Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vicious pop up ads in Google Chrome


  • This topic is locked This topic is locked
2 replies to this topic

#1 JamesV3131

JamesV3131

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 06 August 2015 - 08:04 PM

Forgive me if this post is in the incorrect spot, the malware makes it extremely hard to navigate the internet.

Symptoms: tons of malware removal ads popping up when i open google chrome; less so when i use incognito mode. there are no problems when i am not connected to the internet (yet). I believe the problems started when I downloaded a sketchy music program used to identify songs. i cant remember the name.

I am using runscanner for the first time in beginner mode, but am not a complete novice when using computers. but i have no trojan removal experience.

Heres my runscan file:

Runscanner logfile RunScanner freeware startup, hijack and malware analyzer

* = signed file
- = file not found

General info
------------
Computer name : JAMES-PORTEGE
Creation time : 8/4/2015 7:44:38 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.0.8112.16421
OS : Windows 7 Home Premium
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.60
User Language : English (United States)
User rights : Administrator
Windows folder : C:\windows

Running processes
-----------------
* C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
* C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
* C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
* C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
C:\Windows\SysWOW64\irstrtsv.exe (Intel Corporation)
* C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
* C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
C:\Program Files (x86)\Naughty Guarantee\Naughty Guarantee.exe
* C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
* C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
* C:\Users\James\Desktop\runscanner.exe (Runscanner.net)
* C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated)
* C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)
* C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe (TOSHIBA Corporation)
* C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
* C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
* C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
* C:\Windows\System32\rundll32.exe (Microsoft Corporation)
* C:\Windows\System32\rundll32.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wlanext.exe (Microsoft Corporation)
* C:\Program Files (x86)\Toshiba\widimon\widimon.exe (TOSHIBA CORPORATION)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)

Unrated items
-------------
010 * C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service)
010 * C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 18.0 r0)
010 * C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel IPT Host Interface Service)
010 * C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® BlueTooth® HS Security Manager Service)
010 * C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® PROSet/Wireless Event Log Service)
010 * C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® PROSet/Wireless Registry Service)
010 C:\windows\system32\irstrtsv.exe (Intel® Rapid Start Technology Service)
010 * C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter)
010 * C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® PROSet/Wireless Zero Configure Service)
010 * C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (64-bit))
010 * C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService)
010 C:\Program Files (x86)\Naughty Guarantee\Naughty Guarantee.exe (Naughty Guarantee.exe)
010 * C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Wireless PAN DHCP and DNS Server)
042 GUID / CLSID not found {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}
042 GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}
042 GUID / CLSID not found {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}
042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
052 C:\Program Files (x86)\ofFeerrsoft\Om1uSbZMelLLcW.dll {E7F862E9-5C7A-44A5-BB7C-68B5CC8B6A56}
052 C:\Program Files (x86)\broWWSeandshop\tdQ0Zz5CjoRRIo.dll {AFA4FDA6-C295-4C8F-89F4-150C37C39B60}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
062 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
073 Adobe Flash Player Updater.job : C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
100 Default_Page_URL HKCU : Home - Welcome to Toshiba
100 ProxyOverride HKCU : <local>;*.local
100 Start Page HKCU : Delta Search
102 GUID / CLSID not found {555D4D79-4BD2-4094-A395-CFC534424A05}
102 GUID / CLSID not found {555D4D79-4BD2-4094-A395-CFC534424A05}
105 E&xport to Microsoft Excel : res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
105 Se&nd to OneNote : res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
170 {10ae308f-8880-11e4-8a4d-e89d87972f30} : D:\VerizonSWUpgradeAssistantLauncher.exe
170 {cf95da67-86d4-11e3-b466-e89d87972f30} : D:\LaunchU3.exe -a
170 D : D:\VZW_Software_upgrade_assistant.exe
173 * C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll (Apple Inc.) {89D984B3-813B-406A-8298-118AFA3A22AE}
177 169.254.0.0,255.255.0.0,192.168.1.135,1
221 * C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll (Apple Inc.) {89D984B3-813B-406A-8298-118AFA3A22AE}
229 GUID / CLSID not found {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
231 * C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
001 audiodg.exe
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\csrss.exe
001 C:\Windows\System32\conhost.exe
001 C:\Windows\System32\dwm.exe
001 C:\Windows\System32\hkcmd.exe
001 C:\Windows\System32\taskhost.exe
001 C:\Windows\System32\igfxext.exe
001 C:\Windows\System32\igfxtray.exe
001 C:\Windows\System32\lsass.exe
001 C:\Windows\System32\lsm.exe
001 C:\Windows\System32\sppsvc.exe
001 C:\Windows\System32\igfxpers.exe
001 C:\Windows\System32\services.exe
001 C:\Windows\System32\wbem\unsecapp.exe
001 C:\Windows\System32\spoolsv.exe
001 C:\Windows\System32\TODDSrv.exe
001 C:\Windows\System32\winlogon.exe
001 C:\Windows\System32\smss.exe

Missing files
-------------
003 C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe
010 C:\windows\system32\AxInstSV.dll
010 C:\windows\system32\aelupsvc.dll
010 C:\windows\system32\appidsvc.dll
010 C:\windows\system32\appinfo.dll
010 C:\windows\system32\Alg.exe
010 C:\windows\system32\qmgr.dll
010 C:\windows\system32\bfe.dll
010 C:\windows\system32\bdesvc.dll
010 C:\windows\System32\bthserv.dll
010 C:\windows\system32\browser.dll
010 C:\windows\system32\vaultsvc.dll
010 C:\windows\system32\dwm.exe
010 C:\windows\system32\trkwks.dll
010 C:\windows\system32\efssvc.dll
010 C:\windows\system32\wecsvc.dll
010 C:\windows\system32\wevtsvc.dll
010 C:\windows\system32\fdPHost.dll
010 C:\windows\system32\fdrespub.dll
010 C:\windows\system32\ikeext.dll
010 C:\windows\system32\ui0detect.exe
010 C:\windows\system32\kmsvc.dll
010 C:\windows\system32\lltdres.dll
010 C:\windows\system32\eapsvc.dll
010 C:\windows\system32\ipnathlp.dll
010 C:\windows\System32\certprop.dll
010 C:\windows\System32\certprop.dll
010 C:\windows\system32\sppsvc.exe
010 C:\windows\system32\TabSvc.dll
010 C:\windows\System32\sensrsvc.dll
010 C:\windows\system32\UtcResources.dll
010 C:\windows\system32\defragsvc.dll
010 C:\windows\system32\wbengine.exe
010 C:\windows\system32\vssvc.exe
010 C:\windows\System32\swprv.dll
010 C:\windows\system32\sdrsvc.dll
010 C:\windows\system32\mmcss.dll
010 C:\windows\system32\mmcss.dll
010 C:\windows\system32\netman.dll
010 C:\windows\System32\nlasvc.dll
010 C:\windows\system32\nsisvc.dll
010 C:\windows\system32\p2psvc.dll
010 C:\windows\system32\IPBusEnum.dll
010 C:\windows\system32\pnrpauto.dll
010 C:\windows\system32\pnrpsvc.dll
010 C:\windows\system32\pnrpsvc.dll
010 C:\windows\system32\wpdbusenum.dll
010 C:\windows\System32\wercplsupport.dll
010 C:\windows\system32\profsvc.dll
010 C:\windows\system32\pcasvc.dll
010 C:\windows\system32\sstpsvc.dll
010 C:\windows\system32\qagentrt.dll
010 regsvc.dll
010 C:\windows\system32\rasauto.dll
010 C:\windows\system32\rasmans.dll
010 C:\windows\System32\termsrv.dll
010 C:\windows\system32\RpcEpMap.dll
010 C:\windows\system32\Locator.exe
010 C:\windows\system32\samsrv.dll
010 C:\windows\system32\seclogon.dll
010 C:\windows\system32\srvsvc.dll
010 C:\windows\system32\iphlpsvc.dll
010 C:\windows\System32\SCardSvr.dll
010 C:\windows\system32\snmptrap.exe
010 C:\windows\system32\spoolsv.exe
010 C:\windows\system32\sppuinotify.dll
010 C:\windows\system32\ssdpsrv.dll
010 C:\windows\system32\wiaservc.dll
010 C:\windows\system32\sysmain.dll
010 C:\windows\system32\schedsvc.dll
010 C:\windows\system32\tbssvc.dll
010 C:\windows\system32\lmhsvc.dll
010 C:\windows\system32\TODDSrv.exe
010 C:\windows\system32\umpnpmgr.dll
010 C:\windows\system32\umpo.dll
010 C:\windows\system32\vds.exe
010 C:\windows\system32\dps.dll
010 C:\windows\system32\Wat\WatUX.exe
010 C:\windows\System32\audiosrv.dll
010 C:\windows\System32\audiosrv.dll
010 C:\windows\system32\wbiosrvc.dll
010 C:\windows\system32\wudfsvc.dll
010 C:\windows\System32\wersvc.dll
010 C:\windows\system32\FntCache.dll
010 C:\windows\System32\ListSvc.dll
010 C:\windows\System32\wscsvc.dll
010 C:\windows\System32\themeservice.dll
010 C:\windows\system32\w32time.dll
010 C:\windows\system32\wuaueng.dll
010 C:\windows\System32\wlansvc.dll
010 C:\windows\system32\dot3svc.dll
010 C:\windows\system32\wbem\wmisvc.dll
010 C:\windows\system32\wbem\wmiapsrv.exe
010 C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
010 C:\windows\system32\wkssvc.dll
010 C:\windows\System32\wwansvc.dll
011 c:\windows\system32\drivers\1394ohci.sys
011 c:\windows\system32\drivers\ohci1394.sys
011 c:\windows\system32\drivers\agp440.sys
011 c:\windows\system32\drivers\ACPI.sys
011 c:\windows\system32\drivers\acpipmi.sys
011 c:\windows\system32\drivers\adp94xx.sys
011 c:\windows\system32\drivers\adpahci.sys
011 c:\windows\system32\drivers\adpu320.sys
011 c:\windows\system32\drivers\aliide.sys
011 c:\windows\system32\drivers\amdide.sys
011 c:\windows\system32\drivers\amdsata.sys
011 c:\windows\system32\drivers\amdsbs.sys
011 c:\windows\system32\drivers\amdxata.sys
011 C:\windows\system32\drivers\afd.sys
011 C:\windows\system32\appidsvc.dll
011 c:\windows\system32\drivers\arc.sys
011 c:\windows\system32\drivers\arcsas.sys
011 c:\windows\system32\drivers\atapi.sys
011 C:\windows\system32\drivers\Beep.sys
011 C:\windows\system32\drivers\fvevol.sys
011 c:\windows\system32\DRIVERS\blbdrive.sys
011 c:\windows\system32\drivers\bthmodem.sys
011 c:\windows\system32\drivers\hidbth.sys
011 c:\windows\system32\DRIVERS\b57nd60a.sys
011 c:\windows\system32\drivers\evbda.sys
011 c:\windows\system32\drivers\bxvbda.sys
011 c:\windows\System32\Drivers\Brserid.sys
011 c:\windows\System32\Drivers\BrSerWdm.sys
011 c:\windows\System32\Drivers\BrUsbMdm.sys
011 c:\windows\System32\Drivers\BrUsbSer.sys
011 c:\windows\system32\DRIVERS\GEARAspiWDM.sys
011 c:\windows\system32\DRIVERS\cdfs.sys
011 c:\windows\system32\drivers\cmdide.sys
011 System32\Drivers\cng.sys
011 C:\windows\system32\clfs.sys
011 c:\windows\system32\drivers\compbatt.sys
011 C:\windows\system32\browser.dll
011 c:\windows\system32\drivers\circlass.sys
011 c:\windows\system32\DRIVERS\CmBatt.sys
011 c:\windows\system32\DRIVERS\usbhub.sys
011 C:\windows\system32\drivers\dfsc.sys
011 c:\windows\System32\drivers\dxgkrnl.sys
011 c:\windows\system32\drivers\crcdisk.sys
011 c:\windows\system32\DRIVERS\dot4usb.sys
011 c:\windows\system32\drivers\usbehci.sys
011 c:\windows\system32\drivers\elxstor.sys
011 c:\windows\system32\drivers\errdev.sys
011 C:\windows\system32\drivers\fastfat.sys
011 C:\windows\system32\drivers\fsdepends.sys
011 C:\windows\system32\drivers\filetrace.sys
011 C:\windows\system32\drivers\fileinfo.sys
011 c:\windows\system32\drivers\fdc.sys
011 c:\windows\system32\drivers\flpydisk.sys
011 c:\windows\system32\DRIVERS\umpass.sys
011 C:\windows\system32\drivers\hwpolicy.sys
011 c:\windows\system32\drivers\hcw85cir.sys
011 c:\windows\system32\drivers\HidBatt.sys
011 c:\windows\system32\DRIVERS\kbdhid.sys
011 c:\windows\system32\DRIVERS\mouhid.sys
011 c:\windows\system32\DRIVERS\HDAudBus.sys
011 c:\windows\system32\drivers\HdAudio.sys
011 c:\windows\system32\drivers\HpSAMD.sys
011 C:\windows\system32\drivers\http.sys
011 c:\windows\system32\DRIVERS\i8042prt.sys
011 c:\windows\system32\drivers\iaStorV.sys
011 c:\windows\system32\DRIVERS\Dot4Prt.sys
011 c:\windows\system32\DRIVERS\Dot4.sys
011 c:\windows\system32\DRIVERS\igdkmd64.sys
011 c:\windows\system32\drivers\iirsp.sys
011 C:\windows\system32\drivers\irenum.sys
011 c:\windows\system32\drivers\hidir.sys
011 c:\windows\system32\DRIVERS\iaStor.sys
011 c:\windows\system32\DRIVERS\IntcDAud.sys
011 c:\windows\system32\DRIVERS\e1c62x64.sys
011 c:\windows\system32\DRIVERS\HECIx64.sys
011 c:\windows\system32\DRIVERS\AMPPAL.sys
011 c:\windows\system32\DRIVERS\amppal.sys
011 c:\windows\system32\drivers\intelaud.sys
011 c:\windows\system32\DRIVERS\iwdbus.sys
011 c:\windows\system32\DRIVERS\NETwsw00.sys
011 c:\windows\system32\drivers\intelide.sys
011 c:\windows\system32\drivers\IPMIDrv.sys
011 System32\drivers\ipnat.sys
011 c:\windows\system32\drivers\isapnp.sys
011 c:\windows\system32\drivers\Wdf01000.sys
011 c:\windows\system32\drivers\ksthunk.sys
011 c:\windows\system32\DRIVERS\kbdclass.sys
011 System32\Drivers\ksecdd.sys
011 System32\Drivers\ksecpkg.sys
011 c:\windows\system32\DRIVERS\lltdio.sys
011 c:\windows\system32\DRIVERS\rspndr.sys
011 C:\windows\system32\drivers\spldr.sys
011 c:\windows\system32\drivers\lsi_fc.sys
011 c:\windows\system32\drivers\lsi_sas.sys
011 c:\windows\system32\drivers\lsi_sas2.sys
011 c:\windows\system32\drivers\lsi_scsi.sys
011 C:\windows\system32\drivers\luafv.sys
011 c:\windows\system32\DRIVERS\bridge.sys
011 c:\windows\system32\DRIVERS\bridge.sys
011 C:\windows\system32\drivers\secdrv.sys
011 C:\windows\system32\drivers\netbt.sys
011 c:\windows\system32\drivers\megasas.sys
011 c:\windows\system32\drivers\MegaSR.sys
011 C:\windows\system32\drivers\exfat.sys
011 C:\windows\system32\drivers\fltmgr.sys
011 c:\windows\system32\drivers\msiscsi.sys
011 c:\windows\system32\drivers\MTConfig.sys
011 C:\windows\system32\drivers\qwavedrv.sys
011 c:\windows\system32\drivers\rdpbus.sys
011 C:\windows\System32\drivers\scfilter.sys
011 c:\windows\system32\drivers\drmkaud.sys
011 c:\windows\system32\DRIVERS\tunnel.sys
011 c:\windows\system32\drivers\modem.sys
011 c:\windows\system32\DRIVERS\monitor.sys
011 C:\windows\system32\drivers\mountmgr.sys
011 c:\windows\system32\DRIVERS\mouclass.sys
011 c:\windows\system32\drivers\mpio.sys
011 c:\windows\system32\drivers\uagp35.sys
011 c:\windows\system32\drivers\gagp30kx.sys
011 c:\windows\system32\drivers\MSKSSRV.sys
011 c:\windows\system32\drivers\MSPCLOCK.sys
011 c:\windows\system32\drivers\MSPQM.sys
011 c:\windows\system32\drivers\msahci.sys
011 c:\windows\system32\drivers\msdsm.sys
011 C:\windows\system32\drivers\Msfs.sys
011 c:\windows\system32\drivers\msisadrv.sys
011 C:\windows\system32\drivers\MsRPC.sys
011 C:\windows\system32\drivers\mup.sys
011 c:\windows\system32\DRIVERS\CompositeBus.sys
011 c:\windows\system32\drivers\tdpipe.sys
011 c:\windows\system32\DRIVERS\nwifi.sys
011 C:\windows\system32\drivers\ndis.sys
011 c:\windows\system32\DRIVERS\ndiscap.sys
011 C:\windows\system32\drivers\NDProxy.sys
011 c:\windows\system32\DRIVERS\ndisuio.sys
011 c:\windows\system32\DRIVERS\netbios.sys
011 c:\windows\system32\drivers\nv_agp.sys
011 c:\windows\system32\drivers\nfrd960.sys
011 C:\windows\system32\drivers\Npfs.sys
011 C:\windows\system32\drivers\nsiproxy.sys
011 C:\windows\system32\drivers\Ntfs.sys
011 c:\windows\system32\drivers\pci.sys
011 C:\windows\system32\drivers\Null.sys
011 c:\windows\system32\drivers\nvraid.sys
011 c:\windows\system32\drivers\nvstor.sys
011 c:\windows\system32\drivers\usbohci.sys
011 c:\windows\system32\drivers\parport.sys
011 C:\windows\system32\drivers\partmgr.sys
011 C:\windows\system32\drivers\mshidkmdf.sys
011 c:\windows\system32\drivers\pciide.sys
011 c:\windows\system32\drivers\pcmcia.sys
011 System32\drivers\pcw.sys
011 c:\windows\system32\DRIVERS\swenum.sys
011 c:\windows\system32\drivers\disk.sys
011 c:\windows\system32\DRIVERS\point64.sys
011 c:\windows\system32\DRIVERS\intelppm.sys
011 c:\windows\system32\drivers\amdppm.sys
011 c:\windows\system32\drivers\amdk8.sys
011 c:\windows\system32\drivers\processr.sys
011 c:\windows\system32\drivers\peauth.sys
011 C:\windows\system32\sstpsvc.dll
011 c:\windows\system32\drivers\ql2300.sys
011 c:\windows\system32\drivers\ql40xx.sys
011 C:\windows\System32\drivers\pacer.sys
011 c:\windows\system32\DRIVERS\AgileVpn.sys
011 System32\DRIVERS\rasacd.sys
011 C:\windows\system32\drivers\RDPENCDD.sys
011 C:\windows\system32\DRIVERS\RDPCDD.sys
011 C:\windows\system32\drivers\RdpRefMp.sys
011 C:\windows\system32\drivers\RDPWD.sys
011 System32\drivers\rdyboost.sys
011 c:\windows\system32\drivers\RTKVHD64.sys
011 c:\windows\system32\drivers\TsUsbGD.sys
011 c:\windows\system32\DRIVERS\termdd.sys
011 C:\windows\system32\drivers\tsusbflt.sys
011 c:\windows\system32\drivers\usb8023x.sys
011 c:\windows\system32\DRIVERS\risdxc64.sys
011 c:\windows\system32\drivers\sbp2port.sys
011 c:\windows\system32\DRIVERS\cdrom.sys
011 c:\windows\system32\drivers\sfloppy.sys
011 c:\windows\system32\drivers\serial.sys
011 c:\windows\system32\drivers\sermouse.sys
011 c:\windows\system32\drivers\serenum.sys
011 C:\windows\system32\srvsvc.dll
011 C:\windows\system32\srvsvc.dll
011 c:\windows\system32\drivers\SiSRaid2.sys
011 c:\windows\system32\drivers\sisraid4.sys
011 c:\windows\system32\drivers\sffdisk.sys
011 c:\windows\system32\drivers\sffp_mmc.sys
011 c:\windows\system32\drivers\sffp_sd.sys
011 System32\DRIVERS\srvnet.sys
011 c:\windows\system32\drivers\stexstor.sys
011 c:\windows\system32\DRIVERS\SynTP.sys
011 C:\windows\system32\drivers\discache.sys
011 c:\windows\system32\DRIVERS\mssmbios.sys
011 c:\windows\system32\drivers\tdtcp.sys
011 c:\windows\system32\DRIVERS\tcpip.sys
011 System32\drivers\tcpipreg.sys
011 c:\windows\system32\DRIVERS\tos_sps64.sys
011 c:\windows\system32\DRIVERS\TVALZ.SYS
011 c:\windows\system32\DRIVERS\tdcmdpst.sys
011 c:\windows\system32\DRIVERS\TVALZFL.sys
011 c:\windows\system32\DRIVERS\pgeffect.sys
011 c:\windows\system32\drivers\tpm.sys
011 C:\windows\System32\DRIVERS\tssecsrv.sys
011 c:\windows\system32\DRIVERS\udfs.sys
011 c:\windows\system32\drivers\usbuhci.sys
011 c:\windows\system32\drivers\uliagpkx.sys
011 c:\windows\system32\DRIVERS\nusb3xhc.sys
011 c:\windows\system32\DRIVERS\nusb3hub.sys
011 c:\windows\system32\DRIVERS\usbccgp.sys
011 c:\windows\system32\drivers\usbcir.sys
011 c:\windows\system32\DRIVERS\USBSTOR.SYS
011 c:\windows\system32\DRIVERS\hidusb.sys
011 c:\windows\system32\DRIVERS\usbprint.sys
011 c:\windows\system32\DRIVERS\usbscan.sys
011 c:\windows\System32\Drivers\usbvideo.sys
011 c:\windows\system32\DRIVERS\usb3Hub.sys
011 System32\Drivers\usbaapl64.sys
011 c:\windows\system32\DRIVERS\umbus.sys
011 c:\windows\system32\DRIVERS\vgapnp.sys
011 c:\windows\System32\drivers\vga.sys
011 c:\windows\system32\drivers\vhdmp.sys
011 c:\windows\system32\drivers\viaide.sys
011 c:\windows\system32\drivers\vdrvroot.sys
011 c:\windows\system32\DRIVERS\vwifibus.sys
011 c:\windows\system32\DRIVERS\vwififlt.sys
011 c:\windows\system32\DRIVERS\vwifimp.sys
011 c:\windows\system32\drivers\volmgr.sys
011 C:\windows\system32\drivers\volmgrx.sys
011 c:\windows\system32\drivers\volsnap.sys
011 c:\windows\system32\drivers\vsmraid.sys
011 c:\windows\system32\drivers\wacompen.sys
011 c:\windows\system32\drivers\wd.sys
011 c:\windows\system32\drivers\MSTEE.sys
011 c:\windows\system32\DRIVERS\wfplwf.sys
011 c:\windows\system32\drivers\WudfPf.sys
011 c:\windows\system32\drivers\wmiacpi.sys
011 c:\windows\system32\drivers\BrFiltLo.sys
011 c:\windows\system32\drivers\BrFiltUp.sys
011 c:\windows\system32\drivers\WinUsb.sys
011 C:\windows\System32\drivers\ws2ifsl.sys
011 C:\windows\system32\wkssvc.dll
011 C:\windows\system32\wkssvc.dll
011 C:\windows\system32\wkssvc.dll
011 C:\windows\system32\wkssvc.dll
011 c:\windows\system32\DRIVERS\WUDFRd.sys
013 C:\Windows\System32\mctadmin.exe
013 C:\Windows\System32\mctadmin.exe
032 rdpclip
069 CNMLMB8.DLL
069 CNMXLMB8.DLL
069 CNMLM9W.DLL
069 CNMN6PPM.DLL
069 hpzlllhn.dll
069 localspl.dll
069 FXSMON.DLL
069 hpz3lw71.dll
069 tcpmon.dll
069 usbmon.dll
069 WSDMon.dll
073 C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe
073 C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe
145 kbdclass.sys
210 C:\windows\system32\sdclt.exe



THANKS FOR THE HELP ANYONE,

James

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:01 PM

Posted 07 August 2015 - 02:59 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:01 PM

Posted 15 August 2015 - 11:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users