Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My pc is running slow and acting weird possibly malware?


  • This topic is locked This topic is locked
3 replies to this topic

#1 bostanaf

bostanaf

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:37 PM

Posted 21 March 2014 - 10:04 PM

Here is the log

 

 

 

 

DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521
Run by asus101212 at 3:07:17 on 2014-03-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.358.1033.18.8157.6189 [GMT 2:00]
.
AV: TrustPort Antivirus *Enabled/Updated* {BFF03939-3865-38FF-8D98-DBCBAA32A740}
SP: TrustPort Antivirus *Enabled/Updated* {0491D8DD-1E5F-3771-B728-E0B9D1B5EDFD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: TrustPort Firewall *Enabled* {87CBB81C-720A-39A7-A6C7-72FE54E1E03B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\TrustPort\bin\tpmgma.exe
C:\Program Files (x86)\TrustPort\DataShredder\bin\wipesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\TrustPort\Antivirus\bin\avss.exe
C:\Program Files (x86)\TrustPort\Antivirus\bin\gozer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\TrustPort\DiskProtection\bin\TDWatch.exe
C:\Program Files (x86)\Common Files\TrustPort\bin\tptray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\TrustPort\Antivirus\bin\avas.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [AntivirusCommunicatorAgent] "C:\Program Files (x86)\TrustPort\Antivirus\bin\avcom.exe"
mRun: [TrustPortDiskProtectionWatchDog] "C:\Program Files (x86)\TrustPort\DiskProtection\bin\TDWatch.exe"
mRun: [TrustPortTray] "C:\Program Files (x86)\Common Files\TrustPort\Bin\tptray.exe"
uPolicies-Explorer: NoDriveAutoRun- = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutorun = dword:253
mPolicies-Explorer: NoDriveAutoRun- = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
TCP: NameServer = 77.223.60.102 77.223.61.2
TCP: Interfaces\{CC6673BD-4147-4F77-9F94-C1E4B3D539CF} : DHCPNameServer = 77.223.60.102 77.223.61.2
AppInit_DLLs= avinspect.dll,
SSODL: WebCheck - <orphaned>
x64-mWinlogon: Userinit = C:\Program Files (x86)\Common Files\TrustPort\bin\wsctool.exe
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 tpdevflt;TrustPort Device Filter;C:\Windows\System32\drivers\tpdevflt.sys [2014-3-22 43248]
R1 tdimapper;TrustPort TDI port to process mapper;C:\Program Files (x86)\TrustPort\PersonalFirewall\bin\tdimapper.sys [2014-3-22 21744]
R2 EncDisk;EncDisk;C:\Program Files (x86)\TrustPort\DiskProtection\bin\EncDsk.sys [2014-3-22 61680]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-3-9 411936]
R2 tdifw;TrustPort PGTW driver;C:\Windows\System32\drivers\tdifw.sys [2014-3-22 51952]
R2 tpmgma_service;TrustPort Core Service;C:\Program Files (x86)\Common Files\TrustPort\bin\tpmgma.exe [2014-3-22 503400]
R2 tpsec;TrustPort Security Filter;C:\Windows\System32\drivers\tpsec.sys [2014-3-22 53928]
R2 wipesrv;TrustPort DataShredder Wipe Service;C:\Program Files (x86)\TrustPort\DataShredder\bin\wipesrv.exe [2014-3-22 287472]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 avas_service;TrustPort Antivirus On-Access Scanner Agent;C:\Program Files (x86)\TrustPort\Antivirus\bin\avas.exe [2014-3-22 889584]
R3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;C:\Windows\System32\drivers\avasdmft.sys [2014-3-22 50928]
R3 avss_service;TrustPort Antivirus Service Scanner Provider;C:\Program Files (x86)\TrustPort\Antivirus\bin\avss.exe [2014-3-22 316144]
R3 gozer;TrustPort Personal GTW;C:\Program Files (x86)\TrustPort\Antivirus\bin\gozer.exe [2014-3-22 512752]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 TPPFHOOK;TPPFHOOK;C:\Program Files (x86)\TrustPort\PersonalFirewall\bin\tppfhook.sys [2014-3-22 40176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 dsio;TrustPort Raw IO Driver;C:\Program Files (x86)\Common Files\TrustPort\bin\dsio.sys [2014-3-22 20720]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-21 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-9 1255736]
.
=============== Created Last 30 ================
.
2014-03-22 00:56:46 -------- d-----w- C:\ProgramData\Symantec
2014-03-22 00:56:37 -------- d-----w- C:\ProgramData\Norton
2014-03-22 00:56:34 -------- d-----w- C:\ProgramData\NortonInstaller
2014-03-22 00:56:34 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-03-22 00:33:25 -------- d-----w- C:\Users\asus101212\AppData\Local\trustport
2014-03-22 00:24:29 1162992 ----a-w- C:\Windows\isRS-000.tmp
2014-03-22 00:24:21 51952 ----a-w- C:\Windows\System32\drivers\tdifw.sys
2014-03-22 00:23:53 50928 ----a-w- C:\Windows\System32\drivers\avasdmft.sys
2014-03-22 00:23:53 30688 ----a-w- C:\Windows\System32\tpnative.exe
2014-03-22 00:23:53 228480 ----a-w- C:\Windows\System32\avinspect64.dll
2014-03-22 00:23:53 202640 ----a-w- C:\Windows\SysWow64\avinspect.dll
2014-03-22 00:23:52 53928 ----a-w- C:\Windows\System32\drivers\tpsec.sys
2014-03-22 00:23:52 43248 ----a-w- C:\Windows\System32\drivers\tpdevflt.sys
2014-03-22 00:23:51 -------- d-----w- C:\Program Files (x86)\TrustPort
2014-03-22 00:23:51 -------- d-----w- C:\Program Files (x86)\Common Files\TrustPort
2014-03-21 19:28:05 -------- d-----w- C:\Program Files (x86)\Windows Kits
2014-03-21 18:29:28 -------- d-----w- C:\Users\asus101212\AppData\Local\Nero_AG
2014-03-21 18:29:20 -------- d-----w- C:\Users\asus101212\AppData\Local\Nero
2014-03-21 18:23:28 -------- d-----w- C:\ProgramData\Nero
2014-03-21 18:18:27 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2014-03-21 18:18:24 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-03-21 18:18:23 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2014-03-21 18:18:22 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-03-21 18:18:21 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2014-03-21 18:18:20 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-03-21 16:56:45 -------- d-----w- C:\ProgramData\HitmanPro
2014-03-21 15:34:08 -------- d-----w- C:\ProgramData\RegRun
2014-03-21 15:28:18 -------- d-----w- C:\Users\asus101212\AppData\Roaming\Malwarebytes
2014-03-21 15:28:14 -------- d-----w- C:\ProgramData\Malwarebytes
2014-03-21 15:28:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-21 15:20:41 -------- d-sh--r- C:\comment.htt
2014-03-21 15:19:37 -------- d-----w- C:\Program Files (x86)\UnHackMe
2014-03-21 14:44:14 -------- d-----w- C:\ProgramData\COMODO
2014-03-21 14:44:09 -------- d-----w- C:\Program Files (x86)\COMODO
2014-03-21 13:26:53 -------- d-----w- C:\FRST
2014-03-21 12:34:21 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-21 12:34:21 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-21 12:34:20 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-21 12:34:20 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-09 16:05:57 -------- d-----w- C:\Windows\Panther
2014-03-09 13:38:18 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-03-09 13:38:15 -------- d--h--w- C:\Windows\AxInstSV
2014-03-09 13:34:32 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2014-03-09 13:29:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-09 13:29:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-09 13:28:40 -------- d-----w- C:\Users\asus101212\AppData\Local\Adobe
2014-03-09 11:43:57 15584 ----a-w- C:\Users\asus101212\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2014-03-09 11:41:55 -------- d-sh--w- C:\ProgramData\SecuROM
2014-03-09 11:40:41 -------- d-----w- C:\Users\asus101212\AppData\Local\Rockstar Games
2014-03-09 11:40:33 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2014-03-09 11:40:22 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2014-03-09 11:40:18 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2014-03-09 11:40:00 -------- d-----w- C:\Windows\SysWow64\xlive
2014-03-09 11:40:00 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-09 11:37:40 69448 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2014-03-09 11:37:40 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll
2014-03-09 11:37:39 517448 ----a-w- C:\Windows\SysWow64\XAudio2_4.dll
2014-03-09 11:37:31 235352 ----a-w- C:\Windows\SysWow64\xactengine3_4.dll
2014-03-09 11:37:31 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_6.dll
2014-03-09 11:37:00 68104 ----a-w- C:\Windows\System32\XAPOFX1_0.dll
2014-03-09 11:37:00 65032 ----a-w- C:\Windows\SysWow64\XAPOFX1_0.dll
2014-03-09 11:37:00 511496 ----a-w- C:\Windows\System32\XAudio2_1.dll
2014-03-09 11:37:00 507400 ----a-w- C:\Windows\SysWow64\XAudio2_1.dll
2014-03-09 10:29:40 -------- d-----w- C:\Users\asus101212\AppData\Local\Diagnostics
2014-03-09 10:18:29 -------- d-----w- C:\Users\asus101212\AppData\Local\Programs
2014-03-09 10:09:46 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-09 10:09:46 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-09 09:54:28 -------- d-----w- C:\Windows\Migration
2014-03-09 09:52:20 -------- d-----w- C:\Windows\SysWow64\Wat
2014-03-09 09:52:20 -------- d-----w- C:\Windows\System32\Wat
2014-03-09 09:32:38 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-03-09 09:32:38 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-03-09 09:32:37 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-03-09 09:32:37 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-03-09 09:20:09 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-09 09:11:12 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-03-09 09:06:37 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2014-03-09 09:01:12 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2014-03-09 09:01:12 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2014-03-09 09:01:11 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2014-03-09 09:01:11 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2014-03-09 09:01:10 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2014-03-09 09:01:10 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2014-03-09 09:01:10 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2014-03-09 08:58:48 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2014-03-09 08:58:47 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2014-03-09 08:58:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2014-03-09 08:54:56 5120 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2014-03-09 08:53:59 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2014-03-09 08:52:59 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-03-09 08:51:59 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-03-09 08:50:58 723456 ----a-w- C:\Windows\System32\EncDec.dll
2014-03-09 08:49:58 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-03-09 08:41:42 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2014-03-09 08:41:41 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-03-09 08:41:40 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-03-09 08:41:40 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-03-09 08:41:40 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-03-09 08:41:40 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-03-09 08:39:04 -------- d-----w- C:\Users\asus101212\AppData\Local\Google
2014-03-09 08:38:49 -------- d-----w- C:\Users\asus101212\AppData\Local\Deployment
2014-03-09 08:38:49 -------- d-----w- C:\Users\asus101212\AppData\Local\Apps
2014-03-09 08:36:50 77312 ----a-w- C:\Windows\System32\packager.dll
2014-03-09 08:36:50 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-03-09 06:51:19 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-03-09 06:51:18 -------- d-----w- C:\Program Files (x86)\Steam
2014-03-09 06:45:53 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-03-09 06:45:29 923936 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-09 06:45:29 6712608 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-09 06:45:29 63776 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-09 06:45:29 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-09 06:45:29 3573739 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-03-09 06:45:29 3498272 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-09 06:45:23 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2014-03-09 06:45:23 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-03-09 06:45:17 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-03-09 06:45:14 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-03-09 06:43:42 -------- d-----w- C:\NVIDIA
2014-03-09 06:33:47 -------- d-----w- C:\ProgramData\AVAST Software
2014-03-09 06:29:36 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-03-09 06:29:36 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-03-09 06:29:36 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-03-09 06:25:57 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-03-09 06:25:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-03-09 06:25:29 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-03-09 06:25:29 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-03-09 06:23:55 -------- d-----w- C:\ProgramData\Birdstep Technology
2014-03-09 06:23:51 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2014-03-09 06:23:51 1490656 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
2014-03-09 06:23:27 -------- d-sh--w- C:\Windows\Installer
2014-02-20 16:14:22 15453904 ----a-w- C:\Windows\SysWow64\xlive.dll
2014-02-20 16:14:20 13642960 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
.
==================== Find3M  ====================
.
2014-03-09 09:20:09 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
.
============= FINISH:  3:07:33,66 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:37 PM

Posted 22 March 2014 - 01:03 PM

:welcome:

Hello bostanaf,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:37 PM

Posted 25 March 2014 - 03:53 AM

Hi,

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

Note: Threads will be closed if no response after 3 days


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:37 PM

Posted 27 March 2014 - 02:53 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users