Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

did system restore. am I still in trouble


  • Please log in to reply
9 replies to this topic

#1 DottieR

DottieR

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 10 July 2014 - 11:14 PM

I have windows 7, desktop.

 

Nothing worked when I turned it on this morning. Browser was a blank page. Couldn't get to system restore. Finally when I rebooted it came up in safe mode and I was able to do system restore. I got a  report of a virus from AVG, but I was not smart enough to write down what it was. Now it is all gone.

 

Things are working fine now. I just wonder if anything is lurking.

 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:19 PM

Posted 11 July 2014 - 12:53 AM

Hello -

First -

This is a "basic clean-up" and we will go further depending on your answers.

Please download and run RKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

 

Important: Do not reboot your computer until you complete the next step.

 

* NOW :
 Please download AdwCleaner by Xplode and save to your Desktop.
 * Double-click on AdwCleaner.exe to run the tool.
 * Vista/Windows 7/8 users right-click and select Run As Administrator.
 * Click on the Scan button (only once)
 * AdwCleaner will begin...be patient as the scan may take some time to complete.
 * After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
* Check the removals and see if you are OK with the list.

* Now
 * Click on the Clean button (only once)
 * Press OK when asked to close all programs, and follow the onscreen prompts.
 * Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
 * After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
 * Copy and Paste the contents of that logfile in your next reply.

* A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
1)  Double-click on mbam-setup.exe, then click on Run to install the application.
Follow the standard prompts through the installation, as this download has no hidden extras.
2)  Malwarebytes will automatically open.
3) Click on Update Now, after Malwarebytes is updated click on Scan Now.
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
6)  Please post the Malwarebytes log.
To find your Malwarebytes log,download mbam-check.exe from Here and save it to your desktop.
To open the log double click on mbam-check.exe on your desktop. 
When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

 

If you have any questions or problems, please tell us.

 

Once these programs are finished, please report on the current computer problems. :)



#3 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 15 July 2014 - 03:03 PM

No problems since I did the restore.

 

I am not sure if the rkill file copied properly.

 

ÿþR#k#i#l#l# #2#.#6#.#7# #b#y# #L#a#w#r#e#n#c#e# #A#b#r#a#m#s# #(#G#r#i#n#l#e#r#)#

 

# AdwCleaner v3.215 - Report created 15/07/2014 at 12:20:37
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\pe2vib0w.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1238 octets] - [15/07/2014 11:42:46]
AdwCleaner[R1].txt - [800 octets] - [15/07/2014 12:20:37]
AdwCleaner[S0].txt - [1311 octets] - [15/07/2014 12:14:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [919 octets] ##########

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/15/2014
Scan Time: 12:30:02 PM
Logfile: MBAM report 7-15-2014.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.15.12
Rootkit Database: v2014.07.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256778
Time Elapsed: 14 min, 3 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#4 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 15 July 2014 - 03:06 PM

I maybe posted the wrong thing. This is an MBAM report from the same scan.


I maybe posted the wrong thing. This is an MBAM report from the same scan.

mbam-check result log version:     2.1.1.1001
========================================

User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 32 bit Operating System
Current Version and Build:         6.1.7601.0 
Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/07/15
Malware Database:                  2014.07.15.13
Rootkit Database:                  2014.07.14.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/07/15 12:56:27
Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
	C:\Users\User\Documents\Decoz\setuphdf.exeREG_SZ		WINXPSP2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
	C:\Users\User\Desktop\SamsungUniversalPrintDriver2.exeREG_SZ		WIN7RTM


Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 23256     BYTES	FileVersion: 0.1.13.0	MD5: [8683c1b450f4b3872839308d836e0f92]
C:\Windows\system32\drivers\mwac.sys
File Size: 51928     BYTES	FileVersion: 1.0.1.0	MD5: [bd27d97297934fd4217a37fd28a7abc7]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 110296    BYTES	FileVersion: 0.1.7.0	MD5: [12e71da845d76665b56753ad149e32b3]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 74456     BYTES	FileVersion: 1.0.4.0	MD5: [1aa835e8a0b8edf3d676b4ed4bf5ef07]

--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


--------------MBAMWebAccessControl:--------------
Type:                   1
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


Required Dependencies:
======================

--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
	DisplayName                   REG_SZ		@%SystemRoot%\system32\bfe.dll,-1001
	Group                         REG_SZ		NetworkProvider
	ImagePath                     REG_EXPAND_SZ	%systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
	Description                   REG_SZ		@%SystemRoot%\system32\bfe.dll,-1002
	ObjectName                    REG_SZ		NT AUTHORITY\LocalService
	ErrorControl                  REG_DWORD		1
	Start                         REG_DWORD		2
	Type                          REG_DWORD		32
	DependOnService               REG_MULTI_SZ	RpcSs

	ServiceSidType                REG_DWORD		3
	RequiredPrivileges            REG_MULTI_SZ	SeAuditPrivilege

	FailureActions                REG_BINARY	Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
	ServiceDll                    REG_EXPAND_SZ	%SystemRoot%\System32\bfe.dll
	ServiceDllUnloadOnStop        REG_DWORD		1
	ServiceMain                   REG_SZ		BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
	{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY	Binary Data

	{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY	Binary Data

	{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY	Binary Data

	{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY	Binary Data

	{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY	Binary Data

	{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY	Binary Data

	{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY	Binary Data

	{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY	Binary Data

	{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY	Binary Data

	{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY	Binary Data

	{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY	Binary Data

	{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY	Binary Data

	{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY	Binary Data

	{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY	Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
	{39a601ca-e62e-4af0-9147-1f1abed2430d}REG_BINARY	Binary Data

	{7e1e0ec6-eb08-46fc-9c5b-24059680de00}REG_BINARY	Binary Data

	{4060ea52-e11a-49f4-9b52-f58b00cc41ef}REG_BINARY	Binary Data

	{acc52d54-5e2d-4379-8910-f7393816aae6}REG_BINARY	Binary Data

	{b082741f-324a-4fa8-ade7-93c97481b025}REG_BINARY	Binary Data

	{eda330a1-4a26-4550-844f-315c68d05fc1}REG_BINARY	Binary Data

	{ab1861a4-9ba7-4a49-819c-d1f3066190cb}REG_BINARY	Binary Data

	{f016cf0e-f210-4947-a17a-8613d0c45acc}REG_BINARY	Binary Data

	{69029c39-dfac-4768-bdc1-dbef041d7228}REG_BINARY	Binary Data

	{58bb3d6b-32bb-4e7d-9087-5f9d1d72152f}REG_BINARY	Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
	{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY	Binary Data

	{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY	Binary Data

	{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY	Binary Data

	{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY	Binary Data

	{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY	Binary Data

	{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY	Binary Data

	{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY	Binary Data

	{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY	Binary Data

	{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY	Binary Data

	{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY	Binary Data

	{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY	Binary Data

	{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY	Binary Data

	{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY	Binary Data

	{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY	Binary Data

	{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY	Binary Data

	{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY	Binary Data

	{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY	Binary Data

	{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY	Binary Data

	{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY	Binary Data

	{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY	Binary Data

	{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY	Binary Data

	{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY	Binary Data

	{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY	Binary Data

	{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY	Binary Data

	{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY	Binary Data

	{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY	Binary Data

	{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY	Binary Data

	{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY	Binary Data

	{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY	Binary Data

	{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY	Binary Data

	{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY	Binary Data

	{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY	Binary Data

	{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY	Binary Data

	{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY	Binary Data

	{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY	Binary Data

	{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY	Binary Data

	{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY	Binary Data

	{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY	Binary Data

	{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY	Binary Data

	{a9bdb705-06d9-4978-ba91-884127762079}REG_BINARY	Binary Data

	{68806cd2-dc1a-4ebf-8d5f-f66f3b5a188e}REG_BINARY	Binary Data

	{c61756ee-5b8a-464c-94e3-7976cf0f0797}REG_BINARY	Binary Data

	{986dd3dd-f49a-4eef-8ce4-2b5e8c9faeea}REG_BINARY	Binary Data

	{9568ff84-e876-47ac-a430-007f7d5510bb}REG_BINARY	Binary Data

	{4ef12e77-6726-45be-b14c-14f704e4324b}REG_BINARY	Binary Data

	{f7b17b5c-512d-45af-bb29-be9afef8268a}REG_BINARY	Binary Data

	{f30dd197-583e-4891-8360-5da90c0e880a}REG_BINARY	Binary Data

	{c692efa4-c1c6-4147-b39e-788b097adb6d}REG_BINARY	Binary Data

	{016a59fe-edfe-4015-9f24-c585a8a17e2e}REG_BINARY	Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
	{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY	Binary Data

	{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY	Binary Data

	{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY	Binary Data

	{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY	Binary Data

	{34bb4b10-3ece-4c99-a209-e506533c03c0}REG_BINARY	Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
	{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY	Binary Data

	{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY	Binary Data

	{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY	Binary Data

	{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY	Binary Data

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
	AttachWhenLoaded              REG_DWORD		1
	DisplayName                   REG_SZ		@%SystemRoot%\system32\drivers\fltmgr.sys,-10001
	Group                         REG_SZ		FSFilter Infrastructure
	ImagePath                     REG_EXPAND_SZ	system32\drivers\fltmgr.sys
	Description                   REG_SZ		@%SystemRoot%\system32\drivers\fltmgr.sys,-10000
	ErrorControl                  REG_DWORD		3
	Start                         REG_DWORD		0
	Tag                           REG_DWORD		1
	Type                          REG_DWORD		2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
	0                             REG_SZ		Root\LEGACY_FLTMGR\0000
	Count                         REG_DWORD		1
	NextInstance                  REG_DWORD		1


C:\Windows\system32\drivers\fltmgr.sys
File Size: 198208    BYTES	FileVersion: 6.1.7600.16385	MD5: [7520ec808e0c35e0ee6f841294316653]
C:\Windows\system32\comctl32.ocx
File Size: 604432    BYTES	FileVersion: 5.1.43.19	MD5: [b4882ca12de7af2487ce05235f47f0eb]
C:\Windows\system32\mscomctl.ocx
File Size: 1077336   BYTES	FileVersion: 6.1.95.45	MD5: [f7bbb7d79adb9e3adc13f3b3c33d3d4d]
C:\Windows\system32\olepro32.dll
File Size: 90112     BYTES	FileVersion: 6.1.7601.17514	MD5: [703ffd301ab900b047337c5d40fd6f96]


MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              0 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       7000 
ScanHistory: 
    Duration_Complete:                                         232000 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       1000 
    Duration_Heuristics:                                       495000 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          43000 
    Duration_Registry:                                         25000 
    Duration_Sector:                                           0 
    Duration_Startup:                                          45000 
    ItemCount_Complete:                                        212375 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      34337 
    ItemCount_Heuristics:                                      7066 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         0 
    ItemCount_Registry:                                        541 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         2459 
    LastScanDateEpoch:                                         1405452601930 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2014-07-15T19:51:28 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    1 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Trial 
  Expiration Time:                                             2014/07/29 19:27:44 
  Activation Time:                                             2014/07/15 19:27:44 
  Trial Used:                                                  true 
--------------Access Policies:--------------

Scheduler Queue:
================

tasks: 
    24c90f1e-a406-4a5f-8a74-ab6e4312ac23:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             true 
        TaskType:                                              3 
      triggers:                                                 
        ef857b6b-2663-4053-8907-1d8d0f1cd146:                   
          dateinterval:                                        0:0:0 
          lastscheduled:                                       Tue, 15 Jul 2014 12:51:14.796875 -0700 
          lasttriggered:                                       Tue, 15 Jul 2014 12:51:14.796875 -0700 
          nextscheduled:                                       Tue, 15 Jul 2014 13:43:15.796875 -0700 
          recovery:                                            00:00:00 
          start:                                               Tue, 15 Jul 2014 12:57:41.390625 -0700 
          timeinterval:                                        01:00:00 
          type:                                                3 
          uuid:                                                ef857b6b-2663-4053-8907-1d8d0f1cd146 
      type:                                                    update 
      uuid:                                                    24c90f1e-a406-4a5f-8a74-ab6e4312ac23 
    da1373a6-9d93-4c40-b0b2-5c5090cc0176:                       
      parameters:                                               
        CheckForUpdatesBeforeScanStart:                        true 
        ScanConfig:                                             
          ExitWhenNoMalwareDetected:                           false 
          ExportLog:                                           true 
          FileSystemOption:                                    true 
          RebootSystemWhenMalwareDetected:                     false 
          RemoveMalwareAutomaticallyWhenScanEnds:              false 
          ScanArchives:                                        true 
          ScanExtra:                                           true 
          ScanHeuristic:                                       true 
          ScanMemoryObjects:                                   true 
          ScanPUM:                                             2 
          ScanPUP:                                             2 
          ScanRegistry:                                        true 
          ScanRootkits:                                        false 
          ScanStartup:                                         true 
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true 
          TerminateExplorerWhenMalwareIsRemoved:               false 
        StartTaskFromSystemAccount:                            false 
        TaskType:                                              0 
      triggers:                                                 
        fabf892d-87e1-4721-b36a-942bdbb33507:                   
          dateinterval:                                        1:0:0 
          lastscheduled:                                        
          lasttriggered:                                        
          nextscheduled:                                       Wed, 16 Jul 2014 02:30:13 -0700 
          recovery:                                            23:00:00 
          start:                                               Wed, 16 Jul 2014 02:39:43 -0700 
          timeinterval:                                        00:00:00 
          type:                                                4 
          uuid:                                                fabf892d-87e1-4721-b36a-942bdbb33507 
      type:                                                    scan 
      uuid:                                                    da1373a6-9d93-4c40-b0b2-5c5090cc0176 

Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
	Type                          REG_DWORD		2
	Start                         REG_DWORD		3
	ErrorControl                  REG_DWORD		1
	ImagePath                     REG_EXPAND_SZ	\??\C:\Windows\system32\drivers\mbam.sys
	Group                         REG_SZ		FSFilter Anti-Virus
	DependOnService               REG_MULTI_SZ	FltMgr

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
	DefaultInstance               REG_SZ		MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
	Altitude                      REG_SZ		328800
	Flags                         REG_DWORD		0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
	PassThruFile                  REG_SZ		mbampt.exe
	ProductPath                   REG_SZ		C:\Program Files\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
	0                             REG_SZ		Root\LEGACY_MBAMPROTECTOR\0000
	Count                         REG_DWORD		1
	NextInstance                  REG_DWORD		1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
	Type                          REG_DWORD		16
	Start                         REG_DWORD		2
	ErrorControl                  REG_DWORD		1
	ImagePath                     REG_EXPAND_SZ	"C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe"
	DependOnService               REG_MULTI_SZ	MBAMProtector

	ObjectName                    REG_SZ		LocalSystem
	Description                   REG_SZ		Malwarebytes Anti-Malware service
	DelayedAutostart              REG_DWORD		0

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
	Type                          REG_DWORD		16
	Start                         REG_DWORD		2
	ErrorControl                  REG_DWORD		1
	ImagePath                     REG_EXPAND_SZ	"C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe"
	ObjectName                    REG_SZ		LocalSystem
	Description                   REG_SZ		Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Override: 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
	ProxyOverride	REG_SZ		*.local

LAN Settings:
=============

only 'Automatically detect settings' is selected

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
	SystemPartition	REG_SZ		\Device\HarddiskVolume2

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
		h:mm:ss tt
		AM 
		PM 
		:

Currently:
REG_SZ		h:mm:ss tt
REG_SZ		AM
REG_SZ		PM
REG_SZ		:

Language and Regional Settings:
===============================

ACP: 	Language is English (United States)
MACCP: 	Language is English (United States)
OEMCP: 	Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.


Context Menu Entries:
=====================
















List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes Anti-Malware\
7z.dll                                  	File Size: 920888    BYTES	FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                             	File Size: 2261      BYTES	FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                             	File Size: 39478     BYTES	FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                             	File Size: 1258      BYTES	FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                	File Size: 579896    BYTES	FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                	File Size: 6970168   BYTES	FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                            	File Size: 1680696   BYTES	FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                             	File Size: 54072     BYTES	FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                             	File Size: 157496    BYTES	FileVersion:  3.0.4.0        MD5: [1be09650974c36d9b2a890eea0c338c3]
mbampt.exe                              	File Size: 39736     BYTES	FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                       	File Size: 1809720   BYTES	FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                         	File Size: 860472    BYTES	FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                             	File Size: 4437816   BYTES	FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                            	File Size: 421688    BYTES	FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                            	File Size: 774456    BYTES	FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                             	File Size: 2732856   BYTES	FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                              	File Size: 8575288   BYTES	FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                          	File Size: 909112    BYTES	FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                            	File Size: 21745     BYTES	FileVersion:  N/A            MD5: [9991e424d6731e76396a945c8d34bbb2]
unins000.exe                            	File Size: 718037    BYTES	FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           	File Size: 235882    BYTES	FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                            	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                      	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                      	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                      	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                      	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                         	File Size: 1181496   BYTES	FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                            	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                             	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                            	File Size: 750392    BYTES	FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

C:\Program Files\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                               	File Size: 32568     BYTES	FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]

C:\Program Files\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                              	File Size: 144048    BYTES	FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                              	File Size: 145523    BYTES	FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                              	File Size: 132254    BYTES	FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                              	File Size: 141243    BYTES	FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                              	File Size: 130101    BYTES	FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                              	File Size: 149462    BYTES	FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                              	File Size: 149912    BYTES	FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                              	File Size: 115961    BYTES	FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                              	File Size: 130487    BYTES	FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                              	File Size: 138126    BYTES	FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                              	File Size: 144256    BYTES	FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                              	File Size: 149253    BYTES	FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                              	File Size: 116101    BYTES	FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                              	File Size: 139841    BYTES	FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                              	File Size: 145621    BYTES	FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                              	File Size: 143102    BYTES	FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                              	File Size: 146851    BYTES	FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                              	File Size: 121282    BYTES	FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                              	File Size: 118033    BYTES	FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                              	File Size: 146325    BYTES	FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                              	File Size: 142918    BYTES	FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                              	File Size: 145434    BYTES	FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                           	File Size: 131739    BYTES	FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                           	File Size: 149128    BYTES	FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                              	File Size: 121166    BYTES	FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                              	File Size: 122186    BYTES	FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                              	File Size: 119827    BYTES	FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                              	File Size: 143191    BYTES	FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                              	File Size: 143261    BYTES	FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                              	File Size: 142525    BYTES	FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                              	File Size: 142194    BYTES	FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                              	File Size: 126874    BYTES	FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                           	File Size: 110870    BYTES	FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           	File Size: 821560    BYTES	FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

C:\Users\User\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             	File Size: 314       BYTES	FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
domains.ref                             	File Size: 38        BYTES	FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                          	File Size: 0         BYTES	FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 	File Size: 33        BYTES	FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
rules.ref                               	File Size: 8836723   BYTES	FileVersion:  N/A            MD5: [72b4acaa89845b0817f6a2736101a20e]
swissarmy.ref                           	File Size: 21903     BYTES	FileVersion:  N/A            MD5: [68cc3f4cebf0705040feee779c643c8e]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                              	File Size: 4486      BYTES	FileVersion:  N/A            MD5: [9aa5409291b5cf48af4f4c972afdd6d9]
database.conf                           	File Size: 4         BYTES	FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         	File Size: 4         BYTES	FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                            	File Size: 461       BYTES	FileVersion:  N/A            MD5: [149633c6f90c6ec39927cf2196ef6b5f]
manifest.conf                           	File Size: 2133      BYTES	FileVersion:  N/A            MD5: [efd39c061dcd3e360b2a0a5cb6a12af5]
marketing.conf                          	File Size: 1434      BYTES	FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                	File Size: 6096      BYTES	FileVersion:  N/A            MD5: [edb1db1b198c8cd99938f3facacd5080]
notifications.conf                      	File Size: 4         BYTES	FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                          	File Size: 2121      BYTES	FileVersion:  N/A            MD5: [4503da1639faf042e392558de4fcfd31]
settings.conf                           	File Size: 1994      BYTES	FileVersion:  N/A            MD5: [67c7166a4b03c5a06326780912e6cd72]
statistics.conf                         	File Size: 597       BYTES	FileVersion:  N/A            MD5: [41c49c39c45e6f53c6bb0840fb80f113]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-07-15 (12-28-34).xml      	File Size: 2494      BYTES	FileVersion:  N/A            MD5: [c169b676955b56da42ca7c70a0975f03]
protection-log-2014-07-15.xml           	File Size: 5583      BYTES	FileVersion:  N/A            MD5: [26f26b194d2b5af6aad5c7695265d666]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:19 PM

Posted 15 July 2014 - 06:34 PM

The first MBAM report was enough. It showed clean (like the second report)

 

There is a problem with your RKill log, that may indicate something is wrong.

Please Re-Run RKill again and see below.

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.

There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run and produce a good log, not both of them.

 

You may get warnings from your antivirus about this tool, ignore them or Temporarily Disable your Antivirus.

 

RKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with RKill log.
Post it in your next reply.

NOTE. RKill.txt log will also be present on your desktop.



#6 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 15 July 2014 - 08:45 PM

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/15/2014 06:44:27 PM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 07/15/2014 06:45:48 PM
Execution time: 0 hours(s), 1 minute(s), and 20 seconds(s)
 



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:19 PM

Posted 15 July 2014 - 09:38 PM

That is all correct now.

 

I will watch for a day or 2 and see if the problem returns.

If there are new problems, please start a new topic -



#8 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 15 July 2014 - 09:46 PM

Thank you.



#9 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 24 July 2014 - 05:37 PM

Everything was fine for a few days. Then I lost my CD driver. fixed that. then lost the keyboard driver and the mouse had an error mark in the device manager. Then couldn't get to recovery and it was turned off, not by me. Tried to install a fix for windows installer and eventually, on restart I got a white taskbar and a blank browser window. So I went back to restore again. That is where I am now with no confidence that this will last. I suppose I should just restore from the original system image while I can get to it.



#10 DottieR

DottieR
  • Topic Starter

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 24 July 2014 - 08:48 PM

> The final post I received was this.
>
> "That is all correct now.
>
>
>
> I will watch for a day or 2 and see if the problem returns.
>
> If there are new problems, please start a new topic -"
>
>
 Since the 2 days are past I did not think he would still be watching. I
 was unsure that anyone would see it if it was closed.
 

So one of you says I should stay on the old topic, the other says to start
a new one.
I wish I could get such speedy response with some actual help.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users