Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nothing detected but Mastercard compromised


  • This topic is locked This topic is locked
3 replies to this topic

#1 Mafiay2k

Mafiay2k

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 09 December 2013 - 11:10 AM

Anyone may check if I have somethng strange pls?

 

ComboFix 13-12-08.01 - Juanan 09/12/2013  16:58:30.1.4 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.34.1033.18.8154.4911 [GMT 1:00]
Running from: c:\users\Juanan\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: Cortafuegos personal de ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
 * Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\KeePass Password Safe 2\KeePass.exe
c:\users\Juanan\AppData\Local\Temp\7zS399D\HPSLPSVC64.DLL
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-09 to 2013-12-09  )))))))))))))))))))))))))))))))
.
.
2013-12-09 16:02 . 2013-12-09 16:02    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-12-08 13:01 . 2013-11-07 18:12    10285968    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EE2D1E0-493D-42EF-BF9B-843FE296A4E6}\mpengine.dll
2013-12-07 13:27 . 2013-11-07 18:12    10285968    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-06 17:31 . 2013-12-06 17:31    --------    d-----w-    c:\windows\Migration
2013-12-06 17:10 . 2013-10-30 17:03    39200    ----a-w-    c:\windows\system32\drivers\nvvad64v.sys
2013-12-06 17:10 . 2013-10-30 17:02    32544    ----a-w-    c:\windows\SysWow64\nvaudcap32v.dll
2013-12-06 12:36 . 2013-11-19 18:54    965000    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-06 12:36 . 2013-11-19 18:54    965000    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2EF92ADF-D93A-4B2E-A709-FD9412027E64}\gapaengine.dll
2013-11-20 13:52 . 2013-11-20 13:52    --------    d-----w-    c:\program files (x86)\Realtek
2013-11-20 09:45 . 2013-12-06 17:11    --------    d-----w-    c:\users\Juanan\AppData\Local\NVIDIA Corporation
2013-11-19 18:53 . 2013-11-19 18:53    --------    d-----w-    c:\program files (x86)\Microsoft Security Client
2013-11-19 18:53 . 2013-11-19 18:53    --------    d-----w-    c:\program files\Microsoft Security Client
2013-11-13 20:12 . 2013-11-13 20:12    --------    d-----w-    c:\users\Juanan\AppData\Roaming\SUPERAntiSpyware.com
2013-11-13 20:12 . 2013-11-19 18:22    --------    d-----w-    c:\program files\SUPERAntiSpyware
2013-11-13 20:12 . 2013-11-13 20:12    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2013-11-13 14:56 . 2013-09-25 02:23    1030144    ----a-w-    c:\windows\system32\TSWorkspace.dll
2013-11-13 14:56 . 2013-09-25 01:57    792576    ----a-w-    c:\windows\SysWow64\TSWorkspace.dll
2013-11-13 14:43 . 2013-10-14 17:00    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
2013-11-13 13:46 . 2013-12-09 15:36    --------    d-----w-    c:\users\Juanan\AppData\Local\F91A7BC7-613E-4D3A-B634-1E99EC7C4B44.aplzod
2013-11-13 11:40 . 2013-11-13 11:40    --------    d-----w-    c:\program files\ESET
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-29 16:56 . 2013-10-28 19:21    1096480    ----a-w-    c:\windows\system32\nvspcap64.dll
2013-11-29 16:56 . 2013-10-28 19:21    979744    ----a-w-    c:\windows\SysWow64\nvspcap.dll
2013-11-19 10:21 . 2010-11-21 03:27    267936    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-13 11:31 . 2011-12-04 05:04    82896128    ----a-w-    c:\windows\system32\MRT.exe
2013-10-30 17:02 . 2013-10-22 07:01    35104    ----a-w-    c:\windows\system32\nvaudcap64v.dll
2013-10-23 10:30 . 2013-10-28 20:46    9480328    ----a-w-    c:\windows\SysWow64\nvopencl.dll
2013-10-23 10:30 . 2013-10-28 20:46    696096    ----a-w-    c:\windows\system32\NvFBC64.dll
2013-10-23 10:30 . 2013-10-28 20:46    655136    ----a-w-    c:\windows\system32\NvIFR64.dll
2013-10-23 10:30 . 2013-10-28 20:46    599840    ----a-w-    c:\windows\SysWow64\NvFBC.dll
2013-10-23 10:30 . 2013-10-28 20:46    560416    ----a-w-    c:\windows\SysWow64\NvIFR.dll
2013-10-23 10:30 . 2013-10-28 20:46    479520    ----a-w-    c:\windows\system32\nvEncodeAPI64.dll
2013-10-23 10:30 . 2013-10-28 20:46    405280    ----a-w-    c:\windows\SysWow64\nvEncodeAPI.dll
2013-10-23 10:30 . 2013-10-28 20:46    317472    ----a-w-    c:\windows\system32\nvoglshim64.dll
2013-10-23 10:30 . 2013-10-28 20:46    30344480    ----a-w-    c:\windows\system32\nvoglv64.dll
2013-10-23 10:30 . 2013-10-28 20:46    266984    ----a-w-    c:\windows\SysWow64\nvoglshim32.dll
2013-10-23 10:30 . 2013-10-28 20:46    22933792    ----a-w-    c:\windows\SysWow64\nvoglv32.dll
2013-10-23 10:30 . 2013-10-28 20:46    168616    ----a-w-    c:\windows\system32\nvinitx.dll
2013-10-23 10:30 . 2013-10-28 20:46    15855568    ----a-w-    c:\windows\SysWow64\nvwgf2um.dll
2013-10-23 10:30 . 2013-10-28 20:46    141336    ----a-w-    c:\windows\SysWow64\nvinit.dll
2013-10-23 10:30 . 2013-10-28 20:46    12572960    ----a-w-    c:\windows\system32\drivers\nvlddmkm.sys
2013-10-23 10:30 . 2013-10-28 20:46    1241376    ----a-w-    c:\windows\SysWow64\nvumdshim.dll
2013-10-23 10:30 . 2013-10-28 20:46    11374520    ----a-w-    c:\windows\system32\nvopencl.dll
2013-10-23 10:30 . 2013-10-28 20:46    9524088    ----a-w-    c:\windows\SysWow64\nvcuda.dll
2013-10-23 10:30 . 2013-10-28 20:46    3131680    ----a-w-    c:\windows\system32\nvcuvid.dll
2013-10-23 10:30 . 2013-10-28 20:46    3124512    ----a-w-    c:\windows\system32\nvcuvenc.dll
2013-10-23 10:30 . 2013-10-28 20:46    2946848    ----a-w-    c:\windows\SysWow64\nvcuvid.dll
2013-10-23 10:30 . 2013-10-28 20:46    2747168    ----a-w-    c:\windows\SysWow64\nvcuvenc.dll
2013-10-23 10:30 . 2013-10-28 20:46    1884448    ----a-w-    c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-10-28 20:46    18199872    ----a-w-    c:\windows\system32\nvd3dumx.dll
2013-10-23 10:30 . 2013-10-28 20:46    1511712    ----a-w-    c:\windows\system32\nvdispgenco6433165.dll
2013-10-23 10:30 . 2013-10-28 20:46    11426568    ----a-w-    c:\windows\system32\nvcuda.dll
2013-10-23 10:30 . 2013-10-28 20:46    25257248    ----a-w-    c:\windows\system32\nvcompiler.dll
2013-10-23 10:30 . 2013-10-28 20:46    17560352    ----a-w-    c:\windows\SysWow64\nvcompiler.dll
2013-10-23 10:30 . 2013-03-08 18:01    15212336    ----a-w-    c:\windows\SysWow64\nvd3dum.dll
2013-10-23 10:30 . 2013-03-08 18:01    2695200    ----a-w-    c:\windows\SysWow64\nvapi.dll
2013-10-23 10:30 . 2012-11-26 17:57    61216    ----a-w-    c:\windows\system32\OpenCL.dll
2013-10-23 10:30 . 2012-11-26 17:57    53024    ----a-w-    c:\windows\SysWow64\OpenCL.dll
2013-10-23 10:30 . 2012-11-26 17:57    3067560    ----a-w-    c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2012-11-26 17:57    18286416    ----a-w-    c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2012-11-26 17:57    1435504    ----a-w-    c:\windows\system32\nvumdshimx.dll
2013-10-23 08:20 . 2012-11-26 17:57    6669600    ----a-w-    c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-11-26 17:57    3489568    ----a-w-    c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-11-26 17:57    922912    ----a-w-    c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-11-26 17:57    63776    ----a-w-    c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-11-26 17:57    2559776    ----a-w-    c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-11-26 17:57    219424    ----a-w-    c:\windows\system32\nvmctray.dll
2013-10-23 08:20 . 2012-11-26 17:57    3426956    ----a-w-    c:\windows\system32\nvcoproc.bin
2013-10-23 02:02 . 2013-10-23 02:02    589600    ----a-w-    c:\windows\SysWow64\nvStreaming.exe
2013-10-16 00:48 . 2013-10-22 07:01    1884448    ----a-w-    c:\windows\system32\nvdispco6433158.dll
2013-10-16 00:48 . 2013-10-22 07:01    1511712    ----a-w-    c:\windows\system32\nvdispgenco6433158.dll
2013-09-27 08:53 . 2013-09-27 08:53    248240    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-09-27 08:53    134944    ----a-w-    c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-17 20:22 . 2013-09-17 20:22    31520    ----a-w-    c:\windows\system32\nvhdap64.dll
2013-09-17 20:22 . 2013-09-17 20:22    196384    ----a-w-    c:\windows\system32\drivers\nvhda64v.sys
2013-09-17 20:22 . 2013-09-17 20:22    1884448    ----a-w-    c:\windows\system32\nvdispco6432723.dll
2013-09-17 20:22 . 2013-09-17 20:22    1511712    ----a-w-    c:\windows\system32\nvdispgenco6432723.dll
2013-09-17 20:22 . 2013-09-17 20:22    1510176    ----a-w-    c:\windows\system32\nvhdagenco6420103.dll
2013-09-17 14:17 . 2013-09-17 14:17    62136    ----a-w-    c:\windows\system32\drivers\epfwwfp.sys
2013-09-17 14:17 . 2013-09-17 14:17    44120    ----a-w-    c:\windows\system32\drivers\EpfwLWF.sys
2013-09-17 14:17 . 2013-09-17 14:17    239320    ----a-w-    c:\windows\system32\drivers\eamonm.sys
2013-09-17 14:17 . 2013-09-17 14:17    239296    ----a-w-    c:\windows\system32\drivers\edevmon.sys
2013-09-17 14:17 . 2013-09-17 14:17    220232    ----a-w-    c:\windows\system32\drivers\epfw.sys
2013-09-17 14:17 . 2013-09-17 14:17    168256    ----a-w-    c:\windows\system32\drivers\ehdrv.sys
2013-09-13 17:44 . 2012-11-26 17:43    2080472    ----a-w-    c:\windows\RtlExUpd.dll
2013-09-11 20:21 . 2013-09-11 20:21    863344    ----a-w-    c:\windows\SysWow64\msvcr110_clr0400.dll
2013-09-11 20:21 . 2013-09-11 20:21    501872    ----a-w-    c:\windows\SysWow64\msvcp110_clr0400.dll
2013-09-11 20:21 . 2013-09-11 20:21    28776    ----a-w-    c:\windows\SysWow64\aspnet_counters.dll
2013-09-11 20:21 . 2013-09-11 20:21    18000    ----a-w-    c:\windows\SysWow64\msvcr100_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39    855664    ----a-w-    c:\windows\system32\msvcr110_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39    614000    ----a-w-    c:\windows\system32\msvcp110_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39    30312    ----a-w-    c:\windows\system32\aspnet_counters.dll
2013-09-11 18:39 . 2013-09-11 18:39    18000    ----a-w-    c:\windows\system32\msvcr100_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-10-21 03:48    1725640    ----a-w-    c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-10-21 03:48    1725640    ----a-w-    c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-10-21 03:48    1725640    ----a-w-    c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HostsMan"="c:\program files (x86)\HostsMan\hm.exe" [2012-09-06 5203456]
"GoodSync"="c:\program files\Siber Systems\GoodSync\GoodSync.exe" [2013-08-25 11871376]
"Spotify Web Helper"="c:\users\Juanan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-09 1168896]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-10-30 1820584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-05 6604568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\Juanan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2013-6-19 576000]
Trillian.lnk - c:\program files (x86)\Trillian\trillian.exe [2013-10-20 2622832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GsServer;GoodSync Server;c:\program files\Siber Systems\GoodSync\Gs-Server.exe;c:\program files\Siber Systems\GoodSync\Gs-Server.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Inspección de red de Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 13:17    1210320    ----a-w-    c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-06 c:\windows\Tasks\GoodSync - Outlook.job
- c:\program files\Siber Systems\GoodSync\GoodSync.exe [2013-08-25 16:23]
.
2013-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec6ad790a10ea.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17 08:52]
.
2013-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cec6ad793232f0.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17 08:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-29 1096480]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-11-29 2273056]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: Interfaces\{B8B5A16D-FFD7-457E-A27C-BC3D9B15A0FA}: NameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Juanan\AppData\Roaming\Mozilla\Firefox\Profiles\0kdyky2i.default\
FF - ExtSQL: !HIDDEN! 2013-09-06 21:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-KeePass Password Safe 2 - c:\program files (x86)\KeePass Password Safe 2\KeePass.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Facebook Update - c:\users\Juanan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Wow6432Node-HKLM-Run-KeePass 2 PreLoad - c:\program files (x86)\KeePass Password Safe 2\KeePass.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.SVG"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3041652330-3055509947-3177024422-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-3041652330-3055509947-3177024422-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\trillian\plugins\skypekit.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-12-09  17:05:50 - machine was rebooted
ComboFix-quarantined-files.txt  2013-12-09 16:05
.
Pre-Run: 25.664.540.672 bytes libres
Post-Run: 27.919.544.320 bytes libres
.
- - End Of File - - DFF2610A5AC8EC91A933F05F07B803D2
A36C5E4F47E84449FF07ED3517B43A31



BC AdBot (Login to Remove)

 


#2 Mafiay2k

Mafiay2k
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 09 December 2013 - 03:53 PM

Anyhelp? anyone sees something strange?



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:38 PM

Posted 12 December 2013 - 09:51 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Download DDS by sUBs from one of the following links, if you no longer have it available. Save it to your desktop.

1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM

Double click on the DDS icon, allow it to run.
A small box will open, with an explanation about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

dds_scr.gif

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:38 PM

Posted 18 December 2013 - 08:23 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users