Jump to content

Running Malwarebytes caused internet failure. Fixed, but cannot use League of Legends, Steam, etc.

blue8

By blue8
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 93
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Okay, please run the combofix one more time then if I have time tomorrow I'll check on that and look at getting you some other instructons for in place repair.
 
 

  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Run Disk Check in Windows 7

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8
 

Check the Automatically fix file system errors box.
Check the Scan for and attempt recovery of bad sectors box.

 

 

When done running a FULL disk check to scan and repair sectors please find the Event Log entry and post back the results.

Link to post
Share on other sites
blue8

blue8

Posted
  • Author
Posted

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 3)...
  1990656 file records processed.                                          File verification completed.
  5722 large file records processed.                                      0 bad file records processed.                                        0 EA records processed.                                              44 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 3)...
  2063596 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 3)...
  1990656 file SDs/SIDs processed.                                         Cleaning up 47 unused index entries from index $SII of file 0x9.
Cleaning up 47 unused index entries from index $SDH of file 0x9.
Cleaning up 47 unused security descriptors.
Security descriptor verification completed.
  36471 data files processed.                                            CHKDSK is verifying Usn Journal...
  34239488 USN bytes processed.                                             Usn Journal verification completed.
Windows has checked the file system and found no problems.

 472984599 KB total disk space.
 440399180 KB in 1425375 files.
    558192 KB in 36472 indexes.
         0 KB in bad sectors.
   2110887 KB in use by the system.
     65536 KB occupied by the log file.
  29916340 KB available on disk.

      4096 bytes in each allocation unit.
 118246149 total allocation units on disk.
   7479085 allocation units available on disk.

Internal Info:
00 60 1e 00 63 4e 16 00 fd e4 2b 00 00 00 00 00  .`..cN....+.....
6e 73 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ns..,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Okay, please go ahead then and run these tools again now.

 

(this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Link to post
Share on other sites
blue8

blue8

Posted
  • Author
Posted

# AdwCleaner v3.016 - Report created 03/01/2014 at 22:46:07
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : luis - LUIS-PC
# Running from : C:\Users\luis\Downloads\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16611


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\luis\AppData\Roaming\Mozilla\Firefox\Profiles\bb8boz04.default-1387750997814\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\luis\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [5382 octets] - [23/12/2013 15:27:52]
AdwCleaner[R1].txt - [1203 octets] - [25/12/2013 13:46:19]
AdwCleaner[R2].txt - [1323 octets] - [03/01/2014 22:25:38]
AdwCleaner[s0].txt - [5398 octets] - [23/12/2013 15:36:05]
AdwCleaner[s1].txt - [1176 octets] - [25/12/2013 13:55:26]
AdwCleaner[s2].txt - [1156 octets] - [03/01/2014 22:46:07]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1216 octets] ##########
 

Link to post
Share on other sites
blue8

blue8

Posted
  • Author
Posted

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
luis :: LUIS-PC [administrator]

Protection: Disabled

1/4/2014 4:36:05 AM
mbam-log-2014-01-04 (04-36-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223238
Time elapsed: 6 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites
blue8

blue8

Posted
  • Author
Posted

ComboFix 14-01-04.03 - luis 01/05/2014   6:40.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6104.3173 [GMT -6:00]
Running from: c:\users\luis\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\luis\AppData\Local\Temp\DVP830F.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-05 to 2014-01-05  )))))))))))))))))))))))))))))))
.
.
2014-01-05 13:35 . 2014-01-05 13:35    --------    d-----w-    c:\users\hedev\AppData\Local\temp
2014-01-05 13:35 . 2014-01-05 13:35    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-01-04 10:34 . 2013-04-04 20:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-01-04 10:34 . 2014-01-04 10:34    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-01 03:12 . 2014-01-01 03:12    --------    d-----w-    c:\users\luis\AppData\Roaming\AVAST Software
2014-01-01 03:12 . 2014-01-01 03:11    82744    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2014-01-01 03:12 . 2014-01-01 03:11    78648    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-01-01 03:12 . 2014-01-01 03:11    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-01-01 03:12 . 2014-01-01 03:11    422216    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2014-01-01 03:12 . 2014-01-01 03:11    207904    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-01-01 03:12 . 2014-01-01 03:11    1034464    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-01-01 03:12 . 2014-01-01 03:11    92544    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-01-01 03:12 . 2014-01-01 03:11    334136    ----a-w-    c:\windows\system32\aswBoot.exe
2014-01-01 03:11 . 2014-01-01 03:11    43152    ----a-w-    c:\windows\avastSS.scr
2014-01-01 03:11 . 2014-01-01 03:11    --------    d-----w-    c:\program files\AVAST Software
2014-01-01 03:10 . 2014-01-01 03:10    --------    d-----w-    c:\programdata\AVAST Software
2014-01-01 01:55 . 2014-01-01 01:55    --------    d-----w-    c:\users\luis\AppData\Local\FalloutNV
2013-12-31 05:05 . 2013-12-31 17:33    --------    d-----w-    c:\windows\system32\catroot2
2013-12-31 04:32 . 2014-01-05 13:37    --------    d-----w-    c:\windows\system32\wbem\repository
2013-12-31 04:30 . 2013-12-31 04:30    --------    d-----w-    c:\windows\SysWow64\wbem\Performance
2013-12-31 04:27 . 2013-12-31 05:00    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2013-12-31 04:14 . 2013-12-31 04:14    --------    d-----w-    C:\RegBackup
2013-12-31 00:55 . 2013-12-31 00:55    --------    d-----w-    c:\program files (x86)\Tweaking.com
2013-12-29 13:58 . 2010-05-26 17:41    2106216    ----a-w-    c:\windows\SysWow64\D3DCompiler_43.dll
2013-12-29 13:58 . 2010-05-26 17:41    1998168    ----a-w-    c:\windows\SysWow64\D3DX9_43.dll
2013-12-29 02:58 . 2013-12-29 02:58    --------    d-----w-    c:\programdata\Stardock
2013-12-29 02:58 . 2013-12-29 02:58    --------    d-----w-    c:\programdata\Ironclad Games
2013-12-28 06:20 . 2013-12-28 06:20    --------    d-----w-    c:\users\luis\AppData\Local\HotheadGames
2013-12-26 07:06 . 2013-12-26 07:06    --------    d-----w-    c:\program files (x86)\Dungeon Defenders
2013-12-26 05:34 . 2013-12-26 05:34    --------    d-----w-    C:\FRST
2013-12-25 19:26 . 2013-12-25 19:26    --------    d-----w-    c:\windows\ERUNT
2013-12-25 01:54 . 2013-12-25 19:24    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-12-25 01:52 . 2013-12-25 01:53    --------    d-----w-    c:\users\luis\mwbar
2013-12-25 01:32 . 2013-12-25 01:32    393728    ----a-w-    c:\windows\system32\drivers\yk62x64.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    198656    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    87040    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    21504    ----a-w-    c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    16464    ----a-w-    c:\windows\system32\drivers\wmilib.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    14336    ----a-w-    c:\windows\system32\drivers\wmiacpi.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    41984    ----a-w-    c:\windows\system32\drivers\winusb.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    22096    ----a-w-    c:\windows\system32\drivers\wimmount.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    151656    ----a-w-    c:\windows\system32\drivers\WimFltr.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    12800    ----a-w-    c:\windows\system32\drivers\wfplwf.sys.bak
2013-12-25 01:32 . 2013-12-25 01:32    54376    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys.bak
2013-12-25 01:30 . 2013-12-25 01:30    64080    ----a-w-    c:\windows\system32\drivers\UAGP35.SYS.bak
2013-12-25 01:29 . 2013-12-25 01:29    19008    ----a-w-    c:\windows\system32\drivers\spldr.sys.bak
2013-12-25 01:28 . 2013-12-25 01:28    55856    ----a-w-    c:\windows\system32\drivers\PxHlpa64.sys.bak
2013-12-25 01:27 . 2013-12-25 01:27    376688    ----a-w-    c:\windows\system32\drivers\netio.sys.bak
2013-12-25 01:26 . 2013-12-25 01:26    77312    ----a-w-    c:\windows\system32\drivers\mpsdrv.sys.bak
2013-12-25 01:25 . 2013-12-25 01:25    410496    ----a-w-    c:\windows\system32\drivers\iaStorV.sys.bak
2013-12-25 01:25 . 2013-12-25 01:25    408600    ----a-w-    c:\windows\system32\drivers\iaStor.sys.bak
2013-12-25 01:25 . 2013-12-25 01:25    105472    ----a-w-    c:\windows\system32\drivers\i8042prt.sys.bak
2013-12-25 01:25 . 2013-12-25 01:25    14720    ----a-w-    c:\windows\system32\drivers\hwpolicy.sys.bak
2013-12-25 01:23 . 2013-12-25 01:23    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys.bak
2013-12-25 01:22 . 2013-12-25 01:22    21160    ----a-w-    c:\windows\system32\drivers\btwrchid.sys.bak
2013-12-25 01:21 . 2013-12-25 01:21    155520    ----a-w-    c:\windows\system32\drivers\ataport.sys.bak
2013-12-25 01:20 . 2013-12-25 01:20    68096    ----a-w-    c:\windows\system32\drivers\1394bus.sys.bak
2013-12-25 01:07 . 2013-12-25 01:07    --------    d-----w-    c:\program files (x86)\ERUNT
2013-12-23 21:27 . 2014-01-04 04:46    --------    d-----w-    C:\AdwCleaner
2013-12-23 16:33 . 2013-12-23 16:33    --------    d-----w-    c:\program files (x86)\Common Files\Wise Installation Wizard
2013-12-23 02:39 . 2013-12-23 02:39    --------    d-----w-    c:\users\luis\AppData\Local\Daedalic Entertainment
2013-12-23 01:22 . 2008-07-12 14:18    467984    ----a-w-    c:\windows\SysWow64\d3dx10_39.dll
2013-12-23 01:22 . 2008-07-12 14:18    1493528    ----a-w-    c:\windows\SysWow64\D3DCompiler_39.dll
2013-12-23 01:22 . 2008-07-12 14:18    3851784    ----a-w-    c:\windows\SysWow64\D3DX9_39.dll
2013-12-23 00:13 . 2014-01-01 03:35    --------    d-----w-    c:\program files\CCleaner
2013-12-22 20:39 . 2013-12-22 20:39    --------    d-----w-    C:\found.001
2013-12-21 19:35 . 2013-12-21 19:35    --------    d-----w-    c:\users\luis\AppData\Roaming\Malwarebytes
2013-12-21 19:35 . 2013-12-21 19:35    --------    d-----w-    c:\programdata\Malwarebytes
2013-12-17 16:15 . 2008-05-30 20:17    25608    ----a-w-    c:\windows\SysWow64\X3DAudio1_4.dll
2013-12-17 16:14 . 2006-03-31 18:41    3927248    ----a-w-    c:\windows\system32\d3dx9_30.dll
2013-12-16 07:08 . 2009-03-16 20:18    517448    ----a-w-    c:\windows\SysWow64\XAudio2_4.dll
2013-12-16 07:08 . 2009-03-16 20:18    235352    ----a-w-    c:\windows\SysWow64\xactengine3_4.dll
2013-12-16 07:08 . 2009-03-16 20:18    22360    ----a-w-    c:\windows\SysWow64\X3DAudio1_6.dll
2013-12-16 07:08 . 2007-03-12 22:42    3495784    ----a-w-    c:\windows\SysWow64\d3dx9_33.dll
2013-12-16 07:08 . 2006-09-28 22:05    2414360    ----a-w-    c:\windows\SysWow64\d3dx9_31.dll
2013-12-16 04:56 . 2013-12-16 04:56    --------    d-----w-    c:\users\luis\AppData\Local\GOG.com
2013-12-13 20:06 . 2007-04-05 00:54    107368    ----a-w-    c:\windows\system32\xinput1_3.dll
2013-12-13 17:34 . 2013-12-13 17:41    --------    d-----w-    c:\users\luis\AppData\Local\SamuraiGunn
2013-12-11 10:58 . 2013-12-11 11:47    9272200    ----a-w-    c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-03 10:14 . 2013-05-14 14:13    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-03 10:14 . 2013-05-14 14:13    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-27 22:20 . 2013-07-03 03:24    466456    ----a-w-    c:\windows\system32\wrap_oal.dll
2013-12-27 22:20 . 2013-07-03 03:24    122904    ----a-w-    c:\windows\system32\OpenAL32.dll
2013-12-27 22:20 . 2013-07-03 03:24    444952    ----a-w-    c:\windows\SysWow64\wrap_oal.dll
2013-12-27 22:20 . 2013-07-03 03:24    109080    ----a-w-    c:\windows\SysWow64\OpenAL32.dll
2013-11-19 10:21 . 2013-05-24 19:53    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-21 03:27 . 2013-09-25 15:34    25057792    ----a-w-    c:\windows\SysWow64\LoLSummonerInfo.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    130736    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_CCE9157413AF6F278938FA02C1A91C00"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-12-04 863184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-01 3764024]
.
c:\users\luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\luis\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe -minimize [2013-9-13 526336]
TrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe vlc.ico [2013-2-24 704008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 00:37    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-14 10:14]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-21 03:31]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-21 03:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-01 03:11    287280    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36    164016    ----a-w-    c:\users\luis\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-26 487424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 365592]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F11FA42A-8082-4197-AD31-D56881B9F46D}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{F11FA42A-8082-4197-AD31-D56881B9F46D}\27F6D65627F6E65647: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{F11FA42A-8082-4197-AD31-D56881B9F46D}\E4544574541425: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\luis\AppData\Roaming\Mozilla\Firefox\Profiles\bb8boz04.default-1387750997814\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-05116172.sys
SafeBoot-70207998.sys
AddRemove-GOGPACKIHAVENOMOUTH_is1 - c:\gog games\I Have No Mouth
AddRemove-GOGPACKPAPERSPLEASE_is1 - c:\gog games\Papers
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"=hex:51,66,7a,6c,4c,1d,38,12,81,47,e9,
   25,5f,79,3d,08,e4,19,c9,c9,d6,7c,d4,7c
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=hex:51,66,7a,6c,4c,1d,38,12,34,14,09,
   c8,69,aa,83,04,dc,1a,8a,f1,d2,fe,84,3b
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
   8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:65,c2,fe,12,a6,06,cf,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2014-01-05  07:45:25 - machine was rebooted
ComboFix-quarantined-files.txt  2014-01-05 13:45
.
Pre-Run: 38,091,055,104 bytes free
Post-Run: 38,322,520,064 bytes free
.
- - End Of File - - 3BC89B5DAA4EEC7FA50F0757AC56B863
A36C5E4F47E84449FF07ED3517B43A31
 

Link to post
Share on other sites
blue8

blue8

Posted
  • Author
Posted

It is the exact same issue. I can use Firefox and only Firefox to access the internet. Anything beyond that is met with error. I mentioned twice the problem while troubleshooting. It isn't a firewall or antivirus denying me connectivity. I cannot connect to any servers to accomplish anything. Firefox is the only program that works. Nothing can be updated through a server. I had to spend 2 hours getting Firefox to work after Malwarebytes removed malware from my computer. Only after changing TCP/IP settings was I able to get Firefox working.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Well I'm pretty much out of time as I'm heading out on vacation soon.

I can post and see if another helper can take a look at this for you but you might want to see if another computer works properly on your network or not. I doubt it's a router issue but it's possible and running another computer would help to rule that out.

If does turn out to be your computer then I just don't have time to finish up is all.

Let me know if you want to do.

1. Have me get another helper to help?

2. Wait till I get back

3. Format and reinstall Windows?

Thank you again

Ron

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.