Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Administrator Access denied error window plaguing me


  • This topic is locked This topic is locked
25 replies to this topic

#1 GKing

GKing

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 06 June 2013 - 12:21 AM

'An access denied error was returned while attempting to change a service. You may need to log on using an Administrator account to make the specified changes'.

...Is what I get these days while trying to use MSCONFIG to view start up programs and decheck them-or anything.

linked from: http://www.bleepingcomputer.com/forums/t/496950/administrator-access-deniel/

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.21.2
Run by greg at 21:49:06 on 2013-06-05
#Option MBR scan  is disabled.
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2559.1825 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AOL Desktop 9.7\waol.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AOL Desktop 9.7\shellmon.exe
C:\Program Files\Common Files\AOL\1370193188\ee\aolsoftware.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://att.net/
uProxyOverride = <local>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Do Not Track Me: {6E45F3E8-2683-4824-A6BE-08108022FB36} - c:\program files\donottrackplus\ie\DNTPAddon.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - c:\program files\google\chrome\application\27.0.1453.94\npchrome_frame.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.7\AOL.EXE" -b
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [readericon10] c:\program files\multimedia card reader\readericon10.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HostManager] c:\program files\common files\aol\1370193188\ee\AOLSoftware.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1365285318931
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1365295457625
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D3443CD-AE06-4BBB-AF8B-322EAFAD3F46} : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\belarcadvisor\system\BAVoilaX.dll
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome\application\27.0.1453.94\npchrome_frame.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2013-2-19 565888]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2013-2-19 91640]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2013-6-2 167784]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2013-6-2 167784]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2013-6-2 167784]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2013-6-2 203840]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2013-6-2 169320]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-6-2 172416]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-6-2 60920]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2013-6-2 235264]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-6-2 363080]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2013-6-2 84904]
RUnknown SASKUTIL;SASKUTIL; [x]
S3 GIBDDS;GIBDDS;c:\docume~1\greg\locals~1\temp\gibdds.exe --> c:\docume~1\greg\locals~1\temp\GIBDDS.exe [?]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-6-2 146872]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2013-6-2 65928]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2013-6-2 84904]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-6-2 92632]
.
=============== Created Last 30 ================
.
2013-06-04 18:39:11 163840 ----a-w- c:\windows\system32\SET9F.tmp
2013-06-04 18:39:10 27648 ----a-w- c:\windows\system32\SET9E.tmp
2013-06-04 18:37:46 19569 ----a-w- c:\windows\000001_.tmp
2013-06-02 17:12:49 -------- d-----w- c:\program files\common files\AOL
2013-06-02 17:12:47 -------- d-----w- c:\program files\common files\aolshare
2013-06-02 17:12:47 -------- d-----w- c:\program files\AOL Desktop 9.7
2013-06-02 13:57:39 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2013-06-02 13:55:46 84904 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2013-06-02 13:55:40 10088 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2013-06-02 13:55:34 92632 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2013-06-02 13:55:34 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-06-02 13:55:34 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-06-02 13:55:34 363080 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-06-02 13:55:34 235264 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-06-02 13:55:26 -------- d-----w- c:\program files\common files\Mcafee
2013-06-02 13:55:21 -------- d-----w- c:\program files\McAfee.com
2013-06-02 13:54:46 -------- d-----w- c:\program files\McAfee
2013-06-02 11:39:29 172416 ----a-w- c:\windows\system32\mfevtps.exe
2013-06-02 10:58:37 -------- d-----w- c:\documents and settings\greg\Doctor Web
2013-06-02 01:38:17 33588 ----a-r- c:\windows\system32\drivers\wanatw4.sys
2013-05-31 06:57:48 -------- d-----w- c:\documents and settings\greg\application data\EMCO
2013-05-30 03:02:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-30 03:02:02 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-27 01:47:21 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable)
2013-05-26 18:06:53 -------- d-----w- C:\hijackthis
2013-05-20 02:18:19 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-05-20 02:18:19 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-20 00:51:21 -------- d-----w- c:\documents and settings\greg\application data\DriverCure
2013-05-20 00:51:03 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic
2013-05-19 18:56:03 -------- d-----w- c:\documents and settings\all users\application data\SweetIM
2013-05-19 18:45:57 -------- d-----w- c:\program files\SweetIM
2013-05-18 00:19:17 -------- d-----w- C:\ComboFix
2013-05-15 03:38:19 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2013-05-15 03:38:18 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-05-15 03:38:17 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-05-15 03:38:16 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-05-15 03:38:15 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2013-05-15 03:38:12 11112960 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-05-15 03:38:11 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-05-15 03:38:11 2005504 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-05-10 16:36:34 -------- d-----w- c:\documents and settings\greg\local settings\application data\visi_coupon
2013-05-10 16:36:04 -------- d-----w- c:\program files\Yahoo!
2013-05-08 17:55:00 306688 ----a-w- c:\windows\IsUninst.exe
2013-05-07 17:42:59 -------- d-----w- c:\documents and settings\greg\application data\ElevatedDiagnostics
.
==================== Find3M  ====================
.
2013-06-02 17:01:38 58696 ----a-w- c:\windows\system32\AOLParconLink.exe
2013-04-18 18:04:41 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-04-18 18:04:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec
2013-04-11 05:23:28 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-04-11 05:23:28 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-04-11 05:23:14 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-06 22:59:08 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-06 22:59:06 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-06 22:59:06 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-06 20:22:16 213950 ----a-w- C:\dcsetup.exe
2013-04-04 12:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-23 08:22:22 1010464 ----a-w- c:\windows\system32\nvdispco3230790.dll
2013-03-23 08:22:16 893728 ----a-w- c:\windows\system32\nvdispgenco3230790.dll
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 21:49:54.15 ===============
 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 10 June 2013 - 08:09 PM

Hi GKing,

 

You're here because although the error looks system rather than malware, you ran Combofix.

 

Please find the log for me

 

Please go to start -> Run.

Copy and paste the bold line in the run-box and click OK:

cmd /c dir /a/s/b C:\QooBox >log.txt & log.txt

A text file opens up, copy and paste the content to your reply.


Posted Image
m0le is a proud member of UNITE

#3 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 11 June 2013 - 10:50 AM

:lmao: Hope that seems not too much like me!

Thanks mole-log as follows:



#4 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 11 June 2013 - 11:00 AM

:oopsign: maybe attach files didn't work so well 1st. time...hmmmm

Attached Files

  • Attached File  log.txt   1.18KB   4 downloads


#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 11 June 2013 - 06:13 PM

Well, the Combofix log shows you have been infected. Not sure what remains so let's see

 

Please download aswMBR to your desktop.

  • Double click the aswMBR.exe icon to run it

  • Click the Scan button to start the scan

  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

 

 

 


Posted Image
m0le is a proud member of UNITE

#6 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 12 June 2013 - 12:49 AM

Attached log.

Attached Files



#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 12 June 2013 - 07:44 PM

Please run adwcleaner next - just a scan at this stage please, GKing

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Posted Image
m0le is a proud member of UNITE

#8 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 13 June 2013 - 09:05 AM

Adw log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-11 17:44:23
-----------------------------
17:44:23.343    OS Version: Windows 5.1.2600 Service Pack 3
17:44:23.343    Number of processors: 1 586 0x209
17:44:23.343    ComputerName: HOME-167D53F7D2  UserName: greg
17:44:25.124    Initialize success
17:59:56.311    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
17:59:56.311    Disk 0 Vendor: IC35L090AVV207-0 V23OA66A Size: 88350MB BusType: 3
17:59:56.311    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
17:59:56.311    Disk 1 Vendor: ST380011A 3.16 Size: 76293MB BusType: 3
17:59:56.483    Disk 0 MBR read successfully
17:59:56.483    Disk 0 MBR scan
17:59:56.483    Disk 0 Windows XP default MBR code
17:59:56.483    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        88341 MB offset 63
17:59:56.499    Disk 0 scanning sectors +180924030
17:59:56.733    Disk 0 scanning C:\WINDOWS\system32\drivers
18:01:03.140    Service scanning
18:01:51.155    Modules scanning
18:02:17.733    Disk 0 trace - called modules:
18:02:17.733    ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
18:02:17.749    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b1fb030]
18:02:17.749    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8b242b00]
18:02:17.749    Scan finished successfully
22:34:09.890    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\greg\Desktop\MBR.dat"
22:34:10.061    The log file has been saved successfully to "C:\Documents and Settings\greg\Desktop\aswMBR.txt"

 



#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 13 June 2013 - 06:05 PM

That's aswMBR, Greg. I want the adwcleaner log.


Posted Image
m0le is a proud member of UNITE

#10 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 13 June 2013 - 11:34 PM

Attached Adw cleaner log -this time!

 



#11 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 13 June 2013 - 11:37 PM

hmmmm... :step2:

3 time a charm

Attached Files



#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 14 June 2013 - 06:28 PM

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Posted Image
m0le is a proud member of UNITE

#13 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 15 June 2013 - 02:54 AM

log as requested:

Attached Files



#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 PM

Posted 15 June 2013 - 07:43 PM

This is just the clean-up. ESET next please, Greg

 

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.


Posted Image
m0le is a proud member of UNITE

#15 GKing

GKing
  • Topic Starter

  • Members
  • 108 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SFBayArea
  • Local time:11:38 AM

Posted 18 June 2013 - 10:14 PM

Had trouble DL eset. After I run the scan first time it claimed no threats found-seemed to be no linnk to any logs let alone to 'export', maybe thats normal when the program finds nothing. I ran the scan twice more to be sure.

A window appeared today claiming my ISP files became corrupted and offered to 'reload' new connectivity files. Also Adobe flash player updated & didn't go well the first time...maybe nothing... :workout:

 

thanks m0le






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users