Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Optimizer Present After Clean Install of Windows 7


  • This topic is locked This topic is locked
4 replies to this topic

#1 bigtunelover

bigtunelover

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 20 April 2014 - 08:19 PM

Hi There,

 

A friend of mine gave me her laptop to clean from infestation including the PC Optimizer issue. She had so many virus' and malware that I backed up her data and formatted all her drives, removed all partitions and reinstalled windows 7.

 

After installing all windows updates a virus scanner and a few tools I gave her some tips about how to be more safe on the internet and gave her the laptop back. A few days later and she says its back again.

 

In looking at her history, I surmise it was clean and she reintroduced the malware from popups on TV viewing sites. I will re-educate her about that.

 

At this point, I have done some removal with Malwarebytes, Superantispyware, AdwCleaner and a few other tools. When using the ESET scanner it is still finding some instances so I want to be absolutely clear that the laptop is clean before I give it back. Can you please let me know if you see anything in the logs and direct me to a few tools to be absolutely sure.

 

Thanks so much in advance for your support.

 

Thanks,

Leslie

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17041
Run by ALL YEEE AH at 21:07:16 on 2014-04-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2038.881 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\explorer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
uRun: [GoogleChromeAutoLaunch_9340F003DD856E45EE5C4281B0EFB91B] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [fst_ca_88] <no file>
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Trusted Zone: dell.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{ED337C06-6363-4330-9DBB-D7C7A4208697} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{ED337C06-6363-4330-9DBB-D7C7A4208697}\14C69616 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{ED337C06-6363-4330-9DBB-D7C7A4208697}\C496768647134577F6 : DHCPNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\all yeee ah\appdata\roaming\mozilla\firefox\profiles\lfq2wvcv.default\
FF - prefs.js: browser.startup.homepage - google.ca
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-4-15 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-4-15 180248]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-4-15 18624]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-4-15 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-4-15 410784]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-10-10 120088]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-4-15 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-4-15 50344]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-4-15 64168]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-15 108032]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2014-4-15 15688]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2014-4-15 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2014-4-15 14848]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-4-15 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2014-4-15 1343400]
.
=============== Created Last 30 ================
.
2014-04-21 00:13:08    --------    d-----w-    c:\program files\ESET
2014-04-21 00:10:26    62576    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{9c39c4bf-ae86-41bd-87e2-a617c5503327}\offreg.dll
2014-04-21 00:04:58    --------    d-----w-    c:\users\all yeee ah\appdata\roaming\SUPERAntiSpyware.com
2014-04-21 00:04:26    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2014-04-21 00:04:26    --------    d-----w-    c:\program files\SUPERAntiSpyware
2014-04-20 23:49:52    --------    d-sh--w-    c:\users\all yeee ah\appdata\local\EmieUserList
2014-04-20 23:49:52    --------    d-sh--w-    c:\users\all yeee ah\appdata\local\EmieSiteList
2014-04-20 23:45:32    --------    d-----w-    c:\program files\VideoLAN
2014-04-20 23:37:01    --------    d-----w-    C:\FRST
2014-04-20 23:26:03    --------    d-----w-    C:\AdwCleaner
2014-04-19 20:22:12    7969936    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2014-04-19 20:21:32    8050496    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{9c39c4bf-ae86-41bd-87e2-a617c5503327}\mpengine.dll
2014-04-18 02:01:31    1097384    ----a-w-    c:\users\all yeee ah\appdata\local\nst2082.tmp
2014-04-18 01:56:30    --------    d-----w-    c:\users\all yeee ah\appdata\local\com
2014-04-17 01:18:13    --------    d-----w-    c:\users\all yeee ah\appdata\local\Adobe
2014-04-17 00:40:42    319488    ----a-w-    c:\windows\system32\spool\prtprocs\w32x86\hpfppw73.dll
2014-04-17 00:38:55    --------    d-----w-    c:\users\all yeee ah\appdata\local\Diagnostics
2014-04-16 00:48:52    31008    ----a-w-    c:\windows\system32\SmartDefragBootTime.exe
2014-04-16 00:48:24    109856    ----a-w-    c:\windows\system32\IObitSmartDefragExtension.dll
2014-04-16 00:48:24    --------    d-----w-    c:\programdata\IObit
2014-04-16 00:48:13    18624    ----a-w-    c:\windows\system32\drivers\SmartDefragDriver.sys
2014-04-16 00:48:07    --------    d-----w-    c:\program files\IObit
2014-04-16 00:47:54    --------    d-----w-    c:\users\all yeee ah\appdata\roaming\IObit
2014-04-15 23:44:13    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2014-04-15 23:30:25    --------    d-----w-    c:\windows\system32\Wat
2014-04-15 23:12:22    --------    d-----w-    c:\windows\Migration
2014-04-15 23:09:46    --------    d-----w-    c:\program files\CONEXANT
2014-04-15 08:27:39    14848    ----a-w-    c:\windows\system32\drivers\rdpvideominiport.sys
2014-04-15 08:27:37    12800    ----a-w-    c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-15 08:27:30    221184    ----a-w-    c:\windows\system32\rdpudd.dll
2014-04-15 08:27:30    192000    ----a-w-    c:\windows\system32\rdpendp_winip.dll
2014-04-15 08:27:29    2739712    ----a-w-    c:\windows\system32\rdpcorets.dll
2014-04-15 08:07:15    32256    ----a-w-    c:\windows\system32\TsUsbGDCoInstaller.dll
2014-04-15 08:07:11    12800    ----a-w-    c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-15 08:07:09    49152    ----a-w-    c:\windows\system32\drivers\TsUsbFlt.sys
2014-04-15 08:07:07    855552    ----a-w-    c:\windows\system32\rdvidcrl.dll
2014-04-15 08:07:07    76288    ----a-w-    c:\windows\system32\TSWbPrxy.exe
2014-04-15 08:07:07    53248    ----a-w-    c:\windows\system32\tsgqec.dll
2014-04-15 08:07:07    50176    ----a-w-    c:\windows\system32\MsRdpWebAccess.dll
2014-04-15 08:07:07    350208    ----a-w-    c:\windows\system32\wksprt.exe
2014-04-15 08:07:07    17920    ----a-w-    c:\windows\system32\wksprtPS.dll
2014-04-15 08:07:07    14336    ----a-w-    c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-15 08:07:06    1068544    ----a-w-    c:\windows\system32\mstsc.exe
2014-04-15 07:43:53    66560    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2014-04-15 07:43:53    155136    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2014-04-15 07:43:52    73216    ----a-w-    c:\windows\system32\WUDFSvc.dll
2014-04-15 07:43:51    172032    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2014-04-15 07:43:49    613888    ----a-w-    c:\windows\system32\WUDFx.dll
2014-04-15 07:43:49    38912    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2014-04-15 07:43:49    196608    ----a-w-    c:\windows\system32\WUDFHost.exe
2014-04-15 07:42:52    5120    ----a-w-    c:\windows\system32\wmi.dll
2014-04-15 07:42:52    19824    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2014-04-15 07:33:50    --------    d-----w-    c:\windows\system32\MRT
2014-04-15 07:32:41    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2014-04-15 07:32:40    164864    ----a-w-    c:\program files\windows media player\wmplayer.exe
2014-04-15 07:23:26    301568    ----a-w-    c:\windows\system32\msieftp.dll
2014-04-15 07:18:13    99840    ----a-w-    c:\windows\system32\sspicli.dll
2014-04-15 07:18:13    67520    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2014-04-15 07:18:13    369848    ----a-w-    c:\windows\system32\drivers\cng.sys
2014-04-15 07:18:13    247808    ----a-w-    c:\windows\system32\schannel.dll
2014-04-15 07:18:13    220160    ----a-w-    c:\windows\system32\ncrypt.dll
2014-04-15 07:18:13    22016    ----a-w-    c:\windows\system32\secur32.dll
2014-04-15 07:18:13    22016    ----a-w-    c:\windows\system32\lsass.exe
2014-04-15 07:18:13    15872    ----a-w-    c:\windows\system32\sspisrv.dll
2014-04-15 07:18:13    136640    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2014-04-15 07:18:13    1038848    ----a-w-    c:\windows\system32\lsasrv.dll
2014-04-15 07:15:35    156672    ----a-w-    c:\windows\system32\ncsi.dll
2014-04-15 07:15:34    499712    ----a-w-    c:\windows\system32\iphlpsvc.dll
2014-04-15 07:15:34    242176    ----a-w-    c:\windows\system32\nlasvc.dll
2014-04-15 07:15:34    175104    ----a-w-    c:\windows\system32\netcorehc.dll
2014-04-15 07:15:33    35328    ----a-w-    c:\windows\system32\drivers\tcpipreg.sys
2014-04-15 07:15:32    52224    ----a-w-    c:\windows\system32\nlaapi.dll
2014-04-15 07:15:32    18944    ----a-w-    c:\windows\system32\netevent.dll
2014-04-15 07:13:40    1796096    ----a-w-    c:\windows\system32\authui.dll
2014-04-15 07:13:40    152576    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2014-04-15 07:13:39    168960    ----a-w-    c:\windows\system32\credui.dll
2014-04-15 07:13:24    175104    ----a-w-    c:\windows\system32\wintrust.dll
2014-04-15 07:12:57    2048    ----a-w-    c:\windows\system32\tzres.dll
2014-04-15 07:12:15    338944    ----a-w-    c:\windows\system32\drivers\afd.sys
2014-04-15 07:12:15    231424    ----a-w-    c:\windows\system32\mswsock.dll
2014-04-15 07:12:12    24576    ----a-w-    c:\windows\system32\cryptdlg.dll
2014-04-15 07:10:20    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2014-04-15 07:10:16    492544    ----a-w-    c:\windows\system32\win32spl.dll
2014-04-15 07:10:13    40960    ----a-w-    c:\windows\system32\wwanprotdim.dll
2014-04-15 07:10:13    185344    ----a-w-    c:\windows\system32\wwansvc.dll
2014-04-15 07:10:00    102608    ----a-w-    c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-15 07:09:55    903168    ----a-w-    c:\windows\system32\certutil.exe
2014-04-15 07:09:54    43008    ----a-w-    c:\windows\system32\certenc.dll
2014-04-15 07:09:41    1389568    ----a-w-    c:\windows\system32\msxml6.dll
2014-04-15 07:09:39    70656    ----a-w-    c:\windows\system32\fontsub.dll
2014-04-15 07:09:39    34304    ----a-w-    c:\windows\system32\atmlib.dll
2014-04-15 07:09:39    295424    ----a-w-    c:\windows\system32\atmfd.dll
2014-04-15 07:09:39    26112    ----a-w-    c:\windows\system32\lpk.dll
2014-04-15 07:09:39    10240    ----a-w-    c:\windows\system32\dciman32.dll
2014-04-15 07:09:37    434688    ----a-w-    c:\windows\system32\scavengeui.dll
2014-04-15 07:09:02    2349056    ----a-w-    c:\windows\system32\win32k.sys
2014-04-15 07:07:58    81920    ----a-w-    c:\windows\system32\davclnt.dll
2014-04-15 07:06:57    381440    ----a-w-    c:\windows\system32\wer.dll
2014-04-15 07:05:57    1328128    ----a-w-    c:\windows\system32\quartz.dll
2014-04-15 07:04:56    514560    ----a-w-    c:\windows\system32\qdvd.dll
2014-04-15 06:34:08    31232    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2014-04-15 06:32:51    101720    ----a-w-    c:\windows\system32\consent.exe
2014-04-15 06:32:49    47104    ----a-w-    c:\windows\system32\appinfo.dll
2014-04-15 06:15:37    107736    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 06:15:20    73432    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 06:15:19    51416    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-04-15 06:15:19    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-04-15 06:15:19    --------    d-----w-    c:\programdata\Malwarebytes
2014-04-15 06:15:19    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-04-15 06:14:39    --------    d-----w-    c:\users\all yeee ah\appdata\local\Programs
2014-04-15 06:14:12    --------    d-sh--w-    c:\windows\Installer
2014-04-15 06:13:01    --------    d-----w-    c:\program files\CCleaner
2014-04-15 06:11:35    --------    d-----w-    c:\users\all yeee ah\appdata\roaming\AVAST Software
2014-04-15 06:09:39    --------    d-----w-    c:\users\all yeee ah\appdata\local\Google
2014-04-15 06:09:21    64168    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2014-04-15 06:09:19    180248    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-04-15 06:09:15    775952    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-04-15 06:09:11    67824    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-04-15 06:09:11    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-04-15 06:09:09    79720    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-04-15 06:09:03    43152    ----a-w-    c:\windows\avastSS.scr
2014-04-15 06:08:37    --------    d-----w-    c:\program files\AVAST Software
2014-04-15 06:07:01    --------    d-----w-    c:\programdata\AVAST Software
2014-04-15 06:03:32    231584    ------w-    c:\windows\system32\MpSigStub.exe
2014-04-15 06:00:16    1002008    ----a-w-    c:\windows\system32\igxpun.exe
2014-04-15 06:00:16    --------    d-----w-    c:\windows\system32\x64
2014-04-15 05:58:32    826880    ----a-w-    c:\windows\system32\rdpcore.dll
2014-04-15 05:58:32    24576    ----a-w-    c:\windows\system32\drivers\tdtcp.sys
2014-04-15 05:55:58    --------    d-----w-    c:\users\all yeee ah\appdata\local\Apps
2014-04-15 05:55:57    --------    d-----w-    c:\users\all yeee ah\appdata\local\Deployment
2014-04-15 05:53:06    --------    d-----w-    c:\users\all yeee ah\appdata\local\Mozilla
2014-04-15 05:51:47    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2014-04-15 05:51:26    88576    ----a-w-    c:\windows\system32\wudriver.dll
2014-04-15 05:50:45    33792    ----a-w-    c:\windows\system32\wuapp.exe
2014-04-15 05:50:45    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2014-04-15 05:13:31    2881848    ----a-w-    c:\windows\system32\pwNative.exe
2014-04-15 05:13:30    15688    ------w-    c:\windows\system32\pwdrvio.sys
2014-04-15 05:13:18    10320    ------w-    c:\windows\system32\pwdspio.sys
2014-04-15 05:13:04    --------    d-----w-    c:\program files\MiniTool Partition Wizard Home Edition 8.1.1
2014-04-15 05:07:49    --------    d-----w-    c:\windows\system32\en
2014-04-15 05:07:49    --------    d-----w-    c:\windows\system32\0409
2014-04-15 05:07:49    --------    d-----w-    c:\windows\en-US
2014-04-15 05:07:48    --------    d-----w-    c:\windows\system32\drivers\umdf\en-US
2014-04-15 05:07:48    --------    d-----w-    c:\windows\system32\drivers\en-US
2014-04-15 05:07:28    --------    d-----w-    c:\windows\system32\wbem\en-US
2014-04-15 05:06:12    3584    ----a-w-    c:\windows\system32\spool\prtprocs\w32x86\en-us\LXKPTPRC.DLL.mui
2014-04-14 23:22:38    --------    d-----w-    c:\windows\Panther
.
==================== Find3M  ====================
.
2014-04-15 05:06:53    2048    ----a-w-    c:\windows\system32\drivers\en-us\usbrpm.sys.mui
2014-04-15 05:05:54    7680    ----a-w-    c:\windows\system32\drivers\en-us\tunnel.sys.mui
2014-03-06 08:32:07    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2014-03-06 08:31:27    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:02:34    61952    ----a-w-    c:\windows\system32\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    c:\windows\system32\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2014-03-06 07:46:36    4254720    ----a-w-    c:\windows\system32\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2014-03-06 07:38:10    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2014-03-06 07:36:40    592896    ----a-w-    c:\windows\system32\jscript9diag.dll
2014-03-06 07:28:01    646144    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 07:13:43    32256    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 06:40:39    1967104    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-03-06 05:41:49    1789440    ----a-w-    c:\windows\system32\wininet.dll
2014-02-04 02:07:53    149440    ----a-w-    c:\windows\system32\drivers\storport.sys
2014-02-04 02:07:50    234432    ----a-w-    c:\windows\system32\drivers\msiscsi.sys
2014-02-04 02:07:41    27072    ----a-w-    c:\windows\system32\drivers\Diskdump.sys
2014-02-04 02:04:22    1230336    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11    509440    ----a-w-    c:\windows\system32\qedit.dll
2014-02-04 02:00:39    2048    ----a-w-    c:\windows\system32\iologmsg.dll
2014-01-24 02:18:22    1212352    ----a-w-    c:\windows\system32\drivers\ntfs.sys
.
============= FINISH: 21:08:57.51 ===============
 


Edited by bigtunelover, 20 April 2014 - 08:23 PM.


BC AdBot (Login to Remove)

 


m

#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:05:08 AM

Posted 21 April 2014 - 03:48 PM

Good evening. :)
 

When using the ESET scanner it is still finding some instances

 

Can you tell me what ESET is finding, whether or not you are letting it fix these problems and if so, are they returning on rescanning?


So long, and thanks for all the fish.

 

 


#3 bigtunelover

bigtunelover
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 21 April 2014 - 04:07 PM

Hi there, thanks for your help!

 

I decided instead of going any further on my own I'd better get some help. I ran ESET and it found 9 items, but I didnt fix them. I also, didnt realize that it didnt automatically save the log file so I didnt get the details.

 

Should I redo the scan and fix?

 

Thanks again!

Leslie



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:05:08 AM

Posted 22 April 2014 - 12:13 PM

Good evening. :)

You should be able to find the log in one of these two locations:

 

C:\Program Files\ESET\ESET Online Scanner\log.txt
C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt


So long, and thanks for all the fish.

 

 


#5 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:05:08 AM

Posted 27 April 2014 - 01:59 PM

Helpers are limited in the number of logs they can take by the time they have available and having threads sit idle means that somebody else who could be being helped has to wait.
Given that there has been no response for at least five days, and I have no way of knowing when there will be one, this thread is now closed.


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users