Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet connection but browsers don't work. Unable to connect to proxy server.


  • This topic is locked This topic is locked
76 replies to this topic

#1 liney

liney

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 20 May 2014 - 08:47 PM

In a nutshell, it looks my parents' computer is able to get wifi connection and is connected to the "internet" but none of the browsers work, e.g. IE and Chrome, thus we can't actually get online. I am posting from another computer and have followed your guide by downloading DDS, etc and transferring program(s)/document(s) via a flash drive.

 

My mom tried to download some sort of accounting software guide/tutorial onto her computer. In the middle of the download, I saw that she was actually downloading quite a bit of "other" stuff including some games and other browsers and search engines, so we were able to stop some of the downloads midway. I went in and uninstalled and deleted the programs that came in that day that didn't seem familiar.

 

Unfortunately, after doing that the browsers stopped working and have the error message: (Chrome) Unable to connect to proxy server and (IE) The proxy server isn't responding; check your proxy settings 127.0.0.1:8877.

 

This is just a home computer and I am not aware of any proxy servers that we set up here. I tried to follow their instructions to try and fix the problem and Go to Tools> Internet Options > Connections and go to LAN settings and UNCHECK the proxy server box. Unfortunately, every time I uncheck the box, it is immediately rechecked when I open it again.

 

I did find another thread where someone had a similar problem. We tried to download some programs and follow the instructions exactly. It worked for that person, but not us. I hope that didn't mess things up more.

 

Please help! Thanks so much.

 

 

 

DDS.txt 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Lee at 17:29:54 on 2014-05-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3895.1658 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\dlcccoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Users\Lee\AppData\Local\Hyper Browser\HyperBrowser.exe
C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
C:\Users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\SftVss64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
C:\Users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
C:\Windows\System32\vds.exe
C:\Users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = www.google.com
uProxyServer = hxxp=127.0.0.1:8118;https=127.0.0.1:8118
uSearchAssistant = www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [Google Update] "C:\Users\Lee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
dRunOnce: [{90120000-0011-0000-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
StartupFolder: C:\Users\Lee\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PASTAQ~1.LNK - C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C6F5A737-F80F-4AD8-B2A7-845A7C8B14D3} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [DLCCCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCCtime.dll,RunDLLEntry
x64-Run: [dlccmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 924\dlccmon.exe"
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-6-22 782360]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-6-22 343696]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-22 55280]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-1-9 89600]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-11-23 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-22 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-5-7 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-1-9 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-22 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-11-23 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-11-23 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-11-23 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-11-23 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-11-23 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-11-23 1025232]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-8-19 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-8-19 182752]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-22 689472]
R2 System Update kb70007;System Update kb70007;C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe [2014-5-7 16384]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-22 2320920]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-11-22 20984]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-11-22 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-22 35104]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-8-19 70112]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-11-22 172704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-22 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-11-22 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-11-22 289280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-1-9 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-8-19 311120]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-8-19 519576]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-11-23 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-2 111616]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-22 232480]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-22 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-6 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-11 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2014-05-21 00:32:32 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-05-21 00:32:01 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6C0C7B2D-587A-4E70-9C0F-782FFA9C6B30}\mpengine.dll
2014-05-12 23:28:29 -------- d-----w- C:\_OTL
2014-05-12 23:20:17 -------- d-----w- C:\RegBackup
2014-05-12 23:13:44 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2014-05-12 05:06:40 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0AACF3D-6B09-4AFA-BED5-87167994BDCA}\offreg.dll
2014-05-12 01:58:37 10651704 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A0AACF3D-6B09-4AFA-BED5-87167994BDCA}\mpengine.dll
2014-05-12 01:58:30 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-05-07 15:21:39 -------- d-----w- C:\Users\Lee\AppData\Roaming\MiniGet
2014-05-07 15:18:15 -------- d-----w- C:\temp
2014-05-07 15:17:06 -------- d-----w- C:\Program Files\002
2014-05-07 15:13:27 -------- d-----w- C:\Users\Lee\AppData\Local\Hyper Browser
2014-05-07 15:13:03 -------- d-----w- C:\Windows\Microsoft
2014-05-07 15:12:57 -------- d-----w- C:\Program Files (x86)\MSR
2014-05-07 15:12:33 -------- d-----w- C:\ProgramData\pastaleads
2014-05-07 15:11:24 -------- d-----w- C:\Users\Lee\AppData\Local\10679
2014-05-07 10:01:13 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-06 15:22:02 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-06 15:22:02 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-04 07:41:00 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-04 07:41:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-02 00:21:43 -------- d-sh--w- C:\Users\Lee\AppData\Local\EmieUserList
2014-05-02 00:21:43 -------- d-sh--w- C:\Users\Lee\AppData\Local\EmieSiteList
2014-04-22 21:18:30 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M  ====================
.
2014-05-21 00:31:50 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-21 00:31:50 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-21 00:31:20 17938608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-02-28 22:16:46 61736 ----a-w- C:\Windows\System32\drivers\netfilter64.sys
.
============= FINISH: 17:37:49.58 ===============
 
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 24 May 2014 - 04:02 PM

Hi and Welcome!!   
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 
Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 

81mYIKe.jpg  AdwCleaner
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------
 

weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#3 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 26 May 2014 - 09:59 PM

Thanks Jeff for helping me/us out.

 

 

AdwCleaner log report

 

# AdwCleaner v3.211 - Report created 26/05/2014 at 19:43:40
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lee - LEE-PC
# Running from : C:\Users\Lee\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Program Files (x86)\MSR
Folder Found : C:\Program Files\002
 
***** [ Shortcuts ] *****
 
Shortcut Found : C:\Users\Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.helperbar.com/?publisher=MuvicAMBS&dpid=MuvicAMBS&co=US&userid=45758d0d-6321-03ae-97ad-8975e5cc7f26&searchtype=sc&installDate=07/05/2014&barcodeid=131768&um=0 )
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\TutoTag
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Free_soft_today
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\Software\Tutorials
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Found : [x64] HKLM\SOFTWARE\RrSavings
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Lee\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2499 octets] - [26/05/2014 19:43:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2559 octets] ##########
 

Attached Files



#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 27 May 2014 - 06:40 AM

LlJESjW.jpgMalwarebytes Anti-Rootkit
 
Please download Malwarebytes Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
  • If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If there is no malware found, please let me know as well.
----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 27 May 2014 - 10:33 AM

Hi Jeff,

 

This may be a stupid question, but I just want to be sure I'm doing things correctly. Before I use the next program (Malwarebytes Anti-Root), I just wanted to make sure I'm was not supposed to be CLEANING anything with the first two programs (AdwCleaner and tdsskiller). So far I've done exactly as you asked and scanned and then reported, but haven't actually hit any CLEAN buttons.

 

But it does seem that with the new Malwarebytes Anti-Root program instructions I will start cleaning.

 

Thanks for the clarification.

 

Caroline



#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 27 May 2014 - 11:11 AM

Hi,

 

Great questions.  Right now I am trying to get accurate diagnostics of what is on your system.  Once we know for sure what we are dealing with we will begin cleaning.  :)

 

When you get the Malwarebytes AntiRootkit ran, post the log if one is made.  


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 27 May 2014 - 02:08 PM

Ok, ran the Malwarebytes Anti-Root program and got a clean bill. There were two logs. I cut and paste one and attached something called system-log.

 

 

----------------

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.05.27.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Lee :: LEE-PC [administrator]
 
5/27/2014 10:34:34 AM
mbar-log-2014-05-27 (10-34-34).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 263605
Time elapsed: 39 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 

Attached Files



#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 27 May 2014 - 04:51 PM

ComboFix
 
Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2
 
**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.


 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 27 May 2014 - 06:23 PM

Since I'm not able to access the internet on the affected computer, I have been downloading the programs onto another computer and then saving them onto a flash drive and then loading them onto the affected computer. Because of this, I can not download Combofix directly to the affected computer's desktop as you requested.  **Note:  It is important that it is saved directly to your desktop**

 

Will this be a problem? Additionally, the links you provided, download the program directly into the 'My Downloads' folder. There does not seem to be a problem downloading from either link.

 

Please clarify how to proceed. Thanks.



#10 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 27 May 2014 - 07:18 PM

As long as you put ComboFix on the Desktop of the infected computer, it makes no difference how it gets there.  :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#11 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 27 May 2014 - 07:51 PM

We used to have McAfee on the computer. The subscription has run out; so I thought we wouldn't have any anti-virus/anti-spy applications on. I tried to check via your methods anyway and the McAfee window prompt doesn't allow me to go any further in anything than the YOUR SUBSCRIPTION HAS EXPIRED window. So I ran ComboFix but it gave me a warning message:

 

ComboFix has detected the following real time scanner(s) to be active:

antivirus: McAfee Anti-Virus and Anti-Spyware

antispyware: McAfee Anti-Virus and Anti-Spyware

 

blah blah blah

Please disable scanners before clicking 'OK'. 

 

I clicked on your suggested link on how to disable the antivirus/spy applications and after following directions ran into the subscription expired message which to me means it shouldn't be running. I thought maybe another thing I could do is just uninstall the program.

 

Any suggestions on how to disable? or what I should do before hitting OK to ComboFix.



#12 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 27 May 2014 - 10:06 PM

Just go ahead with running ComboFix.  :)  You should be ok.


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#13 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 27 May 2014 - 10:50 PM

OK running ComboFix when I received the following error message:

 

 

Application Error

 

Exception EAccessViolation in module ERUNT.3XE at 00003A38.

Access violation at address 00403A38 in module 'ERUNT.3XE'.

Read of address 0076005D.

 

Should I just click OK? Or do I need to do something else....



#14 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:05 AM

Posted 28 May 2014 - 06:50 AM

Yes, just click ok.  :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#15 liney

liney
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 28 May 2014 - 10:31 AM

ok. here is the log.

 

ComboFix 14-05-27.02 - Lee 05/27/2014  20:27:42.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3895.1972 [GMT -7:00]
Running from: c:\users\Lee\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lee\AppData\Local\Temp\{55052BE8-1B58-42FD-83E7-56B6F46A7A0F}\{4E633569-B5BA-4DD4-8935-212DAF8A173C}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
c:\users\Lee\AppData\Local\Temp\{55052BE8-1B58-42FD-83E7-56B6F46A7A0F}\{4FE1B539-D510-471E-90C2-085B162A9991}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
c:\users\Lee\AppData\Local\Temp\{55052BE8-1B58-42FD-83E7-56B6F46A7A0F}\{6C23EA24-6DA6-4DDD-857E-34C55E40704F}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
c:\users\Lee\AppData\Local\Temp\{55052BE8-1B58-42FD-83E7-56B6F46A7A0F}\{FDF96931-1D11-4F5C-8940-3D8ECE0029C0}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
c:\windows\MICROSOFT
c:\windows\MICROSOFT\System Update kb70007\Installer.dll
c:\windows\MICROSOFT\System Update kb70007\InstallerLibrary.dll
c:\windows\MICROSOFT\System Update kb70007\win32.reg
c:\windows\MICROSOFT\System Update kb70007\WindowsUpdater.exe
Y:\Autorun.inf
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_System Update kb70007
-------\Service_System Update kb70007
.
.
(((((((((((((((((((((((((   Files Created from 2014-04-28 to 2014-05-28  )))))))))))))))))))))))))))))))
.
.
2014-05-28 03:46 . 2014-05-28 03:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-27 17:34 . 2014-05-27 18:59 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-27 17:33 . 2014-05-27 17:33 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-27 02:43 . 2014-05-27 02:44 -------- d-----w- C:\AdwCleaner
2014-05-21 03:34 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-21 03:34 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-21 03:34 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-21 03:34 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-21 00:43 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-05-21 00:43 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-21 00:43 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-12 23:28 . 2014-05-12 23:28 -------- d-----w- C:\_OTL
2014-05-12 23:20 . 2014-05-12 23:20 -------- d-----w- C:\RegBackup
2014-05-12 23:13 . 2014-05-12 23:13 -------- d-----w- c:\program files (x86)\Tweaking.com
2014-05-12 01:58 . 2014-03-31 16:35 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-05-07 15:21 . 2014-05-07 15:23 -------- d-----w- c:\users\Lee\AppData\Roaming\MiniGet
2014-05-07 15:18 . 2014-05-07 15:20 -------- d-----w- C:\temp
2014-05-07 15:17 . 2014-05-08 04:18 -------- d-----w- c:\program files\002
2014-05-07 15:13 . 2014-05-07 15:15 -------- d-----w- c:\users\Lee\AppData\Local\Hyper Browser
2014-05-07 15:12 . 2014-05-07 15:13 -------- d-----w- c:\program files (x86)\MSR
2014-05-07 15:12 . 2014-05-07 15:12 -------- d-----w- c:\programdata\pastaleads
2014-05-07 15:11 . 2014-05-08 04:15 -------- d-----w- c:\users\Lee\AppData\Local\10679
2014-05-07 10:01 . 2014-05-26 22:37 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-02 00:21 . 2014-05-02 00:21 -------- d-sh--w- c:\users\Lee\AppData\Local\EmieUserList
2014-05-02 00:21 . 2014-05-02 00:21 -------- d-sh--w- c:\users\Lee\AppData\Local\EmieSiteList
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-21 03:30 . 2011-05-11 03:58 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-21 00:31 . 2012-04-30 19:08 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-21 00:31 . 2011-06-27 03:25 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 23:20 . 2014-05-27 02:02 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB1B426F-025B-421E-A9F5-8E6A2DE30599}\mpengine.dll
2014-04-22 21:18 . 2014-04-22 21:18 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-01 05:46 . 2014-04-01 05:46 130712 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2014-04-01 05:46 . 2014-04-01 05:46 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-04 09:44 . 2014-04-10 03:58 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-10 03:58 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-10 03:58 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-10 03:58 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-10 03:58 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-10 03:58 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-10 03:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-10 03:58 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-10 03:58 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-10 03:58 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-10 03:58 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-02-28 22:16 . 2014-02-28 22:16 61736 ----a-w- c:\windows\system32\drivers\netfilter64.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-04-21 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-25 537512]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-25 537512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"{90120000-0011-0000-0000-0000000FF1CE}"="del" [X]
.
c:\users\Lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 00:31]
.
2014-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-21 19:54]
.
2014-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf6a416bc372a8.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-21 19:54]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-567996611-2805573329-3323853594-1001Core.job
- c:\users\Lee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 22:30]
.
2014-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-567996611-2805573329-3323853594-1001UA1cf4a269f8b479d.job
- c:\users\Lee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-09 22:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-07 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-07 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-07 415256]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-03 5712896]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"DLCCCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCCtime.dll" [2006-02-24 28672]
"dlccmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 924\dlccmon.exe" [2007-01-30 431600]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:8118;https=127.0.0.1:8118
uSearchAssistant = www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
.
- - - - ORPHANS REMOVED - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PastaQuotes.lnk - c:\program files (x86)\pastaleads\PastaLeadsWinApp.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
c:\users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
c:\users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
c:\users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
c:\users\Lee\AppData\Local\HYPERB~1\CHROME~1\chrome.exe
.
**************************************************************************
.
Completion time: 2014-05-28  08:23:46 - machine was rebooted
ComboFix-quarantined-files.txt  2014-05-28 15:23
.
Pre-Run: 411,571,224,576 bytes free
Post-Run: 410,707,902,464 bytes free
.
- - End Of File - - 7A42163B93EFE9801EA59750CA4E87AA





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users