Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My scans are clean but I am clearly infected with something.


  • Please log in to reply
25 replies to this topic

#1 Havebeenhacked

Havebeenhacked

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 06:27 PM

Hello!  My friend recommended this site for much-needed help. My relatively new Lenovo desktop that runs Windows 8.1 is very locked up. Most problematic is my computer's overall function.  Most of my programs are not responding or only respond if I right click for each command.  Some programs are listed as corrupted but after a restart, they will occasionally respond.  The computer is balky and faulty.    I cannot access any programs without right-clicking the icons.  Even then, nothing is working correctly.  My computer also spews out spam email when I login to my yahoo account. I have changed my password 3 times.  My email doesn't send out spam from other computers.

 

My Avast Free runs a clean scan as does the Malware Byte and AVG Free.  I ran both scans from safe mode today with the same clean results.  Avast says there are files (perhaps 10) that are password protected and will not scan those. I don't know what that means and wonder if those files are the culprit.

 

When I ran the Avast scan in safe mode today and tried to update the virus definitions, Avast indicated that I was not protected at all. Could it have been disabled completely by a virus and been running "sham" scans?   I tried to upgrade to several programs today (Norton 360, AVG paid edition, Avast paid edition) and I was blocked from installation.  Error notices ranged from invalid email address to "AAVM subsystem detected a RPG error."  At this point, I have no idea if I have virus protection on the computer or 5 virus programs running.

 

I assume I have something nefarious but am unable to proceed on my own.  I would be very grateful for any assistance anyone could offer.  Thanks so much!

 

 



BC AdBot (Login to Remove)

 


#2 OldPhil

OldPhil

    Doppleganger


  • Members
  • 4,071 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:09:01 AM

Posted 02 April 2014 - 06:50 PM

For starters I would disable one of the virus scanners that can cause some issues, see if that helps any.  If not there are some really knowledgeable folks up here that will ump in to help you out.

 

Just noticed you have three AV's definitely not good!!!!!!!!!!!!!!


Edited by OldPhil, 02 April 2014 - 06:51 PM.

Honesty & Integrity Above All!


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 02 April 2014 - 07:55 PM

Hello, yes uninstall two of these and reboot

Avast Free
AVG Free
Norton 360


This may not run n your system

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • >>>>
    Next do these

    Please download MiniToolBox, save it to your desktop and run it.
    Checkmark the following checkboxes:
    [list]
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .

Edited by boopme, 02 April 2014 - 07:57 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 08:19 PM

Thank you!  I will print your instructions.  Quick question--should I try to download these programs onto my infected computer or flashdrive them over?

Thanks



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 02 April 2014 - 08:37 PM

If you can do it on the infected machine do so. Or try Safe mode with Networking or a Flashdrive.. Eset will have to wait to you can run it on the machine.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 09:14 PM

Results of screen317's Security Check version 0.99.81  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
AVG Internet Security 2014   
Windows Defender             
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Reader XI  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#7 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 09:19 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Cris (administrator) on 02-04-2014 at 22:18:12
Running from "C:\Users\Cris\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Desktop2014
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 24-FD-52-CE-E4-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : hsd1.fl.comcast.net.
   Description . . . . . . . . . . . : Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 24-FD-52-CE-E4-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:3:8a00:1c8:21a1:f201:ef88:f4a4(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:3:8a00:1c8:987c:bc28:15cb:96e2(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::21a1:f201:ef88:f4a4%8(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.31(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, April 2, 2014 10:02:17 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 9, 2014 10:02:21 PM
   Default Gateway . . . . . . . . . : fe80::21d:d4ff:fe65:5f11%8
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 136641874
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-85-33-2F-74-27-EA-AC-27-96
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 74-27-EA-AC-27-96
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:4008:800::1007
 173.194.37.14
 173.194.37.7
 173.194.37.5
 173.194.37.2
 173.194.37.3
 173.194.37.4
 173.194.37.6
 173.194.37.8
 173.194.37.0
 173.194.37.9
 173.194.37.1
 
 
Pinging google.com [2607:f8b0:4008:800::1007] with 32 bytes of data:
Reply from 2607:f8b0:4008:800::1007: time=78ms 
Reply from 2607:f8b0:4008:800::1007: time=33ms 
 
Ping statistics for 2607:f8b0:4008:800::1007:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 78ms, Average = 55ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=106ms TTL=48
Reply from 98.139.183.24: bytes=32 time=63ms TTL=48
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 63ms, Maximum = 106ms, Average = 84ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...24 fd 52 ce e4 34 ......Microsoft Wi-Fi Direct Virtual Adapter
  8...24 fd 52 ce e4 34 ......Realtek RTL8188E Wireless LAN 802.11n PCI-E NIC
  3...74 27 ea ac 27 96 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.31     30
         10.0.0.0    255.255.255.0         On-link         10.0.0.31    286
        10.0.0.31  255.255.255.255         On-link         10.0.0.31    286
       10.0.0.255  255.255.255.255         On-link         10.0.0.31    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.31    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.31    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8    286 ::/0                     fe80::21d:d4ff:fe65:5f11
  1    306 ::1/128                  On-link
  8    286 2601:3:8a00:1c8::/64     On-link
  8    286 2601:3:8a00:1c8:21a1:f201:ef88:f4a4/128
                                    On-link
  8    286 2601:3:8a00:1c8:987c:bc28:15cb:96e2/128
                                    On-link
  8    286 fe80::/64                On-link
  8    286 fe80::21a1:f201:ef88:f4a4/128
                                    On-link
  1    306 ff00::/8                 On-link
  8    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/02/2014 09:26:28 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:26:28 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:24:55 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:24:55 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:23:01 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:23:01 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:21:20 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed
 
Error: (04/02/2014 09:21:20 PM) (Source: MsiInstaller) (User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed
 
Error: (04/02/2014 08:02:43 PM) (Source: Microsoft-Windows-RestartManager) (User: Desktop2014)
Description: Application or service 'AVG User Interface' could not be shut down.
 
Error: (04/02/2014 05:19:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30063
 
 
System errors:
=============
Error: (04/02/2014 10:16:54 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/02/2014 10:16:52 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/02/2014 10:16:52 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (04/02/2014 10:16:42 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/02/2014 10:16:42 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (04/02/2014 10:16:34 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/02/2014 10:16:34 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (04/02/2014 10:16:28 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/02/2014 10:16:28 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (04/02/2014 10:15:56 PM) (Source: DCOM) (User: Desktop2014)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
 
Microsoft Office Sessions:
=========================
Error: (04/02/2014 09:26:28 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:26:28 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:24:55 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:24:55 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:23:01 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:23:01 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:21:20 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallation(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 09:21:20 PM) (Source: MsiInstaller)(User: Desktop2014)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 27046. CA_Error27046: DriverInstallationFun(0xC0000135): Driver installation failed(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/02/2014 08:02:43 PM) (Source: Microsoft-Windows-RestartManager)(User: Desktop2014)
Description: 3C:\Program Files (x86)\AVG\AVG2014\avgui.exeAVG User Interface0231772080
 
Error: (04/02/2014 05:19:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30063
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-05 13:21:16.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-05 13:21:15.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-05 06:10:15.024
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-05 06:10:14.993
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-05 06:10:14.712
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-05 06:10:14.681
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-04 20:05:51.173
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-04 20:05:51.142
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-04 20:03:35.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-03-04 20:03:35.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.4)
Adobe AIR (Version: 4.0.0.1390)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Amazon Browser App (Version: 1.0.0.0)
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4355)
AVG 2014 (Version: 2014.0.4355)
Bonjour (Version: 3.0.0.10)
Canon Laser Printer/Scanner/Fax Extended Survey Program (Version: 1.0.198)
Canon Laser Printer/Scanner/Fax Extended Survey Program (Version: 1.0.198.10000)
Canon MF Toolbox 4.9.1.1.mf14 (Version: 4.9.1.1.mf14)
Canon MF4700 Series (Version: 4.1.0.1)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CyberLink PhotoDirector 3 (Version: 3.0.4030)
CyberLink PowerDirector 10 (Version: 10.0.0.2810)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Driver & Application Installation (Version: 6.12.0911)
Genesys USB Mass Storage Device (Version: 4.1.1.0)
Google Chrome (Version: 33.0.1750.154)
Google Update Helper (Version: 1.3.23.9)
Intel AppUp(SM) center (Version: 3.6.1.33057.10)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 10.18.10.3412)
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.5.5)
Lenovo Assistant (Version: 2.0.0.23)
Lenovo Blacksilk USB Keyboard Driver (Version: V1.4.11.0608)
Lenovo Experience Improvement (Version: 1.0.3.0)
Lenovo Photos (Version: 4.8.5)
Lenovo Power2Go (Version: 6.0.6917)
Lenovo PowerDVD10 (Version: 10.0.5108.52)
Lenovo Rescue System (Version: 4.0.0.1511)
Lenovo Solution Center (Version: 2.0.013.00)
LVT (Version: 5.00.0914)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Nitro Pro 8 (Version: 8.5.4.11)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
Plants vs. Zombies
Realtek Ethernet Controller Driver (Version: 8.2.612.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6743)
REALTEK Wireless LAN Driver (Version: 1.00.0187)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64 (Version: 10.0.0)
SugarSync Manager (Version: 1.9.61.90905)
SUPERAntiSpyware (Version: 5.7.1018)
ThinkPad Wireless LAN Adapter Software (Version: 1.00.0035.0)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2309)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0474)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0186)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax 2013 (Version: 2013.0)
TurboTax 2013 WinPerFedFormset (Version: 013.000.1953)
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0492)
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0168)
TurboTax 2013 wrapper (Version: 013.000.0135)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition
 
========================= Devices: ================================


#8 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 09:21 PM

I am unsure whether I have saved the Security Check or MiniTool Box to my desktop.  Could you please let me know how to check if that was done correctly?  Thanks



#9 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 09:33 PM

I ran TDSSKiller (no threats) but am unable to copy and paste the file report.  I can highlight the report but nothing happens when I try to copy it.  The program seems frozen.



#10 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 10:00 PM

# AdwCleaner v3.023 - Report created 02/04/2014 at 22:36:03
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Cris - DESKTOP2014
# Running from : C:\Users\Cris\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Folder Found C:\ProgramData\Pokki
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Classes\*\shell\pokki
Key Found : HKCU\Software\Classes\Folder\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Cris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1023 octets] - [02/04/2014 22:36:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1083 octets] ##########

# AdwCleaner v3.023 - Report created 02/04/2014 at 22:54:49
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Cris - DESKTOP2014
# Running from : C:\Users\Cris\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Cris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1167 octets] - [02/04/2014 22:36:03]
AdwCleaner[R1].txt - [1231 octets] - [02/04/2014 22:45:05]
AdwCleaner[R2].txt - [724 octets] - [02/04/2014 22:54:49]
AdwCleaner[S0].txt - [1308 octets] - [02/04/2014 22:47:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [843 octets] ##########

# AdwCleaner v3.023 - Report created 02/04/2014 at 22:45:05
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Cris - DESKTOP2014
# Running from : C:\Users\Cris\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Folder Found C:\ProgramData\Pokki
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Classes\*\shell\pokki
Key Found : HKCU\Software\Classes\Folder\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Cris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1167 octets] - [02/04/2014 22:36:03]
AdwCleaner[R1].txt - [1087 octets] - [02/04/2014 22:45:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1147 octets] ##########


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 02 April 2014 - 10:01 PM

Ok Nothing on TDSS that's done.

 

Only AVG is now installed.

 

Malwarebytes to update,  then run that scan.... I see you found them'


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 10:02 PM

# AdwCleaner v3.023 - Report created 02/04/2014 at 22:47:50
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Cris - DESKTOP2014
# Running from : C:\Users\Cris\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Pokki
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\*\shell\pokki
Key Deleted : HKCU\Software\Classes\Folder\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Cris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1167 octets] - [02/04/2014 22:36:03]
AdwCleaner[R1].txt - [1231 octets] - [02/04/2014 22:45:05]
AdwCleaner[S0].txt - [1164 octets] - [02/04/2014 22:47:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1224 octets] ##########


#13 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 10:05 PM

I am preparing to run Junkware Removal, but am uncertain how to shut down protection software.  Which one?  AVG? Malwarebytes?  How do I proceed?



#14 Havebeenhacked

Havebeenhacked
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 02 April 2014 - 10:09 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by Cris on Wed 04/02/2014 at 23:07:38.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/02/2014 at 23:09:04.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 02 April 2014 - 10:10 PM

Which one? This  AVG

 

Disabling AVG temporarily

 

  1. Open the AVG Program.
  2. On the Tools menu, click Advanced settings.
  3. Click Temporarily disable AVG protection in the menu on the left side.
  4. Select the Temporarily disable AVG protection check box, and then click OK.
  5. Choose how long you want the protection to be disabled and whether to disable the Firewall as well, and then click Disable real-time protection.

 

How is it running now?


Edited by boopme, 02 April 2014 - 10:11 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users