Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: C0000135 The program can't start because %hs is missing. Try resintalling the program.


  • This topic is locked This topic is locked
4 replies to this topic

#1 haah

haah

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:46 PM

Posted 27 November 2012 - 11:57 PM

Hi, I am running Windows 7 x64 on an ASUS g73 laptop and recently got hit with this error. The computer would startup only to hit this blue screen and restart. It would also not boot in any of the safe modes. I have read that it probably has to do with a malware infected .dll file but have no idea how I would go about fixing it.

Here is the log I got from frst, any help would be greatly appreciated. Thanks!



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2012
Ran by SYSTEM at 27-11-2012 20:49:20
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-08-31] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [1022904 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-12-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-26] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r [237693 2008-12-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd [x]
HKLM-x32\...\Run: [MRIPEUndo] "D:\MRI.EXE" /undopeboot [x]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKU\Owner\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3872080 2010-04-16] (Microsoft Corporation)
HKU\Owner\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-06-23] ()
HKU\Owner\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\Owner\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\Owner\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1353080 2012-08-07] (Valve Corporation)
HKU\Owner\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Owner\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Owner\...\Run: [F.lux] "C:\Users\Owner\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-28] ()
HKU\Owner\...\Run: [PPAP] "C:\Program Files (x86)\Common Files\PPLiveNetwork\PPAP.exe" -background [460704 2012-06-25] (PPLive Corporation)
HKU\Owner\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Owner\...\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" [765200 2012-08-25] (SANDBOXIE L.T.D)
Tcpip\Parameters: [DhcpNameServer] 64.59.144.90 64.59.150.136
AppInit_DLLs: C:\PROGRA~2\WI34CE~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI34CE~1\Datamngr\x64\IEBHO.dll
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Owner\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Owner\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) ===================

2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-11-09] (ASUS)
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152720 2012-05-24] (Lavasoft Limited)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-11-04] ()
2 PPTVService; C:\Windows\SysWOW64\PPTVSvc.dll [487304 2012-06-25] (PPTV)
2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [123664 2012-08-25] (SANDBOXIE L.T.D)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) =====================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
3 kbfiltr; C:\Windows\System32\Drivers\kbfiltr.sys [15416 2009-07-20] ( )
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-12-12] ()
0 Lbd; C:\Windows\System32\Drivers\Lbd.sys [69376 2011-12-02] (Lavasoft AB)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.)
3 SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-08-25] (SANDBOXIE L.T.D)
3 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [1806400 2009-06-05] ()
0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-11-16] (Duplex Secure Ltd.)
3 SWDUMon; C:\Windows\System32\Drivers\SWDUMon.sys [13920 2012-11-22] ()
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [13784 2009-08-06] ()
3 tmlwf; [x]
3 tmwfp; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-24 21:47 - 2012-11-26 01:13 - 00000000 ____D C:\Users\Owner\PycharmProjects
2012-11-24 17:29 - 2012-11-27 19:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2012-11-24 17:23 - 2012-11-27 19:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Audacity
2012-11-24 17:23 - 2012-11-27 19:04 - 00000000 ____D C:\Program Files (x86)\Audacity
2012-11-24 17:12 - 2012-11-27 19:13 - 00000000 ____D C:\Users\Owner\.PyCharm20
2012-11-24 17:12 - 2012-11-24 17:12 - 00000000 ____D C:\Program Files (x86)\JetBrains
2012-11-24 17:05 - 2012-11-24 17:05 - 00000000 ___RD C:\Sandbox
2012-11-24 15:53 - 2012-11-27 19:14 - 00000000 ____D C:\Users\Owner\Downloads\Mad Max 2 The Road Warrior (1981)
2012-11-24 15:53 - 2012-11-27 19:14 - 00000000 ____D C:\Users\Owner\Downloads\Mad Max (1979)
2012-11-24 02:58 - 2012-11-24 03:03 - 00000000 ____D C:\Users\Owner\Downloads\Bassnectar - Divergent Spectrum Remixes (Private Dubstash)
2012-11-23 22:30 - 2012-11-24 17:07 - 00001462 ____A C:\Windows\Sandboxie.ini
2012-11-23 22:30 - 2012-11-23 21:02 - 00000898 ____A C:\Users\Owner\Desktop\Sandboxed Web Browser.lnk
2012-11-23 21:41 - 2012-11-23 21:41 - 00000000 ____D C:\Program Files (x86)\ETS
2012-11-23 21:02 - 2012-11-23 21:02 - 00000000 ____D C:\Program Files\Sandboxie
2012-11-23 20:32 - 2012-11-24 03:33 - 78851696 ____A C:\Users\Owner\Downloads\JetBrains.PyCharm.v2.0.Full-EMBRACE.rar
2012-11-22 03:44 - 2012-11-22 03:44 - 00001960 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-22 03:44 - 2012-10-30 15:51 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-11-22 03:44 - 2012-10-30 15:51 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-11-22 03:44 - 2012-10-30 15:51 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-11-22 03:44 - 2012-10-30 15:51 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-11-22 03:44 - 2012-10-30 15:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-11-22 03:44 - 2012-10-30 15:51 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-11-22 03:44 - 2012-10-30 15:50 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-11-22 03:44 - 2012-10-30 15:50 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-11-22 03:44 - 2012-10-15 08:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-11-22 03:38 - 2012-11-22 14:18 - 00000000 ____D C:\Users\Owner\Downloads\The Dark Knight Rises (2012) [1080p]
2012-11-19 03:09 - 2012-11-19 03:11 - 00000000 ____D C:\Users\Owner\Downloads\Best of NIN
2012-11-18 19:20 - 2012-11-18 19:20 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-11-18 19:20 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-11-18 19:19 - 2012-11-18 19:19 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-18 19:19 - 2012-11-18 19:19 - 00000000 ____D C:\Program Files\iPod
2012-11-14 03:11 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-11-14 03:11 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-11-14 03:11 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-11-14 03:11 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-14 03:06 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-11-14 03:06 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-11-14 03:06 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-11-14 03:06 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-11-14 03:06 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-11-14 03:06 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-11-14 03:06 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-11-14 03:06 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-11-14 03:06 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-11-14 03:06 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-11-14 03:06 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-11-14 03:06 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-11-14 03:06 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-11-14 03:06 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-11-14 03:06 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-11-14 03:06 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-11-14 03:06 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-11-14 03:06 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-11-14 03:06 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-11-14 03:06 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-11-14 03:06 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-11-14 03:06 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-11-14 03:06 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-11-14 03:06 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-11-14 03:06 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-11-14 03:06 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-11-14 03:06 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-11-14 03:06 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-11-14 03:06 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-11-14 03:06 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-11-14 03:06 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-11-14 03:06 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-11-14 03:02 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-14 03:02 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-14 03:02 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-14 03:02 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-14 03:02 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-14 03:02 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-14 03:02 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-14 03:02 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-13 14:21 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-11-13 14:21 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-11-13 14:21 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-11-13 14:21 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-13 14:21 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-13 14:21 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-11-13 14:21 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-11-13 14:21 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-11-13 14:21 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-11-13 14:21 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-11-13 14:21 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-11-13 14:21 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-11-13 14:21 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2012-11-13 14:21 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-11-13 14:21 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2012-11-13 14:21 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-11-13 14:21 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-11-13 14:21 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-13 14:21 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-11-10 03:17 - 2012-11-10 03:49 - 00000000 ____D C:\Users\Owner\Downloads\Learn R statistics
2012-11-08 02:25 - 2012-11-08 02:45 - 00000000 ____D C:\Users\Owner\.idlerc
2012-11-08 02:03 - 2012-11-27 19:13 - 00000000 ____D C:\Python27
2012-11-08 01:54 - 2012-11-08 01:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Sublime Text 2
2012-11-08 01:53 - 2012-11-08 01:58 - 00000000 ____D C:\Program Files (x86)\Sublime Text 2
2012-11-05 16:58 - 2012-11-06 18:27 - 00000000 ____D C:\Users\Owner\Downloads\Band Of Brothers 2001 Boxset 720p BRRip x264-HDLiTE
2012-11-04 14:55 - 2012-11-04 14:55 - 00000000 ____D C:\Users\Owner\Downloads\Monty Python Collection
2012-11-04 02:30 - 2012-11-04 02:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-04 02:25 - 2012-11-04 02:25 - 00048517 ____A C:\Users\Owner\Downloads\youtube1.0.1.2.crx
2012-11-04 02:23 - 2012-11-04 02:23 - 00000000 ____D C:\Users\Owner\Extensions
2012-11-03 22:46 - 2012-11-04 00:13 - 159917591 ____A C:\Users\Owner\Downloads\2928.rar
2012-11-03 00:47 - 2012-11-27 19:13 - 00000000 ____D C:\Users\Owner\Documents\JH
2012-11-01 19:18 - 2012-11-01 19:30 - 00000000 ____D C:\Users\Owner\Downloads\Microsoft Office 2010 Proffesional
2012-10-31 00:08 - 2012-10-31 13:06 - 00000000 ____D C:\Users\Owner\Documents\The Personal MBA Mastering Business Without Spending a Fortune eBooK -LegalTorrents
2012-10-31 00:05 - 2012-10-31 13:05 - 00000000 ____D C:\Users\Owner\Documents\MBA in a Day What You Would Learn at Top-Tier Business Schools (If You Only Had The Time!)
2012-10-29 19:29 - 2012-11-24 03:49 - 00000000 ____D C:\Users\Owner\AppData\Local\Incomplete
2012-10-29 19:29 - 2012-10-29 19:29 - 00000020 ____A C:\Users\Owner\AppData\Local\New WinRAR archive.RAR
2012-10-29 02:02 - 2012-10-29 02:07 - 00000000 ____D C:\Users\Owner\Downloads\C&C OST Collection
2012-10-28 16:33 - 2012-10-28 16:51 - 735993856 ____A C:\Users\Owner\Downloads\Serenity[2005][Aka.Firefly]DvDrip[Eng]-aXXo.avi


==================== One Month Modified Files and Folders =======

2012-11-27 20:48 - 2012-11-27 20:48 - 00000000 ____D C:\FRST
2012-11-27 20:17 - 2011-12-15 03:23 - 00088184 ____A C:\aaw7boot.log
2012-11-27 20:17 - 2009-07-13 20:45 - 00339440 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-27 19:14 - 2012-11-24 15:53 - 00000000 ____D C:\Users\Owner\Downloads\Mad Max 2 The Road Warrior (1981)
2012-11-27 19:14 - 2012-11-24 15:53 - 00000000 ____D C:\Users\Owner\Downloads\Mad Max (1979)
2012-11-27 19:14 - 2011-11-16 17:10 - 00000000 ____D C:\users\chris
2012-11-27 19:14 - 2011-08-09 22:24 - 00000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2012-11-27 19:14 - 2011-08-09 16:52 - 00000000 ____D C:\Users\Owner\AppData\Roaming\uTorrent
2012-11-27 19:14 - 2010-06-09 19:04 - 00000000 ____D C:\users\Owner
2012-11-27 19:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-11-27 19:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-11-27 19:13 - 2012-11-24 17:12 - 00000000 ____D C:\Users\Owner\.PyCharm20
2012-11-27 19:13 - 2012-11-08 02:03 - 00000000 ____D C:\Python27
2012-11-27 19:13 - 2012-11-03 00:47 - 00000000 ____D C:\Users\Owner\Documents\JH
2012-11-27 19:13 - 2012-10-22 01:22 - 00000000 ____D C:\FavoriteVideo
2012-11-27 19:13 - 2012-01-12 23:36 - 00000000 ____D C:\Program Files (x86)\NCH Software
2012-11-27 19:13 - 2011-02-21 01:39 - 00000000 ____D C:\Program Files (x86)\Fraxxus
2012-11-27 19:13 - 2010-12-02 17:45 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2012-11-27 19:04 - 2012-11-24 17:29 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2012-11-27 19:04 - 2012-11-24 17:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Audacity
2012-11-27 19:04 - 2012-11-24 17:23 - 00000000 ____D C:\Program Files (x86)\Audacity
2012-11-26 01:13 - 2012-11-24 21:47 - 00000000 ____D C:\Users\Owner\PycharmProjects
2012-11-24 17:12 - 2012-11-24 17:12 - 00000000 ____D C:\Program Files (x86)\JetBrains
2012-11-24 17:12 - 2010-06-09 21:39 - 01411921 ____A C:\Windows\WindowsUpdate.log
2012-11-24 17:08 - 2011-04-30 19:21 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-24 17:07 - 2012-11-23 22:30 - 00001462 ____A C:\Windows\Sandboxie.ini
2012-11-24 17:05 - 2012-11-24 17:05 - 00000000 ___RD C:\Sandbox
2012-11-24 16:35 - 2012-04-11 00:25 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3683505137-3258796960-1857154915-1000UA.job
2012-11-24 16:35 - 2012-04-11 00:25 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3683505137-3258796960-1857154915-1000Core.job
2012-11-24 14:57 - 2009-07-13 20:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-24 14:57 - 2009-07-13 20:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-24 03:49 - 2012-10-29 19:29 - 00000000 ____D C:\Users\Owner\AppData\Local\Incomplete
2012-11-24 03:33 - 2012-11-23 20:32 - 78851696 ____A C:\Users\Owner\Downloads\JetBrains.PyCharm.v2.0.Full-EMBRACE.rar
2012-11-24 03:03 - 2012-11-24 02:58 - 00000000 ____D C:\Users\Owner\Downloads\Bassnectar - Divergent Spectrum Remixes (Private Dubstash)
2012-11-24 02:39 - 2009-07-13 20:51 - 00117296 ____A C:\Windows\setupact.log
2012-11-24 02:20 - 2011-08-28 18:08 - 00000440 ____A C:\Windows\Tasks\ParetoLogic Update Version2.job
2012-11-24 02:20 - 2010-06-09 19:04 - 00093240 ____A C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-23 22:29 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-23 21:41 - 2012-11-23 21:41 - 00000000 ____D C:\Program Files (x86)\ETS
2012-11-23 21:41 - 2010-06-09 21:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-11-23 21:02 - 2012-11-23 22:30 - 00000898 ____A C:\Users\Owner\Desktop\Sandboxed Web Browser.lnk
2012-11-23 21:02 - 2012-11-23 21:02 - 00000000 ____D C:\Program Files\Sandboxie
2012-11-23 19:56 - 2011-04-30 19:21 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-23 19:44 - 2011-08-28 18:08 - 00000466 ____A C:\Windows\Tasks\ParetoLogic Registration.job
2012-11-22 21:54 - 2011-12-12 21:52 - 00000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2012-11-22 21:54 - 2011-12-12 21:52 - 00000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2012-11-22 14:43 - 2011-06-23 18:07 - 00000000 ____D C:\Users\Owner\AppData\Local\PMB Files
2012-11-22 14:18 - 2012-11-22 03:38 - 00000000 ____D C:\Users\Owner\Downloads\The Dark Knight Rises (2012) [1080p]
2012-11-22 14:13 - 2011-08-29 14:09 - 00000418 ____A C:\Windows\Tasks\DriverUpdate Startup.job
2012-11-22 14:13 - 2010-06-09 21:56 - 00002400 ____A C:\Windows\System32\AutoRunFilter.ini
2012-11-22 14:13 - 2010-06-09 21:56 - 00001673 ____A C:\Windows\System32\ServiceFilter.ini
2012-11-22 14:12 - 2012-04-04 08:48 - 00000000 ___RD C:\Users\Owner\Dropbox
2012-11-22 14:12 - 2012-04-04 08:47 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2012-11-22 14:12 - 2011-11-16 22:30 - 00000000 ____D C:\Program Files (x86)\Steam
2012-11-22 14:12 - 2011-08-29 14:09 - 00013920 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2012-11-22 14:12 - 2010-08-11 20:47 - 00000000 ____D C:\Users\Owner\Tracing
2012-11-22 14:11 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-22 03:44 - 2012-11-22 03:44 - 00001960 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-22 03:44 - 2012-11-22 03:44 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-21 22:37 - 2011-11-16 17:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUpMedia
2012-11-19 03:11 - 2012-11-19 03:09 - 00000000 ____D C:\Users\Owner\Downloads\Best of NIN
2012-11-18 19:20 - 2012-11-18 19:20 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-11-18 19:19 - 2012-11-18 19:19 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-18 19:19 - 2012-11-18 19:19 - 00000000 ____D C:\Program Files\iPod
2012-11-18 19:19 - 2010-09-26 14:58 - 00000000 ____D C:\Program Files\iTunes
2012-11-18 19:19 - 2010-09-26 14:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-11-17 23:02 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-11-17 14:12 - 2011-11-16 17:14 - 00000000 ____D C:\Users\All Users\TuneUpMedia
2012-11-14 03:33 - 2012-06-08 00:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-14 03:33 - 2010-06-09 21:58 - 00074686 ____A C:\Windows\PFRO.log
2012-11-14 03:15 - 2011-10-06 19:08 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-11-14 03:03 - 2010-08-05 00:50 - 66395536 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-11-14 03:02 - 2009-07-13 18:34 - 00000478 ____A C:\Windows\win.ini
2012-11-10 03:49 - 2012-11-10 03:17 - 00000000 ____D C:\Users\Owner\Downloads\Learn R statistics
2012-11-08 19:09 - 2011-04-30 19:22 - 00002380 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-11-08 02:45 - 2012-11-08 02:25 - 00000000 ____D C:\Users\Owner\.idlerc
2012-11-08 01:58 - 2012-11-08 01:53 - 00000000 ____D C:\Program Files (x86)\Sublime Text 2
2012-11-08 01:54 - 2012-11-08 01:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Sublime Text 2
2012-11-07 17:34 - 2012-10-14 18:39 - 00000000 ____D C:\Users\Owner\Documents\Work
2012-11-06 18:27 - 2012-11-05 16:58 - 00000000 ____D C:\Users\Owner\Downloads\Band Of Brothers 2001 Boxset 720p BRRip x264-HDLiTE
2012-11-06 00:03 - 2011-11-16 17:23 - 00000237 ____A C:\Users\Owner\Documents\ax_files.xml
2012-11-04 14:55 - 2012-11-04 14:55 - 00000000 ____D C:\Users\Owner\Downloads\Monty Python Collection
2012-11-04 02:30 - 2012-11-04 02:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-04 02:25 - 2012-11-04 02:25 - 00048517 ____A C:\Users\Owner\Downloads\youtube1.0.1.2.crx
2012-11-04 02:23 - 2012-11-04 02:23 - 00000000 ____D C:\Users\Owner\Extensions
2012-11-04 00:13 - 2012-11-03 22:46 - 159917591 ____A C:\Users\Owner\Downloads\2928.rar
2012-11-02 21:10 - 2012-01-03 00:09 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-02 21:10 - 2010-08-04 22:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-01 19:30 - 2012-11-01 19:18 - 00000000 ____D C:\Users\Owner\Downloads\Microsoft Office 2010 Proffesional
2012-10-31 13:06 - 2012-10-31 00:08 - 00000000 ____D C:\Users\Owner\Documents\The Personal MBA Mastering Business Without Spending a Fortune eBooK -LegalTorrents
2012-10-31 13:05 - 2012-10-31 00:05 - 00000000 ____D C:\Users\Owner\Documents\MBA in a Day What You Would Learn at Top-Tier Business Schools (If You Only Had The Time!)
2012-10-31 00:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-10-30 15:51 - 2012-11-22 03:44 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-10-30 15:51 - 2012-11-22 03:44 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-10-30 15:51 - 2012-11-22 03:44 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-10-30 15:51 - 2012-11-22 03:44 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-10-30 15:51 - 2012-11-22 03:44 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-10-30 15:51 - 2012-11-22 03:44 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-10-30 15:50 - 2012-11-22 03:44 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-10-30 15:50 - 2012-11-22 03:44 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-10-29 19:29 - 2012-10-29 19:29 - 00000020 ____A C:\Users\Owner\AppData\Local\New WinRAR archive.RAR
2012-10-29 02:07 - 2012-10-29 02:02 - 00000000 ____D C:\Users\Owner\Downloads\C&C OST Collection
2012-10-28 16:51 - 2012-10-28 16:33 - 735993856 ____A C:\Users\Owner\Downloads\Serenity[2005][Aka.Firefly]DvDrip[Eng]-aXXo.avi


ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-11-22 03:43:54
Restore point made on: 2012-11-23 21:41:33
Restore point made on: 2012-11-24 17:19:56

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 6068.55 MB
Available physical RAM: 5385.06 MB
Total Pagefile: 6066.7 MB
Available Pagefile: 5380.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:465.76 GB) (Free:122.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (????) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: (SPINRITE V6) (Removable) (Total:3.81 GB) (Free:0.22 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3912 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 1024 KB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 465 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3898 MB 17 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F SPINRITE V6 FAT32 Removable 3898 MB Healthy

=========================================================

Last Boot: 2012-11-26 20:21

==================== End Of Log =============================

Edited by haah, 28 November 2012 - 12:24 AM.


BC AdBot (Login to Remove)

 


#2 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:46 PM

Posted 28 November 2012 - 01:31 AM

Hi and welcome to the forum :)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is:Attached File  fixlist.txt   611bytes   4 downloads
  • Save fixlist.txt to your flash drive.
  • You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message.

Now attempt to boot normally.

#3 haah

haah
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:46 PM

Posted 28 November 2012 - 02:06 AM

It worked! I've attached the fixlog; Is there anything else, other than running my anti virus, I can do to make sure that the virus is gone? Thanks again!

Attached Files



#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:46 PM

Posted 28 November 2012 - 02:58 PM

Great :thumbup2:

Please download Malwarebytes Anti-Rootkit Posted Image and save it to your desktop.
  • Be sure to print out and follow these instructions for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.
Note: Further documentation on this tool can be found in the ReadMe.rtf file which is located in the Malwarebytes Anti-Rootkit (mbar) folder.

#5 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:46 PM

Posted 01 December 2012 - 05:42 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users