Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected?


  • Please log in to reply
6 replies to this topic

#1 Killer_Wolf

Killer_Wolf

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 30 April 2014 - 08:38 PM

Hi, I just scanned my com just now and I picked up a detection with malwarebyte. Also, everytime I tried to custom scan my malwarebyte, I am asked to to update it everytime. I feel like something is wrong here, hopefully someone here can help me. Also, after that scan, I stopped getting any sort of detection.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30/04/2014
Scan Time: 8:36:21 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.30.11
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Wen

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 449243
Time Elapsed: 1 hr, 18 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Extension.Mismatch, c:\Users\Wen\AppData\Roaming\Skype\last_edit_pos.gif, Quarantined, [8cf7ee42ccaf1422b652db8ea7597e82],

Physical Sectors: 0
(No malicious items detected)


(end)



BC AdBot (Login to Remove)

 


m

#2 Killer_Wolf

Killer_Wolf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 01 May 2014 - 08:18 PM

Anyone willing to do some simple check for me? I think my com is fine, nothing fishy seems to be going on. But I would like to be on the safe side. :)



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:07 PM

Posted 01 May 2014 - 09:08 PM

Hi -

Noticed this yesterday, but thought someone else was going to pick it up -

 

Download all programs to Desktop, Temporarily Disable Your Anti-virus if needed, and Copy and Paste all logs.

Has there been any recent problems with the system or have you added / changed any recent programs??

 

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
 
Click Go and copy / paste the result (Result.txt).

 

 

Next -

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only post the link)

 

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the log back here.

 

 

Important: Do not reboot your computer until you complete the next step.

 

 

Now: Please download AdwCleaner by Xplode and save to your Desktop.
NOTE : Please close or save all work, as the computer will be Rebooted
Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button. (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
If you see any item which you do not want removed, remove the check mark next to it. 

Next: Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

See how we go with these first -



#4 Killer_Wolf

Killer_Wolf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 02 May 2014 - 03:07 PM

There isn't a lot going on with my system as far as I know. I am just surprised that I got a detection with malwarebyte and I got no clue where that malware came from.

 

 

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.206  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (28.0)
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
 

 

 

 

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Wen (administrator) on 02-05-2014 at 16:46:39
Running from "C:\Users\Wen\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

D-Link DWA-130 Wireless N USB Adapter = Wireless Network Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Wen-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-24-01-F0-E1-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : phub.net.cable.rogers.com
   Description . . . . . . . . . . . : D-Link DWA-130 Wireless N USB Adapter
   Physical Address. . . . . . . . . : 00-24-01-F0-E1-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8d8a:c311:c617:1bae%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.15(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : May-02-14 2:02:58 PM
   Lease Expires . . . . . . . . . . : May-09-14 2:03:57 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 201335809
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-36-03-DD-50-E5-49-6E-F5-F3
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 50-E5-49-6E-F5-F3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5BD6F477-182D-46E8-9A38-C7DA1CE412DC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.phub.net.cable.rogers.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : phub.net.cable.rogers.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1850:3dc1:9c04:3b79(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1850:3dc1:9c04:3b79%21(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  phub.net.cable.rogers.com
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:400b:807::1000
      66.185.84.45
      66.185.84.49
      66.185.84.35
      66.185.84.30
      66.185.84.24
      66.185.84.50
      66.185.84.20
      66.185.84.40
      66.185.84.25
      66.185.84.29
      66.185.84.55
      66.185.84.54
      66.185.84.34
      66.185.84.39
      66.185.84.59
      66.185.84.44


Pinging google.com [66.185.84.44] with 32 bytes of data:
Reply from 66.185.84.44: bytes=32 time=29ms TTL=57
Reply from 66.185.84.44: bytes=32 time=32ms TTL=57

Ping statistics for 66.185.84.44:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 32ms, Average = 30ms
Server:  phub.net.cable.rogers.com
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=106ms TTL=51
Reply from 206.190.36.45: bytes=32 time=113ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 106ms, Maximum = 113ms, Average = 109ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 24 01 f0 e1 c9 ......Microsoft Virtual WiFi Miniport Adapter
 11...00 24 01 f0 e1 c9 ......D-Link DWA-130 Wireless N USB Adapter
 10...50 e5 49 6e f5 f3 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.15     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.15    281
     192.168.0.15  255.255.255.255         On-link      192.168.0.15    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.15    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.15    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.15    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 21     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 21     58 2001::/32                On-link
 21    306 2001:0:9d38:6abd:1850:3dc1:9c04:3b79/128
                                    On-link
 11    281 fe80::/64                On-link
 21    306 fe80::/64                On-link
 21    306 fe80::1850:3dc1:9c04:3b79/128
                                    On-link
 11    281 fe80::8d8a:c311:c617:1bae/128
                                    On-link
  1    306 ff00::/8                 On-link
 21    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/02/2014 03:35:24 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/02/2014 00:17:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Faulting module name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Exception code: 0xc0000005
Fault offset: 0x00f28fa6
Faulting process id: 0x14a4
Faulting application start time: 0xMAPLESTORY.EXE0
Faulting application path: MAPLESTORY.EXE1
Faulting module path: MAPLESTORY.EXE2
Report Id: MAPLESTORY.EXE3

Error: (05/01/2014 08:34:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Faulting module name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Exception code: 0xc0000005
Fault offset: 0x00f28fa6
Faulting process id: 0x1464
Faulting application start time: 0xMAPLESTORY.EXE0
Faulting application path: MAPLESTORY.EXE1
Faulting module path: MAPLESTORY.EXE2
Report Id: MAPLESTORY.EXE3

Error: (05/01/2014 03:56:33 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/01/2014 02:37:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Faulting module name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Exception code: 0xc0000005
Fault offset: 0x00f28fa6
Faulting process id: 0x17fc
Faulting application start time: 0xMAPLESTORY.EXE0
Faulting application path: MAPLESTORY.EXE1
Faulting module path: MAPLESTORY.EXE2
Report Id: MAPLESTORY.EXE3

Error: (05/01/2014 10:50:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (05/01/2014 10:32:37 AM) (Source: Application Error) (User: )
Description: Faulting application name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Faulting module name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Exception code: 0xc0000005
Fault offset: 0x00f28fa6
Faulting process id: 0xbe4
Faulting application start time: 0xMAPLESTORY.EXE0
Faulting application path: MAPLESTORY.EXE1
Faulting module path: MAPLESTORY.EXE2
Report Id: MAPLESTORY.EXE3

Error: (04/30/2014 07:26:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Faulting module name: MAPLESTORY.EXE, version: 8.148.3.0, time stamp: 0x53474694
Exception code: 0xc0000005
Fault offset: 0x00f28fa6
Faulting process id: 0x19b4
Faulting application start time: 0xMAPLESTORY.EXE0
Faulting application path: MAPLESTORY.EXE1
Faulting module path: MAPLESTORY.EXE2
Report Id: MAPLESTORY.EXE3

Error: (04/30/2014 04:57:36 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (04/30/2014 09:29:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (05/02/2014 02:09:29 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer USER1-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9AA4C6D2-BCE7-4E17-AB60-EF7E0C388013}.
The master browser is stopping or an election is being forced.

Error: (05/02/2014 02:03:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd

Error: (05/02/2014 02:02:54 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2 service failed to start due to the following error:
%%2

Error: (05/02/2014 02:02:54 PM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%1053

Error: (05/02/2014 02:02:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avast! Firewall service to connect.

Error: (05/02/2014 07:41:43 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd

Error: (05/02/2014 07:40:19 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2 service failed to start due to the following error:
%%2

Error: (05/02/2014 07:40:09 AM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%1053

Error: (05/02/2014 07:40:09 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avast! Firewall service to connect.

Error: (05/01/2014 03:47:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd


Microsoft Office Sessions:
=========================
Error: (05/02/2014 03:35:24 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/02/2014 00:17:04 PM) (Source: Application Error)(User: )
Description: MAPLESTORY.EXE8.148.3.053474694MAPLESTORY.EXE8.148.3.053474694c000000500f28fa614a401cf65f3a6a49540C:\Nexon\MapleStory\MAPLESTORY.EXEC:\Nexon\MapleStory\MAPLESTORY.EXEd0ee9cd0-d20c-11e3-a537-50e5496ef5f3

Error: (05/01/2014 08:34:42 PM) (Source: Application Error)(User: )
Description: MAPLESTORY.EXE8.148.3.053474694MAPLESTORY.EXE8.148.3.053474694c000000500f28fa6146401cf6571462c1670C:\Nexon\MapleStory\MAPLESTORY.EXEC:\Nexon\MapleStory\MAPLESTORY.EXE2af3e2f0-d189-11e3-8350-50e5496ef5f3

Error: (05/01/2014 03:56:33 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/01/2014 02:37:29 PM) (Source: Application Error)(User: )
Description: MAPLESTORY.EXE8.148.3.053474694MAPLESTORY.EXE8.148.3.053474694c000000500f28fa617fc01cf655be0871c30C:\Nexon\MapleStory\MAPLESTORY.EXEC:\Nexon\MapleStory\MAPLESTORY.EXE43bd1d10-d157-11e3-815e-50e5496ef5f3

Error: (05/01/2014 10:50:09 AM) (Source: SideBySide)(User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (05/01/2014 10:32:37 AM) (Source: Application Error)(User: )
Description: MAPLESTORY.EXE8.148.3.053474694MAPLESTORY.EXE8.148.3.053474694c000000500f28fa6be401cf65400e909758C:\Nexon\MapleStory\MAPLESTORY.EXEC:\Nexon\MapleStory\MAPLESTORY.EXE0ed31428-d135-11e3-8dcb-50e5496ef5f3

Error: (04/30/2014 07:26:34 PM) (Source: Application Error)(User: )
Description: MAPLESTORY.EXE8.148.3.053474694MAPLESTORY.EXE8.148.3.053474694c000000500f28fa619b401cf64c253bbe6d0C:\Nexon\MapleStory\MAPLESTORY.EXEC:\Nexon\MapleStory\MAPLESTORY.EXE7c09f720-d0b6-11e3-88b7-50e5496ef5f3

Error: (04/30/2014 04:57:36 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161

Error: (04/30/2014 09:29:56 AM) (Source: SideBySide)(User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2


=========================== Installed Programs ============================

Adblock Plus for IE (32-bit and 64-bit) (Version: 1.1)
Adblock Plus for IE (Version: 1.1)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Aeria Ignite (Version: 1.13.3296)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD VISION Engine Control Center (Version: 2012.1219.1521.27485)
Aura Kingdom
avast! EasyPass (Version: 7-7-8-128)
avast! Free Antivirus (Version: 9.0.2018)
Bing Bar (Version: 7.0.619.0)
CanoScan LiDE 700F Scanner Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.08)
CutePDF Writer 3.0 (Version:  3.0)
D3DX10 (Version: 15.4.2368.0902)
DjVuLibre+DjView (Version: 3.5.24+4.7c)
D-Link DWA-130 Wireless N USB Adapter (Version: )
DragonNest
Google Chrome (Version: 34.0.1847.131)
Google Update Helper (Version: 1.3.23.9)
HL-2270DW (Version: 1.0.7.0)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
MagicTunePremium (Version: 4.0.07)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
MapleStory
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 - en-us (Version: 15.0.4605.1003)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nexon Game Manager
NVIDIA PhysX (Version: 9.10.0514)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Localization Component (Version: 15.0.4605.1003)
PHANTASY STAR ONLINE 2
Realtek High Definition Audio Driver (Version: 6.0.1.6316)
SD Gundam Capsule Fighter (Version: 1.0.0)
SDFormatter (Version: 4.0.0)
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.14 (Version: 6.14.104)
System Requirements Lab CYRI (Version: 4.5.1.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.3 (Version: 4.1.0.2980)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
WinZip 17.5 (Version: 17.5.10480)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 4094.46 MB
Available physical RAM: 2365.67 MB
Total Pagefile: 8187.11 MB
Available Pagefile: 6174.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.98 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:810.77 GB) NTFS

========================= Users: ========================================

User accounts for \\WEN-PC

Administrator            Guest                    Wen                      


**** End of log ****
 

 

 

http://speccy.piriform.com/results/mewXFl0GNRDI2Ksj68QSrAd

 

 

 

 

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/02/2014 04:58:36 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 05/02/2014 04:59:10 PM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)
 

 

 

 

 

 

 

# AdwCleaner v3.205 - Report created 02/05/2014 at 17:11:20
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Wen - WEN-PC
# Running from : C:\Users\Wen\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Wen\AppData\Roaming\Mozilla\Firefox\Profiles\ya8v294f.default-1395752978540\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Wen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4366 octets] - [24/03/2014 19:40:06]
AdwCleaner[R10].txt - [2358 octets] - [02/05/2014 17:09:11]
AdwCleaner[R1].txt - [1010 octets] - [24/03/2014 19:47:23]
AdwCleaner[R2].txt - [1070 octets] - [24/03/2014 19:53:16]
AdwCleaner[R3].txt - [1191 octets] - [25/03/2014 08:45:54]
AdwCleaner[R4].txt - [1326 octets] - [25/03/2014 10:32:30]
AdwCleaner[R5].txt - [1446 octets] - [26/03/2014 12:00:56]
AdwCleaner[R6].txt - [1566 octets] - [26/03/2014 23:30:22]
AdwCleaner[R7].txt - [1684 octets] - [01/04/2014 00:02:59]
AdwCleaner[R8].txt - [1804 octets] - [01/04/2014 10:33:55]
AdwCleaner[R9].txt - [1924 octets] - [07/04/2014 17:50:53]
AdwCleaner[S0].txt - [4388 octets] - [24/03/2014 19:44:32]
AdwCleaner[S1].txt - [1132 octets] - [24/03/2014 19:55:07]
AdwCleaner[S2].txt - [1253 octets] - [25/03/2014 08:46:47]
AdwCleaner[S3].txt - [1387 octets] - [25/03/2014 10:33:22]
AdwCleaner[S4].txt - [1507 octets] - [26/03/2014 12:01:31]
AdwCleaner[S5].txt - [1627 octets] - [26/03/2014 23:31:02]
AdwCleaner[S6].txt - [1745 octets] - [01/04/2014 00:03:46]
AdwCleaner[S7].txt - [1865 octets] - [01/04/2014 10:35:28]
AdwCleaner[S8].txt - [1985 octets] - [07/04/2014 17:51:38]
AdwCleaner[S9].txt - [2278 octets] - [02/05/2014 17:11:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [2338 octets] ##########
 


Edited by Killer_Wolf, 02 May 2014 - 03:15 PM.


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:07 PM

Posted 02 May 2014 - 07:04 PM

Hi -

Generally nothing there except an old version of AdwCleaner .....

Open the program and hit Uninstall to remove all quarantined items, and the program.

 

This is a 1 hit program, and then reinstall later if required -

AdwCleaner[S9].txt 10 runs in a couple of days will now show nothing of any value (it was in [S0]txt.)

 

Extension.Mismatch, c:\Users\Wen\AppData\Roaming\Skype\last_edit_pos.gif,

This was just a "moving picture" sent over Skype (like :bounce: ) but not recognised -

Thanks for the visit, please call back if you have any other questions - :busy:



#6 Killer_Wolf

Killer_Wolf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 02 May 2014 - 07:20 PM

Alright , thank you very much for your time. Few months ago, my com was infected with a browser hijacker. So I keep making changes and use adwarecleaner every now and then to make sure that it never comes back.

 

Anyways, I think I am fine then, thanks again!

 

Edit: As for the other programs, do I remove them by deleting them? Or do I have to uninstall them?


Edited by Killer_Wolf, 02 May 2014 - 07:29 PM.


#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:07 PM

Posted 02 May 2014 - 07:29 PM

You are always Welcome -

 

Please start a new topic if you find any other problems and we will review it again -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users