Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32/Gataka.B trojan


  • Please log in to reply
7 replies to this topic

#1 kazaca78

kazaca78

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:57 PM

Posted 10 September 2012 - 06:26 PM

Hi I need help; got infected with a trojan virus here is the Eset smart sec 3.0.695 log:" Startup scanner file Operating memory » explorer.exe(2160) a variant of Win32/Gataka.B trojan unable to clean ""I see there's always an open Ie page open even after i've closed all the IE pages. Got xp sp3 IE8,use Ad aware free internet sec and Eset antivirus and firewall

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:57 PM

Posted 10 September 2012 - 09:46 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:57 PM

Posted 12 September 2012 - 05:26 PM

hi thank u for uor help These are the save logs that u asked me to do 1: Results of screen317's Security Check version 0.99.50
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Lavasoft Ad-Watch Live! Anti-virus
ESET Smart Security 3.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
CCleaner
Java™ 6 Update 24
Java version out of Date!
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
2:Farbar Service Scanner Version: 06-08-2012
Ran by roberto (administrator) on 12-09-2012 at 23:13:07
Running from "C:\Documents and Settings\roberto\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0126976 ____A (Microsoft Corporation) 699EE7F752A25180AEB92C3A0EAEE440

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-03 23:14] - [2008-04-13 21:21] - 0162816 ____A () C60C86B03B53AEF49750DD0D69D16F41

ATTENTION!=====> C:\WINDOWS\system32\Drivers\netbt.sys IS INFECTED AND SHOULD BE REPLACED.

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-03 23:14] - [2011-04-08 02:26] - 0361600 ____A (Microsoft Corporation) 353DB91E77343F94BD869C5007A3B3CD

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0045568 ____A (Microsoft Corporation) 5A4DAC2ED68EDF6FDD78529D78CB994E

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0332288 ____A (Microsoft Corporation) 152C0555925DFE028E3148FD215146BB

C:\WINDOWS\system32\netman.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0198144 ____A (Microsoft Corporation) 02815B70FC4CA8611A926176F1C39FC2

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-02-24 03:27] - [2008-04-14 04:13] - 0145408 ____A (Microsoft Corporation) 40911E98D0F1CBB1015F2101982F1DDF

C:\WINDOWS\system32\srsvc.dll
[2011-02-24 03:29] - [2008-04-14 04:13] - 0171520 ____A (Microsoft Corporation) B3E3DA70A7A76E69B872DE3D06D32C19

C:\WINDOWS\system32\Drivers\sr.sys
[2011-02-24 03:29] - [2008-04-14 03:56] - 0073472 ____A (Microsoft Corporation) 618718CAE288BF7CBD8FCBAB2577D932

C:\WINDOWS\system32\wscsvc.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0080896 ____A (Microsoft Corporation) 926D921C93CFF1E19EF4DE3E4C8368CA

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-02-24 03:27] - [2008-04-14 04:13] - 0145408 ____A (Microsoft Corporation) 40911E98D0F1CBB1015F2101982F1DDF

C:\WINDOWS\system32\wuauserv.dll
[2011-02-24 03:29] - [2008-04-14 04:13] - 0006656 ____A (Microsoft Corporation) CC48415E6C7CBAA441A3D6A6DCCBCFA6

C:\WINDOWS\system32\qmgr.dll
[2011-02-24 03:29] - [2008-04-14 04:13] - 0409088 ____A (Microsoft Corporation) 48C4763A9C8990FB48B73445BEB15D6A

C:\WINDOWS\system32\es.dll
[2004-08-19 15:39] - [2008-07-07 22:27] - 0253952 ____A (Microsoft Corporation) 8360CB9756E598A5C6214EACFB3677C3

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-19 15:39] - [2008-04-14 04:13] - 0062464 ____A (Microsoft Corporation) B6FCBB157E9C8ABDCA4134C535535A8B

C:\WINDOWS\system32\svchost.exe
[2004-08-19 15:39] - [2008-04-14 04:14] - 0014336 ____A (Microsoft Corporation) BB8363ABEC09AA2F9B363484E282117C

C:\WINDOWS\system32\rpcss.dll
[2004-08-19 15:39] - [2009-02-09 12:51] - 0401408 ____A (Microsoft Corporation) BC4E0226341AAEC1222336B3AED86BAB

C:\WINDOWS\system32\services.exe
[2004-08-19 15:39] - [2009-02-09 13:22] - 0111104 ____A (Microsoft Corporation) 26845F272435302E0F3322E660A24F7D


Extra List:
=======
Epfwndis(8) epfwtdi(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000009000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****3:MiniToolBox by Farbar Version: 23-07-2012
Ran by roberto (administrator) on 12-09-2012 at 23:15:30
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = Connessione 1394 (Connected)
Realtek PCIe GBE Family Controller = Connessione alla rete locale (LAN) 4 (Connected)
Realtek PCIe GBE Family Controller = Connessione alla rete locale (LAN) 3 (Media disconnected)


# ----------------------------------
# Configurazione IP interfaccia
# ----------------------------------
pushd interface ip


# Configurazione IP interfaccia per "Connessione alla rete locale (LAN) 3"

set address name="Connessione alla rete locale (LAN) 3" source=dhcp
set dns name="Connessione alla rete locale (LAN) 3" source=dhcp register=PRIMARY
set wins name="Connessione alla rete locale (LAN) 3" source=dhcp

# Configurazione IP interfaccia per "Connessione alla rete locale (LAN) 4"

set address name="Connessione alla rete locale (LAN) 4" source=dhcp
set dns name="Connessione alla rete locale (LAN) 4" source=dhcp register=PRIMARY
set wins name="Connessione alla rete locale (LAN) 4" source=dhcp


popd
# Termine della configurazione IP interfaccia


Configurazione IP di Windows Nome host . . . . . . . . . . . . . . : rinat-fb6eb Suffisso DNS primario . . . . . . . : Tipo nodo . . . . . . . . . : Sconosciuto Routing IP abilitato. . . . . . . . . : No Proxy WINS abilitato . . . . . . . . : No Elenco di ricerca suffissi DNS. . . . : fastwebnet.itScheda Ethernet Connessione alla rete locale (LAN) 3: Stato supporto . . . . . . . . . . . : Supporto disconnesso Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller Indirizzo fisico. . . . . . . . . . . : 00-1F-D0-21-1A-2FScheda Ethernet Connessione alla rete locale (LAN) 4: Suffisso DNS specifico per connessione: fastwebnet.it Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2 Indirizzo fisico. . . . . . . . . . . : 00-1F-D0-21-1A-2D DHCP abilitato. . . . . . . . . . . . : Sì Configurazione automatica abilitata : Sì Indirizzo IP. . . . . . . . . . . . . : 10.67.137.231 Subnet mask . . . . . . . . . . . . . : 255.255.248.0 Gateway predefinito . . . . . . . . . : 10.67.136.1 Server DHCP . . . . . . . . . . . . . : 10.67.137.228 Server DNS . . . . . . . . . . . . . : 83.103.25.250 62.101.93.101 NetBIOS su TCPIP. . . . . . : Disabilitato Lease ottenuto. . . . . . . . . . . . : mercoledì 12 settembre 2012 23.01.24 Scadenza lease . . . . . . . . . . . : giovedì 13 settembre 2012 0.01.24Server: anyres2.fastwebnet.it
Address: 83.103.25.250

Nome: google.com
Addresses: 173.194.35.35, 173.194.35.36, 173.194.35.37, 173.194.35.38
173.194.35.39, 173.194.35.40, 173.194.35.41, 173.194.35.46, 173.194.35.32
173.194.35.33, 173.194.35.34

Esecuzione di Ping google.com [173.194.35.37] con 32 byte di dati:Risposta da 173.194.35.37: byte=32 durata=26ms TTL=53Risposta da 173.194.35.37: byte=32 durata=27ms TTL=53Statistiche Ping per 173.194.35.37: Pacchetti: Trasmessi = 2, Ricevuti = 2, Persi = 0 (0% persi),Tempo approssimativo percorsi andata/ritorno in millisecondi: Minimo = 26ms, Massimo = 27ms, Medio = 26msServer: anyres2.fastwebnet.it
Address: 83.103.25.250

Nome: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24

Esecuzione di Ping yahoo.com [72.30.38.140] con 32 byte di dati:Risposta da 72.30.38.140: byte=32 durata=827ms TTL=46Risposta da 72.30.38.140: byte=32 durata=1113ms TTL=45Statistiche Ping per 72.30.38.140: Pacchetti: Trasmessi = 2, Ricevuti = 2, Persi = 0 (0% persi),Tempo approssimativo percorsi andata/ritorno in millisecondi: Minimo = 827ms, Massimo = 1113ms, Medio = 970msServer: anyres2.fastwebnet.it
Address: 83.103.25.250

Nome: bleepingcomputer.com
Address: 208.43.87.2

Esecuzione di Ping bleepingcomputer.com [208.43.87.2] con 32 byte di dati:Richiesta scaduta.Richiesta scaduta.Statistiche Ping per 208.43.87.2: Pacchetti: Trasmessi = 2, Ricevuti = 0, Persi = 2 (100% persi),Esecuzione di Ping 127.0.0.1 con 32 byte di dati:Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128Statistiche Ping per 127.0.0.1: Pacchetti: Trasmessi = 2, Ricevuti = 2, Persi = 0 (0% persi),Tempo approssimativo percorsi andata/ritorno in millisecondi: Minimo = 0ms, Massimo = 0ms, Medio = 0ms===========================================================================
Elenco interfacce
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1f d0 21 1a 2f ...... Realtek PCIe GBE Family Controller - Miniport dell'Utilità di pianificazione pacchetti
0x3 ...00 1f d0 21 1a 2d ...... Realtek PCIe GBE Family Controller #2 - Miniport dell'Utilità di pianificazione pacchetti
===========================================================================
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfac. Metric
0.0.0.0 0.0.0.0 10.67.136.1 10.67.137.231 30
10.67.136.0 255.255.248.0 10.67.137.231 10.67.137.231 30
10.67.137.231 255.255.255.255 127.0.0.1 127.0.0.1 30
10.255.255.255 255.255.255.255 10.67.137.231 10.67.137.231 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.67.137.231 10.67.137.231 30
255.255.255.255 255.255.255.255 10.67.137.231 2 1
255.255.255.255 255.255.255.255 10.67.137.231 10.67.137.231 1
Gateway predefinito: 10.67.136.1
===========================================================================
Route permanenti:
Nessuno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/10/2012 06:49:02 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/10/2012 09:53:19 AM) (Source: Application Error) (User: )
Description: Applicazione che ha provocato l'errore drwtsn32.exe, versione 5.1.2600.0, modulo che ha provocato l'errore dbghelp.dll, versione 5.1.2600.5512, indirizzo errore 0x0001295d.
Elaborazione evento specifico al supporto per [drwtsn32.exe!ws!] in corso

Error: (09/10/2012 09:52:22 AM) (Source: Application Error) (User: )
Description: Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512, modulo che ha provocato l'errore msvcr80.dll, versione 8.0.50727.4053, indirizzo errore 0x0001500a.
Elaborazione evento specifico al supporto per [explorer.exe!ws!] in corso

Error: (09/09/2012 06:30:07 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/06/2012 11:58:53 PM) (Source: Application Hang) (User: )
Description: Applicazione in stallo vlc.exe, versione 1.1.7.0, modulo in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error: (09/06/2012 06:21:54 PM) (Source: Application Error) (User: )
Description: Applicazione che ha provocato l'errore masseffect3.exe, versione 1.3.5427.46, modulo che ha provocato l'errore d3d9.dll, versione 5.3.2600.5512, indirizzo errore 0x00040ea3.
Elaborazione evento specifico al supporto per [masseffect3.exe!ws!] in corso

Error: (09/05/2012 09:46:16 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/05/2012 00:53:00 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/02/2012 00:02:48 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (09/02/2012 00:02:45 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.


System errors:
=============
Error: (09/12/2012 06:42:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/11/2012 01:34:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/10/2012 06:44:43 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/08/2012 03:39:01 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/08/2012 00:59:51 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/06/2012 04:47:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/05/2012 09:46:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/04/2012 07:19:53 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/03/2012 00:18:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.

Error: (09/01/2012 07:55:02 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Il server {4EB61BAC-A3B6-4760-9581-655041EF4D69} non si è registrato con DCOM entro il tempo d'attesa richiesto.


Microsoft Office Sessions:
=========================
Error: (09/10/2012 06:49:02 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/10/2012 09:53:19 AM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (09/10/2012 09:52:22 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512msvcr80.dll8.0.50727.40530001500a

Error: (09/09/2012 06:30:07 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/06/2012 11:58:53 PM) (Source: Application Hang)(User: )
Description: vlc.exe1.1.7.0hungapp0.0.0.000000000

Error: (09/06/2012 06:21:54 PM) (Source: Application Error)(User: )
Description: masseffect3.exe1.3.5427.46d3d9.dll5.3.2600.551200040ea3

Error: (09/05/2012 09:46:16 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/05/2012 00:53:00 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/02/2012 00:02:48 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (09/02/2012 00:02:45 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.


=========================== Installed Programs ============================

Ad-Aware
Ad-Aware (Version: 9.0.1)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
AdunanzA
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017) (Version: 1)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961) (Version: 1)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332) (Version: 1)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381) (Version: 1)
Aggiornamento della protezione per Windows Media Player (KB2378111)
Aggiornamento della protezione per Windows Media Player (KB952069)
Aggiornamento della protezione per Windows Media Player (KB954155)
Aggiornamento della protezione per Windows Media Player (KB973540)
Aggiornamento della protezione per Windows Media Player (KB975558)
Aggiornamento della protezione per Windows Media Player (KB978695)
Aggiornamento della protezione per Windows Media Player (KB979402)
Aggiornamento della protezione per Windows XP (KB2079403) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2115168) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2121546) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2229593) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2259922) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2296011) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2347290) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2360937) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2387149) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2393802) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2419632) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2423089) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2440591) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2443105) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2476687) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2478960) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2478971) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2479628) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2479943) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2481109) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2483185) (Version: 1)
Aggiornamento della protezione per Windows XP (KB2485376) (Version: 1)
Aggiornamento della protezione per Windows XP (KB923561) (Version: 1)
Aggiornamento della protezione per Windows XP (KB946648) (Version: 1)
Aggiornamento della protezione per Windows XP (KB950762) (Version: 1)
Aggiornamento della protezione per Windows XP (KB950974) (Version: 1)
Aggiornamento della protezione per Windows XP (KB951376-v2) (Version: 2)
Aggiornamento della protezione per Windows XP (KB951748) (Version: 1)
Aggiornamento della protezione per Windows XP (KB952004) (Version: 1)
Aggiornamento della protezione per Windows XP (KB952954) (Version: 1)
Aggiornamento della protezione per Windows XP (KB955069) (Version: 1)
Aggiornamento della protezione per Windows XP (KB956572) (Version: 1)
Aggiornamento della protezione per Windows XP (KB956744) (Version: 1)
Aggiornamento della protezione per Windows XP (KB956802) (Version: 1)
Aggiornamento della protezione per Windows XP (KB956803) (Version: 1)
Aggiornamento della protezione per Windows XP (KB956844) (Version: 1)
Aggiornamento della protezione per Windows XP (KB958644) (Version: 1)
Aggiornamento della protezione per Windows XP (KB958869) (Version: 1)
Aggiornamento della protezione per Windows XP (KB959426) (Version: 1)
Aggiornamento della protezione per Windows XP (KB960225) (Version: 1)
Aggiornamento della protezione per Windows XP (KB960803) (Version: 1)
Aggiornamento della protezione per Windows XP (KB960859) (Version: 1)
Aggiornamento della protezione per Windows XP (KB961501) (Version: 1)
Aggiornamento della protezione per Windows XP (KB969059) (Version: 1)
Aggiornamento della protezione per Windows XP (KB970238) (Version: 1)
Aggiornamento della protezione per Windows XP (KB970430) (Version: 1)
Aggiornamento della protezione per Windows XP (KB971468) (Version: 1)
Aggiornamento della protezione per Windows XP (KB971657) (Version: 1)
Aggiornamento della protezione per Windows XP (KB972270) (Version: 1)
Aggiornamento della protezione per Windows XP (KB973507) (Version: 1)
Aggiornamento della protezione per Windows XP (KB973869) (Version: 1)
Aggiornamento della protezione per Windows XP (KB973904) (Version: 1)
Aggiornamento della protezione per Windows XP (KB974112) (Version: 1)
Aggiornamento della protezione per Windows XP (KB974318) (Version: 1)
Aggiornamento della protezione per Windows XP (KB974392) (Version: 1)
Aggiornamento della protezione per Windows XP (KB974571) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975025) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975467) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975560) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975561) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975562) (Version: 1)
Aggiornamento della protezione per Windows XP (KB975713) (Version: 1)
Aggiornamento della protezione per Windows XP (KB977816) (Version: 1)
Aggiornamento della protezione per Windows XP (KB977914) (Version: 1)
Aggiornamento della protezione per Windows XP (KB978037) (Version: 1)
Aggiornamento della protezione per Windows XP (KB978338) (Version: 1)
Aggiornamento della protezione per Windows XP (KB978542) (Version: 1)
Aggiornamento della protezione per Windows XP (KB978601) (Version: 1)
Aggiornamento della protezione per Windows XP (KB978706) (Version: 1)
Aggiornamento della protezione per Windows XP (KB979309) (Version: 1)
Aggiornamento della protezione per Windows XP (KB979482) (Version: 1)
Aggiornamento della protezione per Windows XP (KB979559) (Version: 1)
Aggiornamento della protezione per Windows XP (KB979683) (Version: 1)
Aggiornamento della protezione per Windows XP (KB979687) (Version: 1)
Aggiornamento della protezione per Windows XP (KB980195) (Version: 1)
Aggiornamento della protezione per Windows XP (KB980218) (Version: 1)
Aggiornamento della protezione per Windows XP (KB980232) (Version: 1)
Aggiornamento della protezione per Windows XP (KB980436) (Version: 1)
Aggiornamento della protezione per Windows XP (KB981322) (Version: 1)
Aggiornamento della protezione per Windows XP (KB981997) (Version: 1)
Aggiornamento della protezione per Windows XP (KB982132) (Version: 1)
Aggiornamento della protezione per Windows XP (KB982214) (Version: 1)
Aggiornamento della protezione per Windows XP (KB982381) (Version: 1)
Aggiornamento della protezione per Windows XP (KB982665) (Version: 1)
Aggiornamento per Windows Internet Explorer 8 (KB976662) (Version: 1)
Aggiornamento per Windows XP (KB2141007) (Version: 1)
Aggiornamento per Windows XP (KB2345886) (Version: 1)
Aggiornamento per Windows XP (KB951978) (Version: 1)
Aggiornamento per Windows XP (KB955759) (Version: 1)
Aggiornamento per Windows XP (KB967715) (Version: 1)
Aggiornamento per Windows XP (KB968389) (Version: 1)
Aggiornamento per Windows XP (KB971737) (Version: 1)
Aggiornamento per Windows XP (KB973687) (Version: 1)
Aggiornamento per Windows XP (KB973815) (Version: 1)
Aggiornamento rapido per Windows XP (KB2443685) (Version: 1)
Aggiornamento rapido per Windows XP (KB938759) (Version: 1)
Aggiornamento rapido per Windows XP (KB952287) (Version: 1)
Aggiornamento rapido per Windows XP (KB961118) (Version: 1)
Aggiornamento rapido per Windows XP (KB981793) (Version: 1)
Alan Wake
AMD Catalyst Install Manager (Version: 8.0.877.0)
Ask Toolbar (Version: 1.15.4.0)
Assassin's Creed II (Version: 1.01)
µTorrent (Version: 2.2.0)
Batman Arkham City™ (Version: 1.0.0000.131)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0703.2356.41139)
Catalyst Control Center Graphics Previews Common (Version: 2012.0703.2356.41139)
Catalyst Control Center InstallProxy (Version: 2012.0703.2356.41139)
Catalyst Control Center Localization All (Version: 2012.0703.2356.41139)
ccc-utility (Version: 2012.0703.2356.41139)
CCC Help Chinese Standard (Version: 2012.0703.2355.41139)
CCC Help Chinese Traditional (Version: 2012.0703.2355.41139)
CCC Help Czech (Version: 2012.0703.2355.41139)
CCC Help Danish (Version: 2012.0703.2355.41139)
CCC Help Dutch (Version: 2012.0703.2355.41139)
CCC Help English (Version: 2012.0703.2355.41139)
CCC Help Finnish (Version: 2012.0703.2355.41139)
CCC Help French (Version: 2012.0703.2355.41139)
CCC Help German (Version: 2012.0703.2355.41139)
CCC Help Greek (Version: 2012.0703.2355.41139)
CCC Help Hungarian (Version: 2012.0703.2355.41139)
CCC Help Italian (Version: 2012.0703.2355.41139)
CCC Help Japanese (Version: 2012.0703.2355.41139)
CCC Help Korean (Version: 2012.0703.2355.41139)
CCC Help Norwegian (Version: 2012.0703.2355.41139)
CCC Help Polish (Version: 2012.0703.2355.41139)
CCC Help Portuguese (Version: 2012.0703.2355.41139)
CCC Help Russian (Version: 2012.0703.2355.41139)
CCC Help Spanish (Version: 2012.0703.2355.41139)
CCC Help Swedish (Version: 2012.0703.2355.41139)
CCC Help Thai (Version: 2012.0703.2355.41139)
CCC Help Turkish (Version: 2012.0703.2355.41139)
CCleaner (Version: 3.03)
CDisplay 1.8
DAEMON Tools Lite (Version: 4.40.2.0131)
DEVIL MAY CRY 4 (Version: 1.00.000)
Dll-Files.com Fixer (Version: 1.0)
Driver Sweeper versione 3.2.0 (Version: 3.2.0)
Dual-Core Optimizer (Version: 1.1.4.0169)
ESET Antivirus License Finder (MiNODLogin) (Version: 3.10.0.1)
ESET Smart Security (Version: 3.0.695.0)
Foxit Reader (Version: 4.3.1.218)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.2.183.23)
Grand Theft Auto: Episodes from Liberty City (Version: 1.0.0002.135)
Grand Theft Auto: Episodes from Liberty City (Version: 1.0.0003.135)
Grand Theft Auto: Episodes From Liberty City (Version: 1.1.0.0)
GUI CMD CFW Patcher
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
K-Lite Codec Pack 6.9.0 (Standard) (Version: 6.9.0)
LOST PLANET COLONIES (Version: 1.00.129)
Mass Effect™ 3 (Version: 1.01.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA (Version: 2.1.21022)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA (Version: 3.1.21022)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 - Language Pack (italiano)
Microsoft .NET Framework 3.5 Language Pack - ita (Version: 3.5.21022)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mirror's Edge™ (Version: 1.0.1.0)
MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)
NVIDIA PhysX (Version: 9.11.1107)
OF Dragon Rising (Version: 1.02.0000)
OpenAL
programma di aggiornamento Ask Toolbar Updater (Version: 1.2.2.23821)
PunkBuster Services (Version: 0.993)
Ray Adams ATI Tray Tools
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.35.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.6299)
Red Orchestra 2 Heroes of Stalingrad
Syndicate
The Witcher 2 (Version: 1.00.0000)
TimeShift (Version: 1.00.000)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Veetle TV (Version: 0.9.19)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.7 (Version: 1.1.7)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Format 11 runtime
Windows Media Player 10
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080413.144514)
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 3326.23 MB
Available physical RAM: 2496.25 MB
Total Pagefile: 5209.71 MB
Available Pagefile: 4586.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.77 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.75 GB) (Free:26.06 GB) NTFS
3 Drive d: (New Volume) (Fixed) (Total:698.64 GB) (Free:9.32 GB) NTFS

========================= Users: ========================================

Account utente per \\RINAT-FB6EB

Administrator Guest HelpAssistant
roberto SUPPORT_388945a0
Esecuzione comando riuscita.


**** End of log ****
4:Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.12.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
roberto :: RINAT-FB6EB [administrator]

12/09/2012 23.18.57
mbam-log-2012-09-12 (23-18-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 185125
Time elapsed: 3 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{30CFB4F5-6AD7-AD40-E51B-88E5FA10ABF7} (Trojan.ZbotR.Gen) -> Data: "C:\Documents and Settings\roberto\Dati applicazioni\Ejvy\fucou.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
5:aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-12 23:30:17
-----------------------------
23:30:17.984 OS Version: Windows 5.1.2600 Service Pack 3
23:30:17.984 Number of processors: 2 586 0x1706
23:30:17.984 ComputerName: RINAT-FB6EB UserName: roberto
23:30:19.906 Initialize success
23:39:20.296 AVAST engine defs: 12091200
23:40:43.281 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10
23:40:43.296 Disk 0 Vendor: SAMSUNG_HD753LJ 1AA01109 Size: 715404MB BusType: 3
23:40:43.296 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-1f
23:40:43.296 Disk 1 Vendor: ST3500320AS SD15 Size: 476938MB BusType: 3
23:40:43.312 Disk 1 MBR read successfully
23:40:43.312 Disk 1 MBR scan
23:40:43.328 Disk 1 Windows XP default MBR code
23:40:43.343 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
23:40:43.343 Disk 1 scanning sectors +976752000
23:40:43.406 Disk 1 scanning C:\WINDOWS\system32\drivers
23:41:01.515 Service scanning
23:41:16.796 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
23:41:20.062 Modules scanning
23:41:26.515 Disk 1 trace - called modules:
23:41:26.531 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
23:41:26.531 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8b199ab8]
23:41:26.531 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000072[0x8b19e968]
23:41:26.531 5 ACPI.sys[b9e57620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-1f[0x8b19bd98]
23:41:27.812 AVAST engine scan C:\WINDOWS
23:41:32.812 AVAST engine scan C:\WINDOWS\system32
23:44:26.656 AVAST engine scan C:\WINDOWS\system32\drivers
23:44:46.906 AVAST engine scan C:\Documents and Settings\roberto
00:11:46.109 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\roberto\Desktop\Nuova cartella (9)\MBR.dat"
00:11:46.125 The log file has been saved successfully to "C:\Documents and Settings\roberto\Desktop\Nuova cartella (9)\aswMBR.txt" I'd like to say that i wasnt sure that the aswMBR scan was finished ,it eas written scanning a file temp in the doc and settings folder after 5 min it was at the same file but there was no option to have a bnew scan I've waited others 2 min and the saved this log..I paste here also the last Eset log after the one i wrote here cause are different:12/09/2012 23.44.33 Real-time file system protection file C:\DOCUME~1\roberto\IMPOST~1\Temp\av4B17.tmp a variant of Win32/Kryptik.ZBN trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Documents and Settings\roberto\Desktop\aswMBR.exe.
12/09/2012 23.41.14 Real-time file system protection file C:\DOCUME~1\roberto\IMPOST~1\Temp\av4181.tmp a variant of Win32/Kryptik.ZBN trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Documents and Settings\roberto\Desktop\aswMBR.exe.
12/09/2012 23.40.52 Real-time file system protection file C:\DOCUME~1\roberto\IMPOST~1\Temp\av48A.tmp a variant of Win32/Kryptik.ZBN trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Documents and Settings\roberto\Desktop\aswMBR.exe.
12/09/2012 21.06.27 Real-time file system protection file C:\System Volume Information\_restore{EE3476E7-8FFD-47D1-BD3D-BA8A77953CA0}\RP500\A0587636.exe Win32/Gataka.B trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
12/09/2012 20.03.28 Real-time file system protection file C:\Documents and Settings\roberto\Dati applicazioni\Media Player Classic\{7447A0C5-0C34-4531-8A3F-558C7EB7A39C}\renovator.exe Win32/Gataka.B trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.Thank you for your help

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:57 PM

Posted 12 September 2012 - 08:57 PM

Is Eset still complaining?

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:57 PM

Posted 13 September 2012 - 05:28 PM

Thank u for your help it seems that now i've no problems at all.I've started my pc now and i dont have any more Eset virus alert log Anyway i'll do the other things u va said Tfc and ADWCleaner and post the log...

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:57 PM

Posted 13 September 2012 - 07:12 PM

Cool :)

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 kazaca78

kazaca78
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:57 PM

Posted 16 September 2012 - 09:59 PM

no more virus problem thanks to u thank u Grazie mille

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:57 PM

Posted 16 September 2012 - 10:25 PM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users