Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix analyse


  • This topic is locked This topic is locked
3 replies to this topic

#1 Deathpirat

Deathpirat

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 07 February 2013 - 05:37 AM

Hello,

My problem is that the start bag in Firefox and IE is search.certified-toolbar.com?si=41460&shortcut=true&tid=2937

i have tried many things but without any success

could anybody help me, please ?

ComboFix 13-02-06.01 - Gigabyte 02/07/2013   4:49.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1256.966.1025.18.8154.6100 [GMT 3:00]
Running from: c:\users\Gigabyte\Downloads\Programs\ComboFix_2.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Gigabyte\AppData\Roaming\system32
c:\windows\system\VI30AUT.DLL
c:\windows\SysWow64\ftx32.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\tmp7F28.tmp
c:\windows\SysWow64\tmp7F29.tmp
c:\windows\SysWow64\wpcap.dll
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
-------\Service_vcs
.
.
(((((((((((((((((((((((((   Files Created from 2013-01-07 to 2013-02-07  )))))))))))))))))))))))))))))))
.
.
2013-02-07 01:56 . 2013-02-07 01:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-06 02:51 . 2013-02-06 02:51	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\TuneUp Software
2013-02-06 02:47 . 2013-02-06 03:21	--------	d-----w-	c:\programdata\MFAData
2013-02-06 02:47 . 2013-02-06 03:19	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Avg2013
2013-02-06 02:47 . 2013-02-06 02:47	--------	d--h--w-	c:\programdata\Common Files
2013-02-06 02:47 . 2013-02-06 02:47	--------	d-----w-	c:\users\Gigabyte\AppData\Local\MFAData
2013-02-06 01:42 . 2013-02-06 01:41	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-02 13:14 . 2013-02-02 13:14	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Subversion
2013-02-02 12:55 . 2013-02-02 12:55	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Embarcadero
2013-02-02 12:55 . 2013-02-02 12:55	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\DevJET
2013-02-02 12:53 . 2013-02-02 12:53	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Raize
2013-02-02 09:58 . 2013-02-02 09:58	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Apple Computer
2013-02-02 09:58 . 2013-02-02 10:38	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Apple Computer
2013-02-02 09:58 . 2013-02-04 11:47	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-02 09:58 . 2013-02-02 09:58	--------	d-----w-	c:\programdata\Apple Computer
2013-02-02 09:58 . 2013-02-02 09:58	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Apple
2013-02-02 09:57 . 2013-02-02 09:58	--------	d-----w-	c:\programdata\Apple
2013-02-02 09:51 . 2013-02-02 13:02	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-02 09:51 . 2012-12-14 13:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-01 21:24 . 2013-02-01 21:24	110080	----a-r-	c:\users\Gigabyte\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconF7A21AF7.exe
2013-02-01 21:24 . 2013-02-01 21:24	110080	----a-r-	c:\users\Gigabyte\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconD7F16134.exe
2013-02-01 21:24 . 2013-02-01 21:24	110080	----a-r-	c:\users\Gigabyte\AppData\Roaming\Microsoft\Installer\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}\IconCF33A0CE.exe
2013-02-01 21:24 . 2013-02-01 21:24	--------	d-----w-	c:\program files (x86)\Enigma Software Group
2013-02-01 21:23 . 2013-02-07 01:14	--------	d-----w-	c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
2013-02-01 20:49 . 2013-02-01 21:21	--------	d-----w-	c:\windows\CD6329998BB745B5918E011545F6BB1D.TMP
2013-02-01 20:45 . 2013-02-01 20:45	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\FinalBuilder7
2013-02-01 20:41 . 2013-02-01 20:41	--------	d-----w-	c:\programdata\SUPERSetup
2013-02-01 20:25 . 2011-08-28 02:00	506880	----a-w-	c:\windows\SysWow64\CodeSiteExpressPkg160.bpl
2013-02-01 20:25 . 2013-02-01 20:25	--------	d-----w-	c:\programdata\Raize
2013-02-01 20:25 . 2010-11-03 13:55	2457088	----a-w-	c:\windows\SysWow64\vcl150.bpl
2013-02-01 20:25 . 2011-08-28 02:00	36352	----a-w-	c:\windows\SysWow64\CodeSitePlugIns150.bpl
2013-02-01 20:25 . 2010-11-03 13:55	2150400	----a-w-	c:\windows\SysWow64\rtl150.bpl
2013-02-01 20:25 . 2013-02-01 20:25	--------	d-----w-	c:\program files (x86)\Raize
2013-02-01 20:22 . 2013-02-01 20:22	--------	d-----w-	c:\programdata\VSoft
2013-02-01 20:22 . 2013-02-02 13:16	--------	d-----w-	c:\program files (x86)\FinalBuilder 7 XE2
2013-02-01 20:22 . 2013-02-01 20:22	--------	d-----w-	c:\program files (x86)\Common Files\VSoft
2013-02-01 19:49 . 2013-02-01 19:59	--------	dc-h--w-	c:\programdata\{EDA307AA-B5A4-4524-B840-2914497A9C3C}
2013-02-01 19:48 . 2011-08-15 06:10	1312768	----a-w-	c:\windows\SysWow64\Rave100VCL160.bpl
2013-02-01 19:48 . 2013-02-01 19:48	--------	d-----w-	c:\program files (x86)\CollabNet
2013-02-01 19:48 . 2013-02-01 19:48	--------	d-----w-	c:\program files (x86)\DevJet
2013-02-01 19:48 . 2013-02-01 19:48	--------	d-----w-	c:\program files (x86)\FastReports
2013-02-01 19:42 . 2013-02-04 10:17	--------	d-----w-	c:\programdata\Embarcadero
2013-02-01 19:42 . 2013-02-02 12:55	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Embarcadero
2013-02-01 19:42 . 2013-02-01 19:42	--------	d-----w-	c:\program files (x86)\Common Files\CodeGear Shared
2013-02-01 19:42 . 2013-02-01 19:42	--------	d-----w-	c:\program files (x86)\Common Files\Borland Shared
2013-02-01 19:42 . 2013-02-01 19:42	--------	d-----w-	c:\program files (x86)\Embarcadero
2013-02-01 19:30 . 2013-02-01 20:45	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Anvisoft
2013-02-01 19:30 . 2013-02-01 19:30	--------	d-----w-	c:\programdata\Anvisoft
2013-02-01 19:30 . 2013-02-01 19:30	--------	d-----w-	c:\program files (x86)\Anvisoft
2013-02-01 18:55 . 2013-02-01 20:21	--------	d--h--w-	c:\programdata\{46A13B26-D605-4DC3-8770-D0F4A0C3565D}
2013-02-01 18:54 . 2013-02-01 18:54	--------	d-----w-	c:\users\Gigabyte\AppData\Local\PackageAware
2013-02-01 17:41 . 2013-02-01 17:41	--------	d-----w-	c:\program files (x86)\Uniblue
2013-01-31 02:07 . 2013-01-31 02:07	--------	d-----w-	c:\program files (x86)\NTCore
2013-01-31 01:54 . 2013-01-31 01:54	--------	d-----w-	c:\programdata\IsolatedStorage
2013-01-29 05:20 . 2013-02-01 08:05	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Remove Toolbar Buddy
2013-01-29 05:20 . 2011-09-08 16:08	587768	----a-w-	c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v15.1.3.0908.ocx
2013-01-29 05:20 . 2011-09-08 16:08	509944	----a-w-	c:\windows\SysWow64\Codejock.ShortcutBar.Unicode.v15.1.3.0908.ocx
2013-01-29 05:20 . 2011-09-08 16:08	1140728	----a-w-	c:\windows\SysWow64\Codejock.PropertyGrid.Unicode.v15.1.3.0908.ocx
2013-01-29 05:20 . 2011-09-08 16:08	833528	----a-w-	c:\windows\SysWow64\Codejock.DockingPane.Unicode.v15.1.3.0908.ocx
2013-01-29 05:20 . 2011-09-08 16:08	1906680	----a-w-	c:\windows\SysWow64\Codejock.Controls.Unicode.v15.1.3.0908.ocx
2013-01-29 05:20 . 2013-01-29 05:20	--------	d-----w-	c:\program files (x86)\Scorpio Software
2013-01-29 05:20 . 2011-09-08 16:07	2717688	----a-w-	c:\windows\SysWow64\Codejock.CommandBars.Unicode.v15.1.3.0908.ocx
2013-01-29 04:55 . 2013-01-29 04:55	--------	d-----w-	c:\programdata\Adguard
2013-01-29 04:54 . 2013-01-29 05:01	--------	d-----w-	c:\program files (x86)\Adguard
2013-01-27 14:47 . 2013-01-27 15:20	--------	d-----w-	C:\Perl
2013-01-27 09:31 . 2013-01-27 09:31	--------	d-----w-	c:\program files (x86)\Acunetix
2013-01-27 09:31 . 2013-01-27 09:31	--------	d-----w-	c:\programdata\Acunetix WVS 8
2013-01-27 08:59 . 2013-01-27 08:59	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\URSoft
2013-01-27 08:59 . 2013-01-27 08:59	--------	d-----w-	c:\program files (x86)\Your Uninstaller! 7
2013-01-26 12:48 . 2013-01-27 07:49	--------	d-----w-	c:\users\Gigabyte\.zenmap
2013-01-26 12:47 . 2013-01-26 12:47	--------	d-----w-	c:\program files\WinPcap
2013-01-26 12:46 . 2013-01-26 12:47	--------	d-----w-	c:\program files (x86)\Nmap
2013-01-20 06:16 . 2013-01-20 06:16	42184	----a-w-	c:\windows\system32\drivers\taphss6.sys
2013-01-20 06:07 . 2013-01-20 06:07	42696	----a-w-	c:\windows\system32\drivers\hssdrv6.sys
2013-01-19 12:39 . 2013-01-19 12:39	--------	dc----w-	c:\users\Gigabyte\AppData\Local\MigWiz
2013-01-15 22:39 . 2013-01-15 22:39	--------	d-----w-	c:\program files\ComPlus Applications
2013-01-15 06:19 . 2013-01-15 06:19	--------	d-----w-	c:\program files (x86)\VideoDownloadConverter_4zEI
2013-01-15 06:08 . 2013-01-15 07:40	--------	d-----w-	c:\program files (x86)\Twitter Hacker Pro
2013-01-15 04:03 . 2013-01-15 04:03	--------	d-----w-	c:\program files (x86)\Web Publish
2013-01-15 04:02 . 2013-01-15 04:02	--------	d-----w-	c:\windows\msapps
2013-01-15 01:09 . 2013-01-15 01:09	--------	d-----w-	c:\program files\BreakPoint Software
2013-01-14 23:39 . 2013-01-14 23:39	--------	d-----w-	c:\program files\Enigma Software Group
2013-01-14 23:39 . 2013-02-01 20:50	--------	d-----w-	c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-14 23:39 . 2013-02-01 21:23	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-01-14 23:09 . 2012-02-23 11:24	24408	----a-w-	c:\windows\system32\RegistryDefragBootTime.exe
2013-01-13 20:45 . 2013-01-13 20:45	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Vitalwerks
2013-01-13 20:45 . 2013-01-15 00:24	--------	d-----w-	c:\program files (x86)\No-IP
2013-01-13 18:01 . 2009-07-22 08:17	78872	----a-w-	c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2013-01-13 18:01 . 2009-07-22 08:17	50200	----a-w-	c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2013-01-13 18:01 . 2009-07-22 08:17	79896	----a-w-	c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2013-01-13 18:01 . 2009-07-22 08:17	111640	----a-w-	c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2013-01-13 18:00 . 2013-01-13 18:00	--------	d-----w-	c:\windows\system32\RsFx
2013-01-13 18:00 . 2013-01-13 18:00	--------	d-----w-	c:\program files\Microsoft Visual Studio 9.0
2013-01-13 17:59 . 2013-01-13 17:59	--------	d-----w-	c:\program files\Microsoft.NET
2013-01-13 17:57 . 2013-01-13 17:57	--------	d-----w-	c:\program files\Microsoft Sync Framework
2013-01-13 17:57 . 2013-01-13 17:57	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2013-01-13 17:57 . 2013-01-13 17:57	--------	d-----w-	c:\program files (x86)\Microsoft Synchronization Services
2013-01-13 17:57 . 2013-01-13 17:57	--------	d-----w-	c:\programdata\PreEmptive Solutions
2013-01-13 17:54 . 2013-01-13 18:02	2371296	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-01-13 17:51 . 2013-01-13 17:57	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 10.0
2013-01-13 17:51 . 2013-01-13 17:53	--------	d-----w-	c:\program files (x86)\Microsoft F#
2013-01-13 17:51 . 2013-01-13 17:52	--------	d-----w-	c:\program files (x86)\Common Files\Merge Modules
2013-01-13 17:51 . 2013-01-13 17:52	--------	d-----w-	c:\program files (x86)\HTML Help Workshop
2013-01-13 17:49 . 2013-01-13 17:49	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 9.0
2013-01-13 17:49 . 2013-01-13 17:49	--------	d-----w-	c:\windows\symbols
2013-01-13 17:49 . 2013-01-13 17:49	--------	d-----w-	c:\program files\Microsoft Visual Studio 10.0
2013-01-13 17:49 . 2013-01-13 17:49	--------	d-----w-	c:\program files\Microsoft Help Viewer
2013-01-12 19:54 . 2013-01-12 19:54	--------	d-----w-	c:\program files (x86)\DownTangoFTToolbar
2013-01-12 19:54 . 2013-01-12 19:54	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\DownTangoFTToolbar
2013-01-12 19:54 . 2013-01-03 04:18	15360	----a-w-	c:\windows\Launcher.exe
2013-01-12 19:53 . 2013-01-12 19:53	--------	d-----w-	c:\users\Gigabyte\AppData\Local\DownTango
2013-01-12 19:53 . 2013-01-12 19:57	--------	d-----w-	c:\program files (x86)\Red Sky
2013-01-11 11:47 . 2013-02-06 01:41	861088	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-01-11 11:47 . 2013-02-06 01:41	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-01-11 11:46 . 2013-01-11 11:46	--------	d-----w-	c:\programdata\McAfee
2013-01-10 14:47 . 2008-06-24 10:45	1414440	----a-w-	c:\windows\SysWow64\ShellManager310E2D762.dll
2013-01-10 13:36 . 2013-01-10 13:36	--------	d-----w-	c:\programdata\IObit
2013-01-10 13:36 . 2013-01-11 11:53	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\IObit
2013-01-10 13:36 . 2013-02-02 13:13	--------	d-----w-	c:\program files (x86)\IObit
2013-01-10 13:34 . 2013-01-10 13:34	--------	d-----w-	c:\programdata\BlueSprig
2013-01-10 13:34 . 2013-01-10 13:34	--------	d-----w-	c:\program files (x86)\BlueSprig
2013-01-10 13:20 . 2013-01-10 13:20	--------	d-----w-	c:\users\Gigabyte\AppData\Local\Programs
2013-01-10 13:15 . 2013-01-10 13:15	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Malwarebytes
2013-01-10 13:15 . 2013-01-10 13:15	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-09 12:09 . 2013-01-09 12:09	--------	d-----w-	c:\users\Gigabyte\AppData\Roaming\Composer
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-02 09:42 . 2012-07-14 22:01	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-02-02 09:42 . 2012-07-14 22:01	25640	----a-w-	c:\windows\gdrv.sys
2013-01-09 12:26 . 2012-07-14 17:19	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 12:26 . 2012-07-14 17:19	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 13:53 . 2012-11-16 20:44	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-11 13:53 . 2012-11-16 20:44	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-12-09 20:34 . 2012-12-09 20:34	419840	----a-w-	c:\windows\system32\wrap_oal.dll
2012-12-09 20:34 . 2012-12-09 20:34	413696	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2012-12-09 20:34 . 2012-12-09 20:34	133632	----a-w-	c:\windows\system32\OpenAL32.dll
2012-12-09 20:34 . 2012-12-09 20:34	110592	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2012-11-29 19:20 . 2012-11-29 19:20	106000	----a-w-	c:\windows\system32\Packet.dll
2012-11-29 19:20 . 2012-11-29 19:20	369168	----a-w-	c:\windows\system32\wpcap.dll
2012-11-29 19:20 . 2012-11-29 19:20	35344	----a-w-	c:\windows\system32\drivers\npf.sys
2012-11-16 18:55 . 2012-11-16 18:55	2549120	----a-w-	c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-02-20 3425688]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-12-08 969104]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-01-12 5028464]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-01 90448]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-10-29 1573584]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi Surround 5.1\Volume Panel\VolPanlu.exe" [2008-11-24 237693]
"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Gigabyte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CaptureWiz.lnk - c:\program files (x86)\CaptureWiz\Pro\CaptureWiz.exe [2012-11-9 3074688]
No-IP DUC.lnk - c:\program files (x86)\No-IP\DUC30.exe [2010-6-19 1423520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-09 79360]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 esgiguard;esgiguard; [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-08-13 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2013-02-02 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 MSICDSetup;MSICDSetup;E:\CDriver64.sys [x]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [2012-07-14 82048]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2010-01-07 448512]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-01-20 42184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;خدمة Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-20 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 iusb3hcs;برنامج تشغيل تحويل جهاز تحكم مضيف Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-04-03 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-04-03 130864]
S2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;c:\program files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2011-11-16 914568]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 145008]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-20 378984]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-01-10 27760]
S3 iusb3hub;برنامج تشغيل لوحة وصل Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
S3 iusb3xhc;برنامج تشغيل جهاز تحكم مضيف Intel(R) USB 3.0 القابل للمد;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2009-08-05 1134208]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-03 147248]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-04-03 166192]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-01-10 2184816]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [2012-01-20 205312]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [2012-01-20 254464]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-14 12:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50	22408	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
"Creative SB Monitoring Utility"="sbavmon.dll" [2008-12-01 103424]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\system32\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 119.187.148.34:8000
uInternet Settings,ProxyOverride = <local>
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: {{2d8ee268-8d7a-4996-b80b-8999ce8c7fe2} - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} -
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3C6D67F2-E8BF-4709-BA39-238CCC9BF4A5}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
DPF: {625CA666-935A-EC18-CCEC-CCE04C544730} - hxxp://chatvoice.voicef.net/talkoknew.cab
DPF: {625CA666-935A-EC18-CCEC-CCE04C544777} - hxxp://serv3.7lavoice.net/tiktik.cab
DPF: {7253A666-804A-1108-A3DC-00E04C504788} - hxxp://5.10.68.82:1990/inc/bmchat.cab
DPF: {8855A666-683F-4D45-B6F1-549188BB79C1} - hxxp://floodserver19.ksavoice1.com/bmc.cab
FF - ProfilePath - c:\users\Gigabyte\AppData\Roaming\Mozilla\Firefox\Profiles\s1f60sr8.default-1360201126740\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2013-02-07 04:31; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-02-07  05:02:39 - machine was rebooted
ComboFix-quarantined-files.txt  2013-02-07 02:02
.
Pre-Run: 401,418,940,416 bytes free
Post-Run: 400,809,275,392 bytes free
.
- - End Of File - - A352C792CF6BBB53FDF540532D070AF5


BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 PM

Posted 07 February 2013 - 03:34 PM

Hello, Deathpirat.
My name is etavares and I will be helping you with this log.
 
Here are some guidelines to ensure we are able to get your machine back under your control.
 
  • Please do not run any unsupervised scans, fixes, etc.  We can work against each other and end up in a worse place.
  • Please subscribe to this topic if you have not already done so.  Please check back just in case, as the email system can fail at times.
  • Just because your machine is running better does not mean it is completely cleaned.  Please wait for the 'all clear' from me to say when we are done.
  • Please reply within 3 days to be fair to other people asking for help.
  • When in doubt, please stop and ask first.  There's no harm in asking questions!
  •  
     
     
    Step 1
     
    We need to create an OTL report,
  • (If that link doesn't work, try this alternate link
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Select "Use Safelist" under "Extra Registry"
  • Under the Custom Scan box paste this in:
  • netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP 
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
     
     
  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.  If they are too big to paste in one reply, please split them into separate posts.
  •  
    etavares


    If I don't respond within 2 days, please feel free to PM me.
    Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

    Posted Image
    Unified Network of Instructors and Trusted Eliminators
     


    #3 etavares

    etavares

      Bleepin' Remover


    • Malware Response Team
    • 15,514 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:08:28 PM

    Posted 10 March 2013 - 07:22 AM

    Due to lack of reply, this thread is now closed. If the original poster would like to reopen this, please PM me. All others, please start a new thread.


    If I don't respond within 2 days, please feel free to PM me.
    Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

    Posted Image
    Unified Network of Instructors and Trusted Eliminators
     


    #4 etavares

    etavares

      Bleepin' Remover


    • Malware Response Team
    • 15,514 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:08:28 PM

    Posted 10 March 2013 - 07:22 AM

    Due to the lack of feedback, this topic is now closed.

    In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

    Please include a link to your topic in the Private Message. Thank you.


    If I don't respond within 2 days, please feel free to PM me.
    Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

    Posted Image
    Unified Network of Instructors and Trusted Eliminators
     





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users