32\imagehlp.dll2013-12-11 13:35:39 . 2013-10-12 02:04:36 121856 ----a-w- C:\windows\system32\wshom.ocx2013-12-11 13:35:39 . 2013-10-12 02:03:31 163840 ----a-w- C:\windows\system32\scrrun.dll2013-12-11 13:35:39 . 2013-10-12 01:15:48 141824 ----a-w- C:\windows\system32\wscript.exe2013-12-11 13:35:39 . 2013-10-12 01:15:48 126976 ----a-w- C:\windows\system32\cscript.exe2013-12-11 13:35:37 . 2013-11-12 02:07:29 2048 ----a-w- C:\windows\system32\tzres.dll2013-12-11 13:35:33 . 2013-10-30 01:27:28 2349056 ----a-w- C:\windows\system32\win32k.sys2013-12-11 13:35:32 . 2013-10-04 01:49:41 81408 ----a-w- C:\windows\system32\drivers\drmk.sys2013-12-11 13:35:32 . 2013-10-04 01:17:08 177152 ----a-w- C:\windows\system32\drivers\portcls.sys. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2014-01-07 05:42:36 . 2014-01-07 05:42:36 92672 ----a-w- C:\windows\system32\drivers\WUDFPf.sys.bak2014-01-07 05:42:36 . 2014-01-07 05:42:36 16384 ----a-w- C:\windows\system32\drivers\ws2ifsl.sys.bak2014-01-07 05:42:36 . 2014-01-07 05:42:36 132224 ----a-w- C:\windows\system32\drivers\WUDFRd.sys.bak2014-01-07 05:42:36 . 2014-01-07 05:42:36 106752 ----a-w- C:\windows\system32\drivers\zghsmdm.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 9728 ----a-w- C:\windows\system32\drivers\wfplwf.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 527064 ----a-w- C:\windows\system32\drivers\Wdf01000.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 47720 ----a-w- C:\windows\system32\drivers\WdfLdr.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 35968 ----a-w- C:\windows\system32\drivers\winusb.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 19008 ----a-w- C:\windows\system32\drivers\wimmount.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 14912 ----a-w- C:\windows\system32\drivers\wmilib.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:35 11264 ----a-w- C:\windows\system32\drivers\wmiacpi.sys.bak2014-01-07 05:42:35 . 2014-01-07 05:42:34 19024 ----a-w- C:\windows\system32\drivers\wd.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 63488 ----a-w- C:\windows\system32\drivers\wanarp.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 48128 ----a-w- C:\windows\system32\drivers\vwififlt.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 35328 ----a-w- C:\windows\system32\drivers\watchdog.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 21632 ----a-w- C:\windows\system32\drivers\wacompen.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 19968 ----a-w- C:\windows\system32\drivers\vwifibus.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 14336 ----a-w- C:\windows\system32\drivers\vwifimp.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:34 141904 ----a-w- C:\windows\system32\drivers\vsmraid.sys.bak2014-01-07 05:42:34 . 2014-01-07 05:42:33 245632 ----a-w- C:\windows\system32\drivers\volsnap.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 53328 ----a-w- C:\windows\system32\drivers\VIAAGP.SYS.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 53120 ----a-w- C:\windows\system32\drivers\volmgr.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 52736 ----a-w- C:\windows\system32\drivers\viac7.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 297040 ----a-w- C:\windows\system32\drivers\volmgrx.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 16976 ----a-w- C:\windows\system32\drivers\viaide.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:33 111616 ----a-w- C:\windows\system32\drivers\videoprt.sys.bak2014-01-07 05:42:33 . 2014-01-07 05:42:32 160128 ----a-w- C:\windows\system32\drivers\vhdmp.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 76288 ----a-w- C:\windows\system32\drivers\USBSTOR.SYS.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 32832 ----a-w- C:\windows\system32\drivers\vdrvroot.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 26112 ----a-w- C:\windows\system32\drivers\vgapnp.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 26112 ----a-w- C:\windows\system32\drivers\usbrpm.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 25088 ----a-w- C:\windows\system32\drivers\vga.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 24064 ----a-w- C:\windows\system32\drivers\usbuhci.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:32 146816 ----a-w- C:\windows\system32\drivers\usbvideo.sys.bak2014-01-07 05:42:32 . 2014-01-07 05:42:31 19968 ----a-w- C:\windows\system32\drivers\usbprint.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 86016 ----a-w- C:\windows\system32\drivers\usbcir.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 75776 ----a-w- C:\windows\system32\drivers\usbccgp.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 5888 ----a-w- C:\windows\system32\drivers\usbd.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 42496 ----a-w- C:\windows\system32\drivers\usbehci.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 284672 ----a-w- C:\windows\system32\drivers\usbport.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 258560 ----a-w- C:\windows\system32\drivers\usbhub.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 25856 ----a-w- C:\windows\system32\drivers\USBCAMD2.sys.bak2014-01-07 05:42:31 . 2014-01-07 05:42:31 20480 ----a-w- C:\windows\system32\drivers\usbohci.sys.bak2014-01-07 05:42:30 . 2014-01-07 05:42:30 8192 ----a-w- C:\windows\system32\drivers\umpass.sys.bak2014-01-07 05:42:30 . 2014-01-07 05:42:30 57424 ----a-w- C:\windows\system32\drivers\ULIAGPKX.SYS.bak2014-01-07 05:42:30 . 2014-01-07 05:42:30 39936 ----a-w- C:\windows\system32\drivers\umbus.sys.bak2014-01-07 05:42:30 . 2014-01-07 05:42:30 25856 ----a-w- C:\windows\system32\drivers\USBCAMD.sys.bak2014-01-07 05:42:30 . 2014-01-07 05:42:30 15872 ----a-w- C:\windows\system32\drivers\usb8023.sys.bak2014-01-07 05:42:30 . 2014-01-07 05:42:29 246784 ----a-w- C:\windows\system32\drivers\udfs.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 55888 ----a-w- C:\windows\system32\drivers\UAGP35.SYS.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 52224 ----a-w- C:\windows\system32\drivers\TsUsbFlt.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 31232 ----a-w- C:\windows\system32\drivers\tssecsrv.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 275536 ----a-w- C:\windows\system32\drivers\tos_sps32.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 23512 ----a-w- C:\windows\system32\drivers\TVALZ_O.SYS.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 12920 ----a-w- C:\windows\system32\drivers\TVALZFL.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:29 108544 ----a-w- C:\windows\system32\drivers\tunnel.sys.bak2014-01-07 05:42:29 . 2014-01-07 05:42:28 53120 ----a-w- C:\windows\system32\drivers\termdd.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 74752 ----a-w- C:\windows\system32\drivers\tdx.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 35328 ----a-w- C:\windows\system32\drivers\tcpipreg.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 24576 ----a-w- C:\windows\system32\drivers\tdtcp.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 22912 ----a-w- C:\windows\system32\drivers\tdcmdpst.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 21504 ----a-w- C:\windows\system32\drivers\tdi.sys.bak2014-01-07 05:42:28 . 2014-01-07 05:42:28 18432 ----a-w- C:\windows\system32\drivers\tdpipe.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 53632 ----a-w- C:\windows\system32\drivers\stream.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 25648 ----a-w- C:\windows\system32\drivers\SymIMV.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 24576 ----a-w- C:\windows\system32\drivers\tape.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 213552 ----a-w- C:\windows\system32\drivers\SynTP.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 1294272 ----a-w- C:\windows\system32\drivers\tcpip.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 124976 ----a-w- C:\windows\system32\drivers\SYMEVENT.SYS.bak2014-01-07 05:42:27 . 2014-01-07 05:42:27 12240 ----a-w- C:\windows\system32\drivers\swenum.sys.bak2014-01-07 05:42:27 . 2014-01-07 05:42:26 148864 ----a-w- C:\windows\system32\drivers\storport.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 5632 ----a-w- C:\windows\system32\drivers\StarOpen.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 21072 ----a-w- C:\windows\system32\drivers\stexstor.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 14976 ----a-w- C:\windows\system32\drivers\ss_bmdfl.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 121856 ----a-w- C:\windows\system32\drivers\ss_bmdm.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 12160 ----a-w- C:\windows\system32\drivers\ss_bwhnt.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:26 12160 ----a-w- C:\windows\system32\drivers\ss_bwh.sys.bak2014-01-07 05:42:26 . 2014-01-07 05:42:25 12160 ----a-w- C:\windows\system32\drivers\ss_bcmnt.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 90112 ----a-w- C:\windows\system32\drivers\ss_bbus.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 405504 ----a-w- C:\windows\system32\drivers\spsys.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 311808 ----a-w- C:\windows\system32\drivers\srv.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 310272 ----a-w- C:\windows\system32\drivers\srv2.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 17472 ----a-w- C:\windows\system32\drivers\spldr.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 12160 ----a-w- C:\windows\system32\drivers\ss_bcm.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:25 114688 ----a-w- C:\windows\system32\drivers\srvnet.sys.bak2014-01-07 05:42:25 . 2014-01-07 05:42:24 17408 ----a-w- C:\windows\system32\drivers\smclib.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 77888 ----a-w- C:\windows\system32\drivers\sisraid4.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 71168 ----a-w- C:\windows\system32\drivers\smb.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 52304 ----a-w- C:\windows\system32\drivers\SISAGP.SYS.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 40016 ----a-w- C:\windows\system32\drivers\sisraid2.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 13824 ----a-w- C:\windows\system32\drivers\sfloppy.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:24 12800 ----a-w- C:\windows\system32\drivers\sffp_sd.sys.bak2014-01-07 05:42:24 . 2014-01-07 05:42:23 12288 ----a-w- C:\windows\system32\drivers\sffp_mmc.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 83456 ----a-w- C:\windows\system32\drivers\serial.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 26624 ----a-w- C:\windows\system32\drivers\scfilter.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 20480 ----a-w- C:\windows\system32\drivers\secdrv.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 19968 ----a-w- C:\windows\system32\drivers\sermouse.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 17920 ----a-w- C:\windows\system32\drivers\serenum.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 140160 ----a-w- C:\windows\system32\drivers\scsiport.sys.bak2014-01-07 05:42:23 . 2014-01-07 05:42:23 11264 ----a-w- C:\windows\system32\drivers\sffdisk.sys.bak ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-06-11 19:08:00 1524056] [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}][HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1][HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}][HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-10 08:15:31 39408]"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-05-13 00:22:18 102400]"Akamai NetSession Interface"="C:\Users\Home\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 15:01:52 4489472]"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [2009-07-14 01:14:41 354304]"Messenger (Yahoo!)"="C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-24 18:25:02 6595928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="C:\windows\system32\igfxtray.exe" [2009-09-02 22:41:42 141848]"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2009-09-02 22:41:30 174104]"Persistence"="C:\windows\system32\igfxpers.exe" [2009-09-02 22:41:38 151064]"SVPWUTIL"="C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-10 03:38:06 352256]"HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 17:24:24 425984]"KeNotify"="C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 05:33:40 34088]"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 22:18:08 476512]"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 22:00:10 460088]"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 22:04:54 738616]"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 05:12:56 7625248]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 01:46:40 1545512]"SmartFaceVWatcher"="C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-07-29 16:19:44 163840]"Teco"="C:\Program Files\TOSHIBA\TECO\Teco.exe" [2009-08-10 18:56:38 1324384]"TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 02:17:06 611672]"ToshibaServiceStation"="C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 18:48:46 1294136]"TosWaitSrv"="C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-07 01:05:42 611672]"TWebCamera"="C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 19:37:50 2446648]"TosNC"="C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe" [2009-08-06 21:06:58 466792]"TosReelTimeMonitor"="C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-08-06 23:02:02 29528]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 00:10:28 35696]"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe" [2013-11-07 11:03:50 4956176] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"SPReview"="C:\windows\System32\SPReview\SPReview.exe" [2013-05-18 17:54:59 280576] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]@="FSFilter Activity Monitor" R2 avgfws;AVG Firewall;C:\Program Files\AVG\AVG2014\avgfws.exe [2013-09-23 14:35:44 1358944]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-11-11 11:02:14 3478544]R2 MBAMScheduler;MBAMScheduler;C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 04:50:32 418376]R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 04:50:32 701512]R2 Norton Internet Security;Norton Internet Security;C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-09-22 00:35:57 117648]R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\system32\DRIVERS\ewusbnet.sys [2008-04-17 04:37:00 100864]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe [2013-11-26 08:29:52 108032]R3 MBAMProtector;MBAMProtector;C:\windows\system32\drivers\mbam.sys [2013-04-04 04:50:32 22856]R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 01:04:58 24064]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys [2009-07-31 01:45:22 171520]R3 RtsUIR;Realtek IR Driver;C:\windows\system32\DRIVERS\Rts516xIR.sys [x]R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 00:01:26 90112]R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 00:01:26 14976]R3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 00:01:26 121856]R3 SYMNDISV;Symantec Network Filter Driver;C:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [x]R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 10:24:41 52224]R3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe [2010-02-25 22:29:13 1343400]R3 zghsmdm;ZTE General Handset USB Modem Proprietary;C:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-12 16:17:18 106752]S0 AVGIDSHX;AVGIDSHX;C:\windows\system32\DRIVERS\avgidshx.sys [2013-10-24 11:28:32 147768]S0 Avglogx;AVG Logging Driver;C:\windows\system32\DRIVERS\avglogx.sys [2013-10-31 11:30:08 222520]S0 Avgrkx86;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx86.sys [2013-09-09 13:43:20 27448]S0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS [2010-02-10 08:37:36 310320]S1 Avgdiskx;AVG Disk Driver;C:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 10:50:48 120600]S1 Avgfwfd;AVG network filter service;C:\windows\system32\DRIVERS\avgfwd6x.sys [2013-09-25 23:00:38 47928]S1 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 10:57:30 209176]S1 AVGIDSShim;AVGIDSShim;C:\windows\system32\DRIVERS\avgidsshimx.sys [2013-09-16 13:57:26 22840]S1 Avgldx86;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx86.sys [2013-10-31 12:00:28 176952]S1 Avgtdix;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 05:08:52 193848]S1 avgtp;avgtp;C:\windows\system32\drivers\avgtpx86.sys [2013-03-12 12:57:26 33112]S1 BHDrvx86;Symantec Heuristics Driver;C:\windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys [2010-01-20 21:18:24 259632]S1 ccHP;Symantec Hash Provider;C:\windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys [2011-11-12 09:35:15 467592]S1 IDSVix86;IDSVix86;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100310.001\IDSvix86.sys [2009-10-28 22:37:22 343088]S2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe [2009-07-14 01:14:41 20992]S2 avgwd;AVG WatchDog;C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-23 14:33:08 348008]S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-07-18 03:52:38 181616]S2 ConfigFree Service;ConfigFree Service;C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 02:51:20 46448]S2 FsUsbExService;FsUsbExService;C:\windows\system32\FsUsbExService.Exe [2009-05-11 00:04:34 233472]S2 RSELSVC;TOSHIBA Modem region select service;C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe [2009-07-07 17:37:32 62832]S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-08-10 18:57:12 181616]S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 03:31:08 12920]S3 FsUsbExDisk;FsUsbExDisk;C:\windows\system32\FsUsbExDisk.SYS [2009-05-11 00:04:34 36608]S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 06:52:04 167936]S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys [2009-08-28 06:19:22 859136]S3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 18:48:42 51512]S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 02:16:32 111960]S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 01:04:56 685424] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai Contents of the 'Scheduled Tasks' folder 2014-01-10 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-26 21:54:40 . 2010-02-26 21:54:34] 2014-01-10 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-26 21:54:40 . 2010-02-26 21:54:34] 2013-12-11 C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2295289776-1584613149-1216759775-1005Core1cef6115df4f445.job- C:\Users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 05:57:55 . 2012-02-02 05:57:52]
  11. I have a problem with ComboFix because it's not giving me the option to save to my desktop, a warning like this pops up - If I click yes, it skips straight to the terms of combofix and the guide says if I click accept, the scan will start straight from my browser. So I turned of user account control warnings and now when I click CF download it still goes straight to the terms and doesn't give me a chance to save to my desktop like I should.? The same thing happened with TDSSkiller Sorry to post a picture
  12. I deleted nortons and disabled windows defender Log number 1 14:02:27.0317 0x15e8 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50 14:02:44.0870 0x15e8 ============================================================ 14:02:44.0870 0x15e8 Current date / time: 2014/01/08 14:02:44.0870 14:02:44.0870 0x15e8 SystemInfo: 14:02:44.0870 0x15e8 14:02:44.0870 0x15e8 OS Version: 6.1.7601 ServicePack: 1.0 14:02:44.0870 0x15e8 Product type: Workstation 14:02:44.0870 0x15e8 ComputerName: HOME 14:02:44.0871 0x15e8 UserName: Home 14:02:44.0871 0x15e8 Windows directory: C:\windows 14:02:44.0871 0x15e8 System windows directory: C:\windows 14:02:44.0871 0x15e8 Processor architecture: Intel x86 14:02:44.0871 0x15e8 Number of processors: 2 14:02:44.0871 0x15e8 Page size: 0x1000 14:02:44.0871 0x15e8 Boot type: Normal boot 14:02:44.0871 0x15e8 ============================================================ 14:02:46.0670 0x15e8 KLMD registered as C:\windows\system32\drivers\39165256.sys 14:02:47.0245 0x15e8 System UUID: {3CC295B1-8EE9-EAD2-1B77-993F70FD4CE2} 14:02:48.0955 0x15e8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:02:48.0976 0x15e8 ============================================================ 14:02:48.0976 0x15e8 \Device\Harddisk0\DR0: 14:02:48.0976 0x15e8 MBR partitions: 14:02:48.0976 0x15e8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23CA4000 14:02:48.0976 0x15e8 ============================================================ 14:02:49.0280 0x15e8 C: <-> \Device\Harddisk0\DR0\Partition1 14:02:49.0454 0x15e8 ============================================================ 14:02:49.0454 0x15e8 Initialize success 14:02:49.0454 0x15e8 ============================================================ 14:07:15.0757 0x1030 KLMD registered as C:\windows\system32\drivers\84076726.sys 14:07:19.0238 0x1030 Deinitialize success Log 2 TDSSKiller.3.0.0.19_08.01.2014_14.24.56_log.txt
  13. RogueKiller V8.8.0 [Dec 27 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : Home [Admin rights] Mode : Scan -- Date : 01/07/2014 16:42:40 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-26ZCT0 +++++ --- User --- [MBR] a24d33ff16620d0ed509f30f8557ff09 [bSP] 23971975f79e669eeef006383044733c : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 293192 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 603531264 | Size: 10552 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_01072014_164240.txt >>
  14. Sorry I'm kind of stuffing this up and I can't edit my post I just downloaded the 32 bit roguekiller and it started to scan right away, I use windows 7, is it ok to let it scan right away after it gives the warning -allow this program to make changes to your hard drive - and clicking yes? It doesn't download to my desktop and I don't get a chance to close my programs or turn off the internet
  15. Thanks for replying I'll get to it but first I don't know if I have any illegal software like the warning said?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.