Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with 1.exe trojan


  • This topic is locked This topic is locked
12 replies to this topic

#1 Alban18

Alban18

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 17 March 2014 - 02:03 PM

While looking at my start-up programs today, I realize that 1.exe was present on my system and I didn't know what this application was.
I looked it up on here and found out it was a trojan.
 
I followed the instructions to remove 1.exe from start-up using autorun but I could not find the file.
So now I'm seeking advice from the malware experts here.
 
I followed the directions here but I'm unsuccessful in running dds. It is telling me that dds cannot run in compatibility mode and has to exit which is unfortunate.
But I do have a hijack log and malewarebytes log. Here it is.
 
 
 
Hijack log:
 
 
SlimCleaner 4.0.30878.55015 Hijack Log
 
03/17/2014 02:45:30 PM
 
Microsoft Windows (NT 6.2)
 
6.02 build 9200 
 
abang_000
 
In groups:  LOCAL Administrators Everyone CONSOLE LOGON Users INTERACTIVE abangur10426@students.pgcc.edu Local account Authenticated Users Local account and member of Administrators group  High Mandatory Level Microsoft Account Authentication This Organization HomeUsers
 
 
 
Running Processes:
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
 
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
 
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
 
C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
 
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe
 
 
 
system.ini Shell Registry System.ini USERINIT.EXE 
 
Start Page Software\Microsoft\Internet Explorer\Main http://www.physicsforums.com/ 
 
BHO Lync Browser Helper C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll 
 
BHO Norton Identity Protection C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll 
 
BHO Norton Vulnerability Protection C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL 
 
BHO Java™ Plug-In SSV Helper C:\Program Files (x86)\Java\jre7\bin\ssv.dll 
 
BHO Office Document Cache Handler C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL 
 
BHO Microsoft SkyDrive Pro Browser Helper C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL 
 
BHO Java™ Plug-In 2 SSV Helper C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 
 
Toolbar Norton Toolbar c:\program files (x86)\norton 360\engine\21.1.0.18\co 
 
Startup: Registry Spotify C:\Users\abang_000\AppData\Roaming\Spotify\Spotify.exe 
 
Startup: Registry Spotify Web Helper C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe 
 
Startup: Registry RtHDVCpl C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
 
Startup: Registry RtHDVBg_Dolby C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 
 
Startup: Registry HotKeysCmds C:\windows\system32\hkcmd.exe 
 
Startup: Registry IAStorIcon C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe 
 
Startup: Registry DptfPolicyLpmServiceHelper C:\windows\system32\DptfPolicyLpmServiceHelper.exe 
 
Startup: Registry Energy Manager C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe 
 
Startup: Registry Lenovo Utility C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe 
 
Startup: Registry StartupPrograms C:\windows\SYSTEM32\rdpclip.exe 
 
Startup: Registry BootExecute C:\windows\SYSTEM32\autochk.exe 
 
Startup: FileSystem ISCTSystray.lnk C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe 
 
Startup: FileSystem Secunia PSI Tray.lnk C:\Program Files (x86)\Secunia\PSI\psi_tray.exe 
 
Startup: TaskScheduler MATLAB R2013b Startup Accelerator C:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe 
 
Startup: TaskScheduler Microsoft Office 15 Sync Maintenance for ALAN-abang_000 Alan C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe 
 
Startup: TaskScheduler LenovoDependencyVersionTask C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe 
 
Startup: TaskScheduler Office Automatic Updates C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe 
 
Startup: TaskScheduler SpaceAgentTask C:\windows\system32\SpaceAgent.exe 
 
Context Menu Item Microsoft Corporation c:\program files\microsoft office 15\root\office15\excel.exe 
 
Context Menu Item Microsoft Corporation c:\program files\microsoft office 15\root\office15\onbttnie.dll 
 
Extra Button Send to OneNote 
 
Extra 'Tools' menu-item Se&nd to OneNote 
 
Extra Button Lync Click to Call 
 
Extra 'Tools' menu-item Lync Click to Call 
 
Extra Button OneNote Lin&ked Notes 
 
Extra 'Tools' menu-item OneNote Lin&ked Notes 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\napinsp.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\pnrpnsp.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\pnrpnsp.dll,-1001 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\nlasvc.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\wshtcpip.dll,-60103 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\winrnr.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP Bluetooth Namespace Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60100 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60101 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60102 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60200 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60201 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60202 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-100 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-101 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-102 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-103 Microsoft Corporation 
 
Unknown file in WinSock LSP MSAFD RfComm [Bluetooth] Microsoft Corporation 
 
Protocol ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Protocol http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Protocol https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Shell Service AutoRun Object WebCheck 
 
Service Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe 
 
Service Windows Audio Endpoint Builder (AudioEndpointBuilder) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Audio (Audiosrv) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Base Filtering Engine (BFE) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Background Intelligent Transfer Service (BITS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Bluetooth Device Monitor (Bluetooth Device Monitor) - Motorola Solutions, Inc. c:\program files (x86)\intel\bluetooth\devmonsrv.exe 
 
Service Bluetooth OBEX Service (Bluetooth OBEX Service) - Motorola Solutions, Inc. c:\program files (x86)\intel\bluetooth\obexsrv.exe 
 
Service Background Tasks Infrastructure Service (BrokerInfrastructure) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Cryptographic Services (CryptSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DCOM Server Process Launcher (DcomLaunch) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Device Association Service (DeviceAssociationService) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DHCP Client (Dhcp) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DNS Client (Dnscache) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Diagnostic Policy Service (DPS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service @oem13.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation c:\windows\system32\dptfparticipantprocessorservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation c:\windows\system32\dptfpolicyconfigtdpservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation c:\windows\system32\dptfpolicycriticalservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation c:\windows\system32\dptfpolicylpmservice.exe 
 
Service Windows Event Log (EventLog) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service COM+ Event System (EventSystem) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation c:\program files\intel\wifi\bin\evteng.exe 
 
Service File History Service (fhsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Font Cache Service (FontCache) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Group Policy Client (gpsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Google Update Service (gupdate) (gupdate) - Google Inc. c:\program files (x86)\google\update\googleupdate.exe 
 
Service Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation c:\program files\intel\intel® rapid storage technology\iastordatamgrsvc.exe 
 
Service IKE and AuthIP IPsec Keying Modules (IKEEXT) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) - Intel® Corporation c:\program files\intel\icls client\heciserver.exe 
 
Service Intel® Wireless Bluetooth® 4.0 Radio Management (Intel® Wireless Bluetooth® 4.0 Radio Management) - Intel Corporation c:\program files (x86)\intel\bluetooth\ibtrksrv.exe 
 
Service IP Helper (iphlpsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Smart Connect Technology Agent (ISCTAgent) - <Not available> c:\program files\intel\intel® smart connect technology agent\isctagent.exe 
 
Service Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe 
 
Service Server (LanmanServer) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Workstation (LanmanWorkstation) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Lenovo System Agent Service (Lenovo System Agent Service) - LENOVO INCORPORATED. c:\program files\lenovo\systemagent\systemagentservice.exe 
 
Service TCP/IP NetBIOS Helper (lmhosts) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation c:\program files (x86)\intel\intel® management engine components\lms\lms.exe 
 
Service Local Session Manager (LSM) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service LsvUIService (LsvUIService) - Lenovo c:\program files (x86)\lenovo\lenovo smart voice\lsvuiservice.exe 
 
Service NA (MBAMScheduler) - Malwarebytes Corporation c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe 
 
Service NA (MBAMService) - Malwarebytes Corporation c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe 
 
Service Multimedia Class Scheduler (MMCSS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Firewall (MpsSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Norton 360 (N360) - Symantec Corporation c:\program files (x86)\norton 360\engine\21.1.0.18\n360.exe 
 
Service Network Location Awareness (NlaSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Network Store Interface Service (nsi) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Microsoft Office Service (OfficeSvc) - Microsoft Corporation c:\program files\microsoft office 15\clientx64\integratedoffice.exe 
 
Service Program Compatibility Assistant Service (PcaSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service PGService (PGService) - PointGrab LTD c:\program files (x86)\lenovo\motion control\pgservice.exe 
 
Service Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo c:\program files\lenovo yoga phonecompanion\phonecompanionpusher.exe 
 
Service Power (Power) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service User Profile Service (ProfSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation c:\program files\common files\intel\wirelesscommon\regsrvc.exe 
 
Service RPC Endpoint Mapper (RpcEptMapper) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Remote Procedure Call (RPC) (RpcSs) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Realtek Audio Service (RtkAudioService) - Realtek Semiconductor c:\program files\realtek\audio\hda\rtkaudioservice64.exe 
 
Service Security Accounts Manager (SamSs) - Microsoft Corporation c:\windows\system32\lsass.exe 
 
Service Task Scheduler (Schedule) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Secunia PSI Agent (Secunia PSI Agent) - Secunia c:\program files (x86)\secunia\psi\psia.exe 
 
Service Secunia Update Agent (Secunia Update Agent) - Secunia c:\program files (x86)\secunia\psi\sua.exe 
 
Service System Event Notification Service (SENS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Shell Hardware Detection (ShellHWDetection) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Print Spooler (Spooler) - Microsoft Corporation c:\windows\system32\spoolsv.exe 
 
Service Software Protection (sppsvc) - Microsoft Corporation c:\windows\system32\sppsvc.exe 
 
Service Windows Image Acquisition (WIA) (stisvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Superfetch (SysMain) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service System Events Broker (SystemEventsBroker) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Touch Keyboard and Handwriting Panel Service (TabletInputService) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Themes (Themes) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Distributed Link Tracking Client (TrkWks) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service VeriFaceSrv (VeriFaceSrv) - Unknown owner c:\program files (x86)\lenovo\lenovo veriface\vfconnectorservice.exe 
 
Service Windows Connection Manager (Wcmsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Management Instrumentation (Winmgmt) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service WLAN AutoConfig (WlanSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service @C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner C:\Program Files (x86)\windows media player\wmpnetwk.exe (file missing)
 
Service Security Center (wscsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Search (WSearch) - Microsoft Corporation c:\windows\system32\searchindexer.exe 
 
Service ymc (ymc) - Lenovo c:\programdata\lenovotransition\server\x64\ymc.exe 
 
Service Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation c:\program files\intel\wifi\bin\zeroconfigservice.exe 
 
Context Menu Handlers ANotepad++64 <Not available> 
 
Context Menu Handlers BUContextMenu Symantec Corporation 
 
Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Context Menu Handlers Symantec.Norton.Antivirus.IEContextMenu Unknown owner 
 
Context Menu Handlers {90AA3A4E-1CBA-4233-B8BB-535773D48449} 
 
Context Menu Handlers MBAMShlExt Malwarebytes Corporation 
 
Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Directory Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Folder Context Menu Handlers BUContextMenu Symantec Corporation 
 
Folder Context Menu Handlers MBAMShlExt Malwarebytes Corporation 
 
Folder Context Menu Handlers Symantec.Norton.Antivirus.IEContextMenu Unknown owner 
 
Background Context Menu Handlers igfxcui Intel Corporation 
 
Shell Icon Overlay Identifiers OverlayExcluded Symantec Corporation 
 
Shell Icon Overlay Identifiers OverlayPending Symantec Corporation 
 
Shell Icon Overlay Identifiers OverlayProtected Symantec Corporation 
 
Shell Extensions Approved Contacts folder 
 
Shell Extensions Approved WebCheck 
 
Shell Extensions Approved Synaptics Control Panel Unknown owner 
 
Shell Extensions Approved Bluetooth Property Page Extension Motorola Solutions, Inc. 
 
Shell Extensions Approved Bluetooth Context Menu Extension Motorola Solutions, Inc. 
 
Shell Extensions Approved Bluetooth Send To Wizard Motorola Solutions, Inc. 
 
Driver 3ware c:\windows\system32\drivers\3ware.sys 
 
Driver ADP80XX c:\windows\system32\drivers\adp80xx.sys 
 
Driver amdsata c:\windows\system32\drivers\amdsata.sys 
 
Driver amdsbs c:\windows\system32\drivers\amdsbs.sys 
 
Driver amdxata c:\windows\system32\drivers\amdxata.sys 
 
Driver @arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver c:\windows\system32\drivers\arcsas.sys 
 
Driver @netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD c:\windows\system32\drivers\bxvbda.sys 
 
Driver BHDrvx64 c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\bashdefs\20140214.001\bhdrvx64.sys 
 
Driver N360 Settings Manager c:\windows\system32\drivers\n360x64\1501000.012\ccsetx64.sys 
 
Driver @netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD c:\windows\system32\drivers\evbda.sys 
 
Driver Symantec Eraser Control driver c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys 
 
Driver HpSAMD c:\windows\system32\drivers\hpsamd.sys 
 
Driver iaStorA c:\windows\system32\drivers\iastora.sys 
 
Driver @iastorav.inf,%iaStorAV.DeviceDesc%;Intel® SATA RAID Controller Windows c:\windows\system32\drivers\iastorav.sys 
 
Driver @iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7 c:\windows\system32\drivers\iastorv.sys 
 
Driver IDSVia64 c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\ipsdefs\20140314.001\idsvia64.sys 
 
Driver LSI_SAS c:\windows\system32\drivers\lsi_sas.sys 
 
Driver LSI_SAS2 c:\windows\system32\drivers\lsi_sas2.sys 
 
Driver LSI_SAS3 c:\windows\system32\drivers\lsi_sas3.sys 
 
Driver LSI_SSS c:\windows\system32\drivers\lsi_sss.sys 
 
Driver megasas c:\windows\system32\drivers\megasas.sys 
 
Driver megasr c:\windows\system32\drivers\megasr.sys 
 
Driver mvumis c:\windows\system32\drivers\mvumis.sys 
 
Driver nvraid c:\windows\system32\drivers\nvraid.sys 
 
Driver nvstor c:\windows\system32\drivers\nvstor.sys 
 
Driver SiSRaid2 c:\windows\system32\drivers\sisraid2.sys 
 
Driver SiSRaid4 c:\windows\system32\drivers\sisraid4.sys 
 
Driver Symantec Real Time Storage Protection (PEL) x64 c:\windows\system32\drivers\n360x64\1501000.012\srtspx64.sys 
 
Driver stexstor c:\windows\system32\drivers\stexstor.sys 
 
Driver Symantec Data Store c:\windows\system32\drivers\n360x64\1501000.012\symds64.sys 
 
Driver Symantec Extended File Attributes c:\windows\system32\drivers\n360x64\1501000.012\symefa64.sys 
 
Driver Symantec ELAM Driver c:\windows\system32\drivers\n360x64\1501000.012\symelam.sys 
 
Driver Symantec Iron Driver c:\windows\system32\drivers\n360x64\1501000.012\ironx64.sys 
 
Driver Symantec Network Security WFP Driver c:\windows\system32\drivers\n360x64\1501000.012\symnets.sys 
 
Driver viaide c:\windows\system32\drivers\viaide.sys 
 
Driver vsmraid c:\windows\system32\drivers\vsmraid.sys 
 
Driver @vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver c:\windows\system32\drivers\vstxraid.sys 
 
Codec msacm.l3acm Fraunhofer Institut Integrierte Schaltungen IIS 
 
Codec msacm.l3acm Fraunhofer Institut Integrierte Schaltungen IIS 
 
Codec vidc.cvid Radius Inc. 
 
Codec AudioRecorder WAV Dest 
 
Codec AudioRecorder Wave Form 
 
Codec SoundRecorder Null Renderer 
 
Network Provider RDPNP Microsoft Corporation 
 
Network Provider LanmanWorkstation Microsoft Corporation 
 
Network Provider webclient Microsoft Corporation 
SlimCleaner 4.0.30878.55015 Hijack Log
 
03/17/2014 02:45:30 PM
 
Microsoft Windows (NT 6.2)
 
6.02 build 9200 
 
abang_000
 
In groups:  LOCAL Administrators Everyone CONSOLE LOGON Users INTERACTIVE abangur10426@students.pgcc.edu Local account Authenticated Users Local account and member of Administrators group  High Mandatory Level Microsoft Account Authentication This Organization HomeUsers
 
 
 
Running Processes:
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
 
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
 
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
 
C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
 
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe
 
 
 
system.ini Shell Registry System.ini USERINIT.EXE 
 
Start Page Software\Microsoft\Internet Explorer\Main http://www.physicsforums.com/ 
 
BHO Lync Browser Helper C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll 
 
BHO Norton Identity Protection C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll 
 
BHO Norton Vulnerability Protection C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL 
 
BHO Java™ Plug-In SSV Helper C:\Program Files (x86)\Java\jre7\bin\ssv.dll 
 
BHO Office Document Cache Handler C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL 
 
BHO Microsoft SkyDrive Pro Browser Helper C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL 
 
BHO Java™ Plug-In 2 SSV Helper C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll 
 
Toolbar Norton Toolbar c:\program files (x86)\norton 360\engine\21.1.0.18\co 
 
Startup: Registry Spotify C:\Users\abang_000\AppData\Roaming\Spotify\Spotify.exe 
 
Startup: Registry Spotify Web Helper C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe 
 
Startup: Registry RtHDVCpl C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 
 
Startup: Registry RtHDVBg_Dolby C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 
 
Startup: Registry HotKeysCmds C:\windows\system32\hkcmd.exe 
 
Startup: Registry IAStorIcon C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe 
 
Startup: Registry DptfPolicyLpmServiceHelper C:\windows\system32\DptfPolicyLpmServiceHelper.exe 
 
Startup: Registry Energy Manager C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe 
 
Startup: Registry Lenovo Utility C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe 
 
Startup: Registry StartupPrograms C:\windows\SYSTEM32\rdpclip.exe 
 
Startup: Registry BootExecute C:\windows\SYSTEM32\autochk.exe 
 
Startup: FileSystem ISCTSystray.lnk C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe 
 
Startup: FileSystem Secunia PSI Tray.lnk C:\Program Files (x86)\Secunia\PSI\psi_tray.exe 
 
Startup: TaskScheduler MATLAB R2013b Startup Accelerator C:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe 
 
Startup: TaskScheduler Microsoft Office 15 Sync Maintenance for ALAN-abang_000 Alan C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe 
 
Startup: TaskScheduler LenovoDependencyVersionTask C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe 
 
Startup: TaskScheduler Office Automatic Updates C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe 
 
Startup: TaskScheduler SpaceAgentTask C:\windows\system32\SpaceAgent.exe 
 
Context Menu Item Microsoft Corporation c:\program files\microsoft office 15\root\office15\excel.exe 
 
Context Menu Item Microsoft Corporation c:\program files\microsoft office 15\root\office15\onbttnie.dll 
 
Extra Button Send to OneNote 
 
Extra 'Tools' menu-item Se&nd to OneNote 
 
Extra Button Lync Click to Call 
 
Extra 'Tools' menu-item Lync Click to Call 
 
Extra Button OneNote Lin&ked Notes 
 
Extra 'Tools' menu-item OneNote Lin&ked Notes 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\napinsp.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\pnrpnsp.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\pnrpnsp.dll,-1001 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\nlasvc.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\system32\wshtcpip.dll,-60103 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\winrnr.dll,-1000 Microsoft Corporation 
 
Unknown file in WinSock LSP Bluetooth Namespace Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60100 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60101 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60102 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60200 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60201 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\mswsock.dll,-60202 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-100 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-101 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-102 Microsoft Corporation 
 
Unknown file in WinSock LSP @%SystemRoot%\System32\wshqos.dll,-103 Microsoft Corporation 
 
Unknown file in WinSock LSP MSAFD RfComm [Bluetooth] Microsoft Corporation 
 
Protocol ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Protocol http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Protocol https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - c:\windows\syswow64\urlmon.dll 
 
Shell Service AutoRun Object WebCheck 
 
Service Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe 
 
Service Windows Audio Endpoint Builder (AudioEndpointBuilder) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Audio (Audiosrv) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Base Filtering Engine (BFE) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Background Intelligent Transfer Service (BITS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Bluetooth Device Monitor (Bluetooth Device Monitor) - Motorola Solutions, Inc. c:\program files (x86)\intel\bluetooth\devmonsrv.exe 
 
Service Bluetooth OBEX Service (Bluetooth OBEX Service) - Motorola Solutions, Inc. c:\program files (x86)\intel\bluetooth\obexsrv.exe 
 
Service Background Tasks Infrastructure Service (BrokerInfrastructure) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Cryptographic Services (CryptSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DCOM Server Process Launcher (DcomLaunch) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Device Association Service (DeviceAssociationService) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DHCP Client (Dhcp) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service DNS Client (Dnscache) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Diagnostic Policy Service (DPS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service @oem13.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation c:\windows\system32\dptfparticipantprocessorservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Intel Corporation c:\windows\system32\dptfpolicyconfigtdpservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation c:\windows\system32\dptfpolicycriticalservice.exe 
 
Service @oem13.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation c:\windows\system32\dptfpolicylpmservice.exe 
 
Service Windows Event Log (EventLog) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service COM+ Event System (EventSystem) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation c:\program files\intel\wifi\bin\evteng.exe 
 
Service File History Service (fhsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Font Cache Service (FontCache) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Group Policy Client (gpsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Google Update Service (gupdate) (gupdate) - Google Inc. c:\program files (x86)\google\update\googleupdate.exe 
 
Service Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation c:\program files\intel\intel® rapid storage technology\iastordatamgrsvc.exe 
 
Service IKE and AuthIP IPsec Keying Modules (IKEEXT) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) - Intel® Corporation c:\program files\intel\icls client\heciserver.exe 
 
Service Intel® Wireless Bluetooth® 4.0 Radio Management (Intel® Wireless Bluetooth® 4.0 Radio Management) - Intel Corporation c:\program files (x86)\intel\bluetooth\ibtrksrv.exe 
 
Service IP Helper (iphlpsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Smart Connect Technology Agent (ISCTAgent) - <Not available> c:\program files\intel\intel® smart connect technology agent\isctagent.exe 
 
Service Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe 
 
Service Server (LanmanServer) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Workstation (LanmanWorkstation) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Lenovo System Agent Service (Lenovo System Agent Service) - LENOVO INCORPORATED. c:\program files\lenovo\systemagent\systemagentservice.exe 
 
Service TCP/IP NetBIOS Helper (lmhosts) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation c:\program files (x86)\intel\intel® management engine components\lms\lms.exe 
 
Service Local Session Manager (LSM) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service LsvUIService (LsvUIService) - Lenovo c:\program files (x86)\lenovo\lenovo smart voice\lsvuiservice.exe 
 
Service NA (MBAMScheduler) - Malwarebytes Corporation c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe 
 
Service NA (MBAMService) - Malwarebytes Corporation c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe 
 
Service Multimedia Class Scheduler (MMCSS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Firewall (MpsSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Norton 360 (N360) - Symantec Corporation c:\program files (x86)\norton 360\engine\21.1.0.18\n360.exe 
 
Service Network Location Awareness (NlaSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Network Store Interface Service (nsi) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Microsoft Office Service (OfficeSvc) - Microsoft Corporation c:\program files\microsoft office 15\clientx64\integratedoffice.exe 
 
Service Program Compatibility Assistant Service (PcaSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service PGService (PGService) - PointGrab LTD c:\program files (x86)\lenovo\motion control\pgservice.exe 
 
Service Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo c:\program files\lenovo yoga phonecompanion\phonecompanionpusher.exe 
 
Service Power (Power) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service User Profile Service (ProfSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation c:\program files\common files\intel\wirelesscommon\regsrvc.exe 
 
Service RPC Endpoint Mapper (RpcEptMapper) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Remote Procedure Call (RPC) (RpcSs) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Realtek Audio Service (RtkAudioService) - Realtek Semiconductor c:\program files\realtek\audio\hda\rtkaudioservice64.exe 
 
Service Security Accounts Manager (SamSs) - Microsoft Corporation c:\windows\system32\lsass.exe 
 
Service Task Scheduler (Schedule) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Secunia PSI Agent (Secunia PSI Agent) - Secunia c:\program files (x86)\secunia\psi\psia.exe 
 
Service Secunia Update Agent (Secunia Update Agent) - Secunia c:\program files (x86)\secunia\psi\sua.exe 
 
Service System Event Notification Service (SENS) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Shell Hardware Detection (ShellHWDetection) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Print Spooler (Spooler) - Microsoft Corporation c:\windows\system32\spoolsv.exe 
 
Service Software Protection (sppsvc) - Microsoft Corporation c:\windows\system32\sppsvc.exe 
 
Service Windows Image Acquisition (WIA) (stisvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Superfetch (SysMain) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service System Events Broker (SystemEventsBroker) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Touch Keyboard and Handwriting Panel Service (TabletInputService) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Themes (Themes) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Distributed Link Tracking Client (TrkWks) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service VeriFaceSrv (VeriFaceSrv) - Unknown owner c:\program files (x86)\lenovo\lenovo veriface\vfconnectorservice.exe 
 
Service Windows Connection Manager (Wcmsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Management Instrumentation (Winmgmt) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service WLAN AutoConfig (WlanSvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service @C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner C:\Program Files (x86)\windows media player\wmpnetwk.exe (file missing)
 
Service Security Center (wscsvc) - Microsoft Corporation c:\windows\system32\svchost.exe 
 
Service Windows Search (WSearch) - Microsoft Corporation c:\windows\system32\searchindexer.exe 
 
Service ymc (ymc) - Lenovo c:\programdata\lenovotransition\server\x64\ymc.exe 
 
Service Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation c:\program files\intel\wifi\bin\zeroconfigservice.exe 
 
Context Menu Handlers ANotepad++64 <Not available> 
 
Context Menu Handlers BUContextMenu Symantec Corporation 
 
Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Context Menu Handlers Symantec.Norton.Antivirus.IEContextMenu Unknown owner 
 
Context Menu Handlers {90AA3A4E-1CBA-4233-B8BB-535773D48449} 
 
Context Menu Handlers MBAMShlExt Malwarebytes Corporation 
 
Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Directory Context Menu Handlers SlimShellExt Slimware Utilities, Inc. 
 
Folder Context Menu Handlers BUContextMenu Symantec Corporation 
 
Folder Context Menu Handlers MBAMShlExt Malwarebytes Corporation 
 
Folder Context Menu Handlers Symantec.Norton.Antivirus.IEContextMenu Unknown owner 
 
Background Context Menu Handlers igfxcui Intel Corporation 
 
Shell Icon Overlay Identifiers OverlayExcluded Symantec Corporation 
 
Shell Icon Overlay Identifiers OverlayPending Symantec Corporation 
 
Shell Icon Overlay Identifiers OverlayProtected Symantec Corporation 
 
Shell Extensions Approved Contacts folder 
 
Shell Extensions Approved WebCheck 
 
Shell Extensions Approved Synaptics Control Panel Unknown owner 
 
Shell Extensions Approved Bluetooth Property Page Extension Motorola Solutions, Inc. 
 
Shell Extensions Approved Bluetooth Context Menu Extension Motorola Solutions, Inc. 
 
Shell Extensions Approved Bluetooth Send To Wizard Motorola Solutions, Inc. 
 
Driver 3ware c:\windows\system32\drivers\3ware.sys 
 
Driver ADP80XX c:\windows\system32\drivers\adp80xx.sys 
 
Driver amdsata c:\windows\system32\drivers\amdsata.sys 
 
Driver amdsbs c:\windows\system32\drivers\amdsbs.sys 
 
Driver amdxata c:\windows\system32\drivers\amdxata.sys 
 
Driver @arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver c:\windows\system32\drivers\arcsas.sys 
 
Driver @netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD c:\windows\system32\drivers\bxvbda.sys 
 
Driver BHDrvx64 c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\bashdefs\20140214.001\bhdrvx64.sys 
 
Driver N360 Settings Manager c:\windows\system32\drivers\n360x64\1501000.012\ccsetx64.sys 
 
Driver @netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD c:\windows\system32\drivers\evbda.sys 
 
Driver Symantec Eraser Control driver c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys 
 
Driver HpSAMD c:\windows\system32\drivers\hpsamd.sys 
 
Driver iaStorA c:\windows\system32\drivers\iastora.sys 
 
Driver @iastorav.inf,%iaStorAV.DeviceDesc%;Intel® SATA RAID Controller Windows c:\windows\system32\drivers\iastorav.sys 
 
Driver @iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7 c:\windows\system32\drivers\iastorv.sys 
 
Driver IDSVia64 c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\ipsdefs\20140314.001\idsvia64.sys 
 
Driver LSI_SAS c:\windows\system32\drivers\lsi_sas.sys 
 
Driver LSI_SAS2 c:\windows\system32\drivers\lsi_sas2.sys 
 
Driver LSI_SAS3 c:\windows\system32\drivers\lsi_sas3.sys 
 
Driver LSI_SSS c:\windows\system32\drivers\lsi_sss.sys 
 
Driver megasas c:\windows\system32\drivers\megasas.sys 
 
Driver megasr c:\windows\system32\drivers\megasr.sys 
 
Driver mvumis c:\windows\system32\drivers\mvumis.sys 
 
Driver nvraid c:\windows\system32\drivers\nvraid.sys 
 
Driver nvstor c:\windows\system32\drivers\nvstor.sys 
 
Driver SiSRaid2 c:\windows\system32\drivers\sisraid2.sys 
 
Driver SiSRaid4 c:\windows\system32\drivers\sisraid4.sys 
 
Driver Symantec Real Time Storage Protection (PEL) x64 c:\windows\system32\drivers\n360x64\1501000.012\srtspx64.sys 
 
Driver stexstor c:\windows\system32\drivers\stexstor.sys 
 
Driver Symantec Data Store c:\windows\system32\drivers\n360x64\1501000.012\symds64.sys 
 
Driver Symantec Extended File Attributes c:\windows\system32\drivers\n360x64\1501000.012\symefa64.sys 
 
Driver Symantec ELAM Driver c:\windows\system32\drivers\n360x64\1501000.012\symelam.sys 
 
Driver Symantec Iron Driver c:\windows\system32\drivers\n360x64\1501000.012\ironx64.sys 
 
Driver Symantec Network Security WFP Driver c:\windows\system32\drivers\n360x64\1501000.012\symnets.sys 
 
Driver viaide c:\windows\system32\drivers\viaide.sys 
 
Driver vsmraid c:\windows\system32\drivers\vsmraid.sys 
 
Driver @vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver c:\windows\system32\drivers\vstxraid.sys 
 
Codec msacm.l3acm Fraunhofer Institut Integrierte Schaltungen IIS 
 
Codec msacm.l3acm Fraunhofer Institut Integrierte Schaltungen IIS 
 
Codec vidc.cvid Radius Inc. 
 
Codec AudioRecorder WAV Dest 
 
Codec AudioRecorder Wave Form 
 
Codec SoundRecorder Null Renderer 
 
Network Provider RDPNP Microsoft Corporation 
 
Network Provider LanmanWorkstation Microsoft Corporation 
 
Network Provider webclient Microsoft Corporation 
 
 
Malewarebytes log:
 
 
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.17.05
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
abang_000 :: ALAN [administrator]
 
Protection: Enabled
 
3/17/2014 12:10:59 PM
mbam-log-2014-03-17 (12-10-59).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 558253
Time elapsed: 28 minute(s), 43 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Please let me know how to resolve compatibility with dds so I can do that scan too if it's still needed.

Edited by Alban18, 18 March 2014 - 01:15 PM.


BC AdBot (Login to Remove)

 


m

#2 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 18 March 2014 - 01:14 PM

So has any experienced member of bleepingcomputer's seen my post yet?



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:47 PM

Posted 20 March 2014 - 07:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

The DDS tool is not yet compatible with Windows 8. This tool should run correctly.

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#4 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 24 March 2014 - 02:06 AM

Sorry nasdaq, I didn't expect someone to respond to my post.

I will have all the info ready tomorrow.

Thank you.



#5 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 24 March 2014 - 09:44 PM

Hey Nadaq, here are the log files.

 

My AdwCleaner log file:

 

# AdwCleaner v3.022 - Report created 24/03/2014 at 22:19:21
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : abang_000 - ALAN
# Running from : C:\Users\abang_000\Downloads\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [902 octets] - [24/03/2014 22:19:21]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [961 octets] ##########
 
 
 
 
My JRT.txt log file:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by abang_000 on Mon 03/24/2014 at 22:28:05.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/24/2014 at 22:33:03.86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
My Farber log file:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by abang_000 (administrator) on ALAN on 24-03-2014 22:36:55
Running from C:\Users\abang_000\Desktop\New folder
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Intel Corporation) C:\windows\system32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\windows\system32\DptfPolicyConfigTDPService.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\windows\system32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\windows\system32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Spotify Ltd) C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation)
HKLM\...\Run: [Energy Manager] - C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59925488 2014-01-22] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] - C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2013-12-23] (Lenovo(beijing) Limited)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-741677074-4117277249-2991010802-1001\...\Run: [Spotify Web Helper] - C:\Users\abang_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-15] (Spotify Ltd)
HKU\S-1-5-21-741677074-4117277249-2991010802-1001\...\Run: [Spotify] - C:\Users\abang_000\AppData\Roaming\Spotify\spotify.exe [6118400 2014-03-15] (Spotify Ltd)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.physicsforums.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.wikipedia.org/
SearchScopes: HKLM - DefaultScope {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 128.8.76.2 128.8.74.2
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-28]
CHR Extension: (Google Drive) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-28]
CHR Extension: (YouTube) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-28]
CHR Extension: (Google Search) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-28]
CHR Extension: (Norton Identity Protection) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-28]
CHR Extension: (Google Wallet) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
CHR Extension: (Gmail) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-28]
CHR Extension: (RSS Feed Reader) - C:\Users\abang_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-03-09]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-24]
 
==================== Services (Whitelisted) =================
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-20] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [585032 2013-09-23] (LENOVO INCORPORATED.)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2013-12-23] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [162600 2013-08-30] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2013-12-23] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2013-12-23] (Lenovo)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-10-31] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-12-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [32016 2013-12-23] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-17] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.008\ENG64.SYS [126040 2014-02-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140324.008\EX64.SYS [2099288 2014-02-17] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2014-01-09] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1527928 2013-08-23] (Sunplus)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-24 22:36 - 2014-03-24 22:36 - 00000000 ____D () C:\Users\abang_000\Desktop\New folder
2014-03-24 22:36 - 2014-03-24 22:36 - 00000000 ____D () C:\FRST
2014-03-24 22:33 - 2014-03-24 22:33 - 00000773 _____ () C:\Users\abang_000\Desktop\JRT.txt
2014-03-24 22:21 - 2014-03-24 22:21 - 00000000 ____D () C:\windows\ERUNT
2014-03-24 22:20 - 2014-03-24 22:20 - 00001044 _____ () C:\Users\abang_000\Desktop\AdwCleaner[R0].txt
2014-03-24 22:19 - 2014-03-24 22:19 - 00000000 ____D () C:\AdwCleaner
2014-03-24 03:05 - 2014-03-24 03:05 - 01038974 _____ (Thisisu) C:\Users\abang_000\Downloads\JRT.exe
2014-03-24 03:03 - 2014-03-24 03:03 - 01950720 _____ () C:\Users\abang_000\Downloads\adwcleaner.exe
2014-03-18 14:37 - 2014-03-18 14:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 14:34 - 2014-03-18 14:44 - 00000000 ____D () C:\Users\abang_000\Desktop\mbar
2014-03-18 14:34 - 2014-03-18 14:34 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-18 14:23 - 2014-03-18 14:23 - 01849240 _____ (Simon Tatham ) C:\Users\abang_000\Downloads\putty-0.62-installer.exe
2014-03-17 19:09 - 2014-03-17 19:09 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-17 14:22 - 2014-03-17 14:22 - 00688992 _____ (Swearware) C:\Users\abang_000\Downloads\dds.com
2014-03-17 13:25 - 2014-03-17 13:25 - 00000000 ____D () C:\Users\abang_000\Downloads\Autoruns
2014-03-17 11:14 - 2014-03-17 11:14 - 00847848 _____ (Google Inc.) C:\Users\abang_000\Downloads\ChromeSetup.exe
2014-03-17 01:36 - 2014-03-17 01:36 - 00000000 ____D () C:\Users\abang_000\Documents\mbam-chameleon-1.62.1.1000
2014-03-17 01:32 - 2014-03-17 01:32 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Malwarebytes
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 01:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-17 01:31 - 2014-03-17 01:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\abang_000\Downloads\mbam-consumer.exe
2014-03-16 14:01 - 2014-03-22 15:22 - 00004974 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALAN-abang_000 Alan
2014-03-15 22:34 - 2014-03-24 22:06 - 00000000 ____D () C:\Users\abang_000\AppData\Local\Spotify
2014-03-15 22:34 - 2014-03-15 22:34 - 00001879 _____ () C:\Users\abang_000\Desktop\Spotify.lnk
2014-03-15 22:34 - 2014-03-15 22:34 - 00001865 _____ () C:\Users\abang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-03-15 22:33 - 2014-03-24 22:18 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Spotify
2014-03-15 22:22 - 2014-03-15 22:22 - 00127080 _____ (Spotify Ltd) C:\Users\abang_000\Downloads\SpotifySetup.exe
2014-03-12 18:56 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-03-12 18:56 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-03-11 21:33 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-11 21:33 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-11 21:33 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-11 21:33 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-11 21:33 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-11 21:33 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-11 21:33 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-11 21:33 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-11 21:33 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-11 21:33 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-11 21:33 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-11 21:33 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-11 21:33 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-11 21:33 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-11 21:33 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-11 21:33 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-11 21:33 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-11 21:33 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-11 21:33 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-11 21:33 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-11 21:33 - 2014-01-31 12:15 - 00311640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-03-11 21:33 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-03-11 21:33 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-03-11 21:33 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-03-11 21:33 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\windows\system32\swprv.dll
2014-03-11 21:33 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-03-11 21:33 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2014-03-11 21:33 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2014-03-11 21:33 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2014-03-11 21:33 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-03-11 21:33 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2014-03-11 21:33 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2014-03-11 21:33 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2014-03-11 21:33 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
2014-03-11 21:33 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2014-03-11 21:33 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2014-03-11 21:33 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2014-03-11 21:33 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2014-03-11 21:33 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-03-11 21:33 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2014-03-11 21:33 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2014-03-11 21:33 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2014-03-11 21:33 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-03-11 21:33 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-03-11 21:33 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
2014-03-11 21:33 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
2014-03-11 21:33 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-03-11 21:33 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-03-11 21:33 - 2014-01-27 07:45 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-03-11 21:33 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2014-03-11 21:33 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-11 21:33 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-03-11 21:33 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\sppcomapi.dll
2014-03-11 21:33 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-03-11 21:33 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-03-07 22:06 - 2014-03-07 22:06 - 00000000 ____D () C:\Tcl
2014-03-07 22:05 - 2014-03-07 22:10 - 00000000 ____D () C:\OCaml
2014-03-07 21:54 - 2014-03-07 22:33 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\.emacs.d
2014-03-07 21:47 - 2014-03-07 21:53 - 00000000 ____D () C:\cygwin
2014-03-07 21:47 - 2014-03-07 21:47 - 00742912 _____ () C:\Users\Public\Desktop\cygwin-setup.exe
 
==================== One Month Modified Files and Folders =======
 
2014-03-24 22:36 - 2014-03-24 22:36 - 00000000 ____D () C:\Users\abang_000\Desktop\New folder
2014-03-24 22:36 - 2014-03-24 22:36 - 00000000 ____D () C:\FRST
2014-03-24 22:34 - 2014-01-22 11:44 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-741677074-4117277249-2991010802-1001
2014-03-24 22:33 - 2014-03-24 22:33 - 00000773 _____ () C:\Users\abang_000\Desktop\JRT.txt
2014-03-24 22:24 - 2014-01-22 11:46 - 00003926 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{D5971248-707C-4B7D-8E41-FF09E20809F2}
2014-03-24 22:23 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-03-24 22:21 - 2014-03-24 22:21 - 00000000 ____D () C:\windows\ERUNT
2014-03-24 22:20 - 2014-03-24 22:20 - 00001044 _____ () C:\Users\abang_000\Desktop\AdwCleaner[R0].txt
2014-03-24 22:19 - 2014-03-24 22:19 - 00000000 ____D () C:\AdwCleaner
2014-03-24 22:18 - 2014-03-15 22:33 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Spotify
2014-03-24 22:11 - 2014-01-22 21:49 - 00000369 _____ () C:\Users\abang_000\AppData\Local\RegisteredPackageInformation.xml
2014-03-24 22:10 - 2014-01-22 11:41 - 00000000 __RDO () C:\Users\abang_000\SkyDrive
2014-03-24 22:06 - 2014-03-15 22:34 - 00000000 ____D () C:\Users\abang_000\AppData\Local\Spotify
2014-03-24 22:06 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru
2014-03-24 03:05 - 2014-03-24 03:05 - 01038974 _____ (Thisisu) C:\Users\abang_000\Downloads\JRT.exe
2014-03-24 03:03 - 2014-03-24 03:03 - 01950720 _____ () C:\Users\abang_000\Downloads\adwcleaner.exe
2014-03-24 02:49 - 2014-01-28 02:34 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 02:47 - 2013-12-23 02:22 - 01321428 _____ () C:\windows\WindowsUpdate.log
2014-03-24 02:37 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness
2014-03-23 14:38 - 2014-01-22 17:46 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-22 23:36 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\NDF
2014-03-22 15:22 - 2014-03-16 14:01 - 00004974 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALAN-abang_000 Alan
2014-03-22 13:09 - 2014-01-27 00:57 - 00000564 _____ () C:\windows\Tasks\MATLAB R2013b Startup Accelerator.job
2014-03-21 18:57 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\rescache
2014-03-20 18:54 - 2013-08-28 04:36 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-19 11:25 - 2014-01-22 15:16 - 00000000 ____D () C:\Users\abang_000\Documents\Misc
2014-03-19 00:28 - 2014-01-26 12:49 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 00:27 - 2014-01-26 14:10 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-18 14:44 - 2014-03-18 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 14:44 - 2014-03-18 14:34 - 00000000 ____D () C:\Users\abang_000\Desktop\mbar
2014-03-18 14:34 - 2014-03-18 14:34 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-18 14:23 - 2014-03-18 14:23 - 01849240 _____ (Simon Tatham ) C:\Users\abang_000\Downloads\putty-0.62-installer.exe
2014-03-17 19:09 - 2014-03-17 19:09 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-17 14:32 - 2014-01-28 02:35 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 14:30 - 2013-12-23 02:18 - 00026974 _____ () C:\windows\setupact.log
2014-03-17 14:30 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-17 14:30 - 2013-08-22 09:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-03-17 14:29 - 2013-12-23 02:36 - 00006656 _____ () C:\windows\system32\VfService.trf
2014-03-17 14:22 - 2014-03-17 14:22 - 00688992 _____ (Swearware) C:\Users\abang_000\Downloads\dds.com
2014-03-17 13:31 - 2013-08-28 04:34 - 00673808 _____ () C:\windows\PFRO.log
2014-03-17 13:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 13:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 13:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-17 13:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-17 13:25 - 2014-03-17 13:25 - 00000000 ____D () C:\Users\abang_000\Downloads\Autoruns
2014-03-17 11:16 - 2014-01-24 11:58 - 00045056 ___SH () C:\Users\abang_000\Desktop\Thumbs.db
2014-03-17 11:14 - 2014-03-17 11:14 - 00847848 _____ (Google Inc.) C:\Users\abang_000\Downloads\ChromeSetup.exe
2014-03-17 01:36 - 2014-03-17 01:36 - 00000000 ____D () C:\Users\abang_000\Documents\mbam-chameleon-1.62.1.1000
2014-03-17 01:32 - 2014-03-17 01:32 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\Malwarebytes
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 01:32 - 2014-03-17 01:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 01:31 - 2014-03-17 01:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\abang_000\Downloads\mbam-consumer.exe
2014-03-16 18:02 - 2014-01-22 13:03 - 00000000 ____D () C:\Users\abang_000\AppData\Local\CrashDumps
2014-03-16 13:18 - 2014-01-22 11:39 - 00000000 ____D () C:\Users\abang_000\AppData\Local\Packages
2014-03-15 22:34 - 2014-03-15 22:34 - 00001879 _____ () C:\Users\abang_000\Desktop\Spotify.lnk
2014-03-15 22:34 - 2014-03-15 22:34 - 00001865 _____ () C:\Users\abang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-03-15 22:22 - 2014-03-15 22:22 - 00127080 _____ (Spotify Ltd) C:\Users\abang_000\Downloads\SpotifySetup.exe
2014-03-12 01:02 - 2013-08-22 10:44 - 00484248 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-08 02:33 - 2014-01-27 01:08 - 00000000 ____D () C:\Users\abang_000\Documents\MATLAB
2014-03-07 22:33 - 2014-03-07 21:54 - 00000000 ____D () C:\Users\abang_000\AppData\Roaming\.emacs.d
2014-03-07 22:10 - 2014-03-07 22:05 - 00000000 ____D () C:\OCaml
2014-03-07 22:06 - 2014-03-07 22:06 - 00000000 ____D () C:\Tcl
2014-03-07 21:53 - 2014-03-07 21:47 - 00000000 ____D () C:\cygwin
2014-03-07 21:47 - 2014-03-07 21:47 - 00742912 _____ () C:\Users\Public\Desktop\cygwin-setup.exe
2014-03-04 18:53 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 18:53 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 02:05 - 2014-03-11 21:33 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 00:58 - 2014-03-11 21:33 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 00:30 - 2014-03-11 21:33 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-01 00:17 - 2014-03-11 21:33 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-28 23:54 - 2014-03-11 21:33 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-28 23:47 - 2014-03-11 21:33 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-28 23:42 - 2014-03-11 21:33 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-28 23:18 - 2014-03-11 21:33 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-28 23:14 - 2014-03-11 21:33 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-11 21:33 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-11 21:33 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-28 22:57 - 2014-03-11 21:33 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-11 21:33 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-11 21:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-11 21:33 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-11 21:33 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-11 21:33 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-22 08:16 - 2014-03-12 18:56 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-02-22 07:24 - 2014-03-12 18:56 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-11 21:33] - [2014-01-31 12:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 
LastRegBack: 2014-03-16 17:55
 
==================== End Of Log ============================

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:47 PM

Posted 25 March 2014 - 07:57 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL =
AlternateDataStreams: C:\ProgramData\Temp:B3503B59

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

====

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

How is the computer running now?

#7 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 25 March 2014 - 10:25 AM

Fixlog.txt file:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by abang_000 at 2014-03-25 11:18:30 Run:1
Running from C:\Users\abang_000\Desktop\Virus logs
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {3936FC63-1335-46CC-92F7-3ED55CC6ADBD} URL =
AlternateDataStreams: C:\ProgramData\Temp:B3503B59
 
end
*****************
 
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3936FC63-1335-46CC-92F7-3ED55CC6ADBD} => Key deleted successfully.
HKCR\CLSID\{3936FC63-1335-46CC-92F7-3ED55CC6ADBD} => Key not found.
C:\ProgramData\Temp => ":B3503B59" ADS removed successfully.
 
==== End of Fixlog ====
 
checkup.txt log file:
 

 Results of screen317's Security Check version 0.99.81  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender             
Norton 360 Premier Edition   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.9016)   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 SlimCleaner     
 Java 7 Update 51  
 Adobe Reader XI  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
 
My computer is running great. Actually it was running great before but I was concerned that there was a lingering virus in my computer that might need attention.
 
If there was a virus in my computer, can you tell me what kind of virus I had and where I possibly infected it from?


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:47 PM

Posted 25 March 2014 - 10:35 AM

From your logs I cannot see what kind of infection was around.


If all is well:

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#9 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 25 March 2014 - 11:08 AM

Well thank you, I appreciate your time to help me.

I guess I'm paranoid.



#10 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 25 March 2014 - 11:25 PM

Nasdaq, I have resident protection from Norton 360 and Malewarebytes Pro.

Do these security programs conflict?



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:47 PM

Posted 26 March 2014 - 08:25 AM

Not that I know.

#12 Alban18

Alban18
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 26 March 2014 - 04:18 PM

Okay, well thanks for everything. I just downloaded spywareblaster and I hope I will continue to be safe! :)



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:47 PM

Posted 27 March 2014 - 08:00 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users