Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BACKDOOR SPYRAT


  • Please log in to reply
3 replies to this topic

#1 madbomber1945

madbomber1945

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 19 July 2014 - 11:28 AM

I have tried to remove "backdoor spyrat " with Malwarebites antimalware but keeps coming back into system on startup. I have run "hijack this" but need help with it. 


Edited by Queen-Evie, 19 July 2014 - 12:00 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:44 AM

Posted 19 July 2014 - 12:01 PM

Hallo madbomber1945 and :welcome:

Let`s see the log where detection was.

C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

 

Also

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

Thank you!



#3 madbomber1945

madbomber1945
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 19 July 2014 - 04:30 PM

OK. So these are the results from each of the three scans.

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/19/2014

Scan Time: 3:07:34 PM

Logfile:

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.19.07

Rootkit Database: v2014.07.17.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x86

File System: NTFS

User: Anto

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 349869

Time Elapsed: 19 min, 58 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 10

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\AddedAppDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\DetectedAppDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\EngineFirstTimeDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\ToolbarFirstTimeDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\ToolbarUntrustedAppsApprovalDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\UntrustedAddedAppDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\UntrustedAppApprovalDialog, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\UTORRENTCONTROL_V6\Dialogs\UntrustedAppPendingDialog, , [ea797130611a94a265320d9d4fb312ee],

 

Files: 22

Backdoor.SpyRat, c:\dir\install\install\jtdll.exe, , [1152336ed9a2152102460921ac5722de],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\hk64tbuTor.dll, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\hktbuTor.dll, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\ldrtbuTor.dll, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\tbuTo1.dll, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\tbuTor.dll, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\toolbar.cfg, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\DialogsAPI.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\excanvas.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\PIE.htc, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\settings.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\AddedAppDialog\app-added.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\DetectedAppDialog\app-2go.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.UTorrentControl.A, C:\Users\Anto\AppData\LocalLow\uTorrentControl_v6\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, , [ea797130611a94a265320d9d4fb312ee],

PUP.Optional.Conduit.A, C:\Users\Anto\AppData\Roaming\Mozilla\Firefox\Profiles\vgeresul.default-1375074651980\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN32820341831212831&UM=2&q=");), ,[a0c3b9e8a7d4300611054d8c3ec6e020]

PUP.Optional.Conduit.A, C:\Users\Anto\AppData\Roaming\Mozilla\Firefox\Profiles\vgeresul.default-1375074651980\prefs.js, Good: (), Bad: (user_pref("CT3289075.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN32820341831212831&UM=2&q=");), ,[4f14574a354649ed60cc9544a75d629e]

PUP.Optional.Conduit.A, C:\Users\Anto\AppData\Roaming\Mozilla\Firefox\Profiles\vgeresul.default-1375074651980\prefs.js, Good: (), Bad: (user_pref("CT3289075.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=15&CUI=UN32820341831212831&SSPV=&Lay=1&UM=2\"}");), ,[73f0bde4f685cb6b102be6f38c784ab6]

 

Physical Sectors: 0

(No malicious items detected)

(end)

 

-------------------------------------------------------------------------------------------------------------------------------------------------------

 

 Results of screen317's Security Check version 0.99.85 

 Windows 7 Service Pack 1 x86 (UAC is enabled) 

 Internet Explorer 10 Out of date!

``````````````Antivirus/Firewall Check:``````````````

 Windows Security Center service is not running! This report may not be accurate!

avast! Antivirus               

Spyware Doctor with AntiVirus  

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:`````````

  Adobe Flash Player    12.0.0.77 Flash Player out of Date! 

 Adobe Reader 10.1.9 Adobe Reader out of Date! 

 Mozilla Firefox 19.0 Firefox out of Date! 

 Google Chrome 35.0.1916.153 

 Google Chrome 36.0.1985.125 

````````Process Check: objlist.exe by Laurent```````` 

 Microsoft Security Essentials MSMpEng.exe

 Microsoft Security Essentials msseces.exe

 Malwarebytes Anti-Malware mbamscheduler.exe  

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

 

--------------------------------------------------------------------------------------------------------------------------

 

 

MiniToolBox by Farbar  Version: 06-07-2014
Ran by Anto (administrator) on 19-07-2014 at 17:25:10
Running from "C:\Users\Anto\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:62828
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
Hosts file not detected in the default directory
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/19/2014 03:06:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xe58
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/19/2014 01:10:00 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKslabdd5271.
 
System Error:
The system cannot find the file specified.
.
 
Error: (07/19/2014 01:03:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x408
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (07/19/2014 01:03:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0x3cc
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (07/19/2014 01:02:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 35.0.1916.153, time stamp: 0x538fb354
Faulting module name: chrome.dll, version: 35.0.1916.153, time stamp: 0x538fb051
Exception code: 0x80000003
Fault offset: 0x00485166
Faulting process id: 0xb3c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (07/19/2014 10:26:03 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKslb1d36f48.
 
System Error:
The system cannot find the file specified.
.
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19188
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19188
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/19/2014 05:28:56 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18174
 
 
System errors:
=============
Error: (07/19/2014 04:01:02 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
oysrlpq
 
Error: (07/19/2014 04:01:02 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: 
%%1058
 
Error: (07/19/2014 04:01:02 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
 
Error: (07/19/2014 04:00:32 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (07/19/2014 04:00:31 PM) (Source: Service Control Manager) (User: )
Description: The rimsptsk service failed to start due to the following error: 
%%1058
 
Error: (07/19/2014 04:00:31 PM) (Source: Service Control Manager) (User: )
Description: The rimmptsk service failed to start due to the following error: 
%%1058
 
Error: (07/19/2014 04:00:31 PM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error: 
%%2
 
Error: (07/19/2014 04:00:29 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
 
Error: (07/19/2014 04:00:29 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (07/19/2014 04:00:29 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (07/19/2014 03:06:05 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fde5801cfa3762c7b1e39C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dllbb2fffb9-0f77-11e4-98ae-001a6b2a6b2f
 
Error: (07/19/2014 01:10:00 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKslabdd5271.
 
System Error:
The system cannot find the file specified.
 
Error: (07/19/2014 01:03:38 PM) (Source: Application Error)(User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb051800000030048516640801cfa37361549cb3C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\35.0.1916.153\chrome.dll9fe0e8ed-0f66-11e4-98ae-001a6b2a6b2f
 
Error: (07/19/2014 01:03:37 PM) (Source: Application Error)(User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb05180000003004851663cc01cfa37360a476dfC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\35.0.1916.153\chrome.dll9f5dfd3e-0f66-11e4-98ae-001a6b2a6b2f
 
Error: (07/19/2014 01:02:56 PM) (Source: Application Error)(User: )
Description: chrome.exe35.0.1916.153538fb354chrome.dll35.0.1916.153538fb0518000000300485166b3c01cfa3733f3cb8d4C:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\35.0.1916.153\chrome.dll87418607-0f66-11e4-98ae-001a6b2a6b2f
 
Error: (07/19/2014 10:26:03 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKslb1d36f48.
 
System Error:
The system cannot find the file specified.
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19188
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19188
 
Error: (07/19/2014 05:28:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/19/2014 05:28:56 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18174
 
 
 
=========================== Installed Programs ============================
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Artisteer 3 (HKLM\...\Artisteer 3) (Version: 3.0 - Extensoft)
AutoCAD 2000 (HKLM\...\AutoCAD 2000 Uninstall) (Version:  - )
Autodesk Express Viewer (HKLM\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
Best-TA version 5.1.0 (HKLM\...\{6891CD6C-7322-42C1-A9B8-919CD912D0EC}_is1) (Version:  - Best-TA.com)
BIAS SoundSoap SE 2.2 (HKLM\...\{01287DE9-6EEB-488D-99C7-FE3C707A87AC}) (Version: 2.2 - BIAS Inc)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertXtoDVD 3.3.4.106e (HKLM\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.3.4.106e - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DolbyFiles (Version: 2.0 - Nero AG) Hidden
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
GoGear SA018 Device Manager (HKLM\...\{DC19A2BC-9698-430E-AD50-456B837B1BCD}) (Version: 01.03 - Philips)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM\...\{C084BC61-E537-11DE-8616-005056806466}) (Version: 5.1.7894.7252 - Google)
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Guitar Pro 6 (HKLM\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HP Customer Experience Enhancements (Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.4.0 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 (Version: 5.2.0.2 - Intel Corporation) Hidden
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 19.0 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Trial (HKLM\...\{5781327f-6064-4e05-8404-65cbe1e9947d}) (Version:  - Nero AG)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
PC Metronome 1.0 (remove only) (HKLM\...\PC Metronome) (Version:  - )
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.1 - Roxio) Hidden
Roxio Burn (Version: 1.0.0 - Roxio) Hidden
Roxio Burn Manager (Version: 1.0.0 - Roxio) Hidden
Roxio Burn Manager CDB (Version: 1.0 - Roxio) Hidden
Roxio CinePlayer (Version: 5.3 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (Version: 4.3.0 - Roxio) Hidden
Roxio Creator 2010 Content (HKLM\...\{4D0AAB66-E604-4E82-A5AF-01AB97CB506D}) (Version: 12.0.013 - Roxio)
Roxio Creator 2010 Pro (HKLM\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.0 - Roxio)
Roxio Creator 2010 Pro (Version: 1.2.193 - Roxio) Hidden
Roxio Creator 2010 Pro (Version: 5.0.0 - Roxio) Hidden
Roxio Disaster Recovery (Version: 1.3.0 - Roxio) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
Roxio PhotoShow (HKLM\...\Roxio PhotoShow) (Version: 6.0 - Roxio)
Roxio Venue (Version: 2.2.170 - Sonic Solutions) Hidden
Roxio Video Capture USB (Version: 1.22.0000 - Roxio) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) Hidden
StudioTax 2012 (HKLM\...\{9E998EBB-DE54-4F21-8419-CB660813E037}) (Version: 8.0.3.2 - BHOK IT Consulting)
StudioTax 2013 (HKLM\...\{B2DBE9A4-A968-4BF5-9602-9506945E825A}) (Version: 9.1.5.0 - BHOK IT Consulting)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Video Download Converter version 1.0.0.0 (HKLM\...\VDC_is1) (Version: 1.0.0.0 - )
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
YAC (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA)
YTD Video Downloader 4.7.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.3 - GreenTree Applications SRL)
 
========================= Devices: ================================
 
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 83%
Total physical RAM: 1022.05 MB
Available physical RAM: 171.61 MB
Total Pagefile: 2046.05 MB
Available Pagefile: 673.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:142.43 GB) (Free:3.49 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:6.62 GB) (Free:0.01 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DOM-PC
 
Administrator            Anto                     Guest                    
USER                     
 
 
**** End of log ****
 

 



#4 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:44 AM

Posted 20 July 2014 - 10:46 AM

Hi madbomber1945!

You have 3 antivirus programs I think.So choose one and uninstall another two.

Refuse optional offer and Update Adobe flash player - http://get.adobe.com/flashplayer/

Update Adobe Reader - http://get.adobe.com/reader/

Update Firefox - https://www.mozilla.org/en-US/firefox/channel/#firefox

Update Internet explorer - http://windows.microsoft.com/en-us/internet-explorer/download-ie

Uninstall Google Chrome 35.0.1916.153

You have removed everything with Malwarebytes?

 

Download SUPERAntiSpyware Free, or SAS, from the following location HERE and save it to your desktop:
Double-click the icon on your desktop named SUPERAntiSpyware.exe. This will start the installation of SUPERAntiSpyware onto your computer.
When the installation begins, keep following the prompts in order to continue with the installation process.
Do not make any changes to default settings, and when the program has finished installing, click on the Finish button to get back to your Windows desktop.
SUPERAntiSpyware will now automatically start and you will see a message asking you to select the language you would like the program to use. Please select your language and then press the OK button to continue.
You will now be prompted to update the SUPERAntiSpyware definitions.
Please press the Yes button to allow the program to download and install the latest updates so that it can properly detect and remove the latest malware.
After the definitions are updated, the welcome screen for SUPERAntiSpyware will appear.
At this screen you should select the Perform Complete Scan option and then press the Next button to start scanning your computer.
SUPERAntiSpyware will now start to scan your computer for malware
When the scan is finished a screen will appear showing the summary of what was detected

 

Thank you!


Edited by Alex&Vanko, 20 July 2014 - 10:47 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users