Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

how to clean up pc [Closed]


  • This topic is locked This topic is locked

#31
Littleone3

Littleone3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
13:32:46.0009 3776 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:32:48.0023 3776 ============================================================
13:32:48.0023 3776 Current date / time: 2013/04/25 13:32:48.0023
13:32:48.0023 3776 SystemInfo:
13:32:48.0023 3776
13:32:48.0023 3776 OS Version: 6.1.7601 ServicePack: 1.0
13:32:48.0023 3776 Product type: Workstation
13:32:48.0023 3776 ComputerName: LOLITA-PC
13:32:48.0023 3776 UserName: Lolita
13:32:48.0023 3776 Windows directory: C:\windows
13:32:48.0023 3776 System windows directory: C:\windows
13:32:48.0023 3776 Running under WOW64
13:32:48.0023 3776 Processor architecture: Intel x64
13:32:48.0023 3776 Number of processors: 1
13:32:48.0023 3776 Page size: 0x1000
13:32:48.0023 3776 Boot type: Normal boot
13:32:48.0023 3776 ============================================================
13:32:51.0221 3776 BG loaded
13:32:53.0535 3776 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:32:53.0551 3776 ============================================================
13:32:53.0551 3776 \Device\Harddisk0\DR0:
13:32:53.0551 3776 MBR partitions:
13:32:53.0551 3776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1BCF2800
13:32:53.0551 3776 ============================================================
13:32:53.0582 3776 C: <-> \Device\Harddisk0\DR0\Partition1
13:32:53.0582 3776 ============================================================
13:32:53.0582 3776 Initialize success
13:32:53.0582 3776 ============================================================
13:33:01.0742 3804 ============================================================



Thank you so much. my computer is running like new. Thank you again
  • 0

Advertisements


#32
Littleone3

Littleone3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Each morning I am receiving this message from my program manager. Notification Server Error

Error Code: ( /image/xyz/isvid1/http://marketing.scansoft.com/pipeline/imaging-dns125-pipeline.html )

ocurred while accessing site.
  • 0

#33
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


if it only happens on this one site then I would not worry about it and I would like to see the report from post 30
  • 0

#34
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#35
Littleone3

Littleone3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I am still having the same message. Notification Server Error

Error Code: ( /image/xyz/isvid1/http://marketing.scansoft.com/pipeline/imaging-dns125-pipeline.html )

ocurred while accessing site. What do you mean by see the report from post 30. I am still a new user and am not sure what you mean. I probably behind the time.
Signed

Grandma of 15yr Grandchild. He showed me how to use my iphone. Thank you so much for all your kindness and patience.
  • 0

#36
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


all of our posts are numbered - if you look over at the right you will see that this post is #36 -->


this is what post 30 was


I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review


try this for that error




first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE







Gringo
  • 0

#37
Littleone3

Littleone3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hello


all of our posts are numbered - if you look over at the right you will see that this post is #36 -->


this is what post 30 was


I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review


try this for that error




first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE







Gringo

Attached Files

  • Attached File  log.txt   13.09KB   47 downloads

  • 0

#38
Littleone3

Littleone3

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
ComboFix 13-04-29.01 - Lolita 04/30/2013 15:17:11.3.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.1103 [GMT -4:00]
Running from: c:\users\Lolita\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lolita\AppData\Roaming\DefaultTab\DefaultTab
c:\users\Lolita\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-30 )))))))))))))))))))))))))))))))
.
.
2013-04-30 19:24 . 2013-04-30 19:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-30 19:24 . 2013-04-30 19:24 -------- d-----w- c:\users\Lolita Parker\AppData\Local\temp
2013-04-30 19:24 . 2013-04-30 19:24 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-04-25 22:29 . 2013-04-25 22:29 -------- d-----w- c:\users\Lolita\AppData\Roaming\AVG2013
2013-04-25 22:28 . 2013-04-26 00:42 -------- d-----w- c:\programdata\AVG2013
2013-04-25 22:24 . 2013-04-25 23:44 -------- d-----w- c:\users\Lolita\AppData\Local\Avg2013
2013-04-25 19:48 . 2013-04-26 00:35 -------- d-----w- c:\programdata\Yahoo!
2013-04-25 19:48 . 2013-04-26 00:35 -------- d-----w- c:\program files (x86)\Yahoo!
2013-04-25 18:57 . 2013-04-25 18:57 -------- d-----w- c:\programdata\Malwarebytes
2013-04-25 17:26 . 2013-04-25 17:26 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-24 18:23 . 2013-04-24 18:23 -------- d-----w- C:\_OTL
2013-04-23 17:28 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 03:08 . 2013-04-24 07:17 -------- d-----w- c:\program files (x86)\Inbox Toolbar
2013-04-22 19:25 . 2013-04-22 19:34 -------- d-----w- c:\users\Lolita\AppData\Roaming\player
2013-04-22 19:24 . 2013-04-30 19:24 -------- d-----w- c:\users\Lolita\AppData\Roaming\DefaultTab
2013-04-21 01:00 . 2013-04-21 01:00 -------- d-----w- c:\users\Lolita\AppData\Roaming\TuneUp Software
2013-04-21 00:55 . 2013-04-21 00:55 -------- d-----w- c:\users\Lolita\AppData\Local\MFAData
2013-04-21 00:36 . 2013-04-21 00:36 -------- d-----w- c:\programdata\Uniblue
2013-04-21 00:27 . 2013-04-21 00:39 -------- d-----w- c:\users\Lolita\AppData\Local\SwvUpdater
2013-04-21 00:26 . 2013-04-21 00:41 -------- d-----w- c:\programdata\Tarma Installer
2013-04-21 00:18 . 2013-04-17 10:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0056893F-1F19-4FF6-8057-C562328F106F}\mpengine.dll
2013-04-21 00:12 . 2013-04-21 00:12 -------- d-----w- c:\users\Lolita\AppData\Roaming\SimplyTech
2013-04-21 00:12 . 2013-03-19 10:41 16896 ----a-w- c:\windows\Launcher.exe
2013-04-21 00:12 . 2013-04-21 00:40 -------- d-----w- c:\program files (x86)\Protected Search
2013-04-19 23:54 . 2013-04-19 23:54 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-19 21:41 . 2013-04-24 18:23 -------- d-----w- c:\programdata\PC Utility Kit
2013-04-19 20:56 . 2013-04-20 00:17 -------- d-----w- c:\users\Lolita\SyncFolder
2013-04-19 02:50 . 2013-04-19 22:15 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-04-19 02:50 . 2013-04-19 22:13 -------- d-----w- c:\users\Lolita\AppData\Roaming\Systweak
2013-04-19 02:50 . 2013-02-28 20:27 20312 ----a-w- c:\windows\system32\roboot64.exe
2013-04-19 02:01 . 2013-04-19 02:01 -------- d-----w- c:\users\Lolita\.smplayer
2013-04-19 01:30 . 2013-04-19 01:53 -------- d-----w- c:\program files (x86)\AOL Toolbar
2013-04-19 01:29 . 2013-04-19 01:29 -------- d-----w- c:\users\Lolita\AppData\Roaming\RealNetworks
2013-04-19 01:28 . 2013-04-19 01:28 -------- d-----w- c:\programdata\RealNetworks
2013-04-15 01:47 . 2013-04-15 01:47 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-15 01:46 . 2013-04-15 01:46 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-15 01:39 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-11 23:40 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-11 23:39 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-11 23:39 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-11 23:39 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-11 23:39 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-11 23:39 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-11 23:39 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-11 23:39 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 21:41 . 2013-04-10 21:41 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-12 02:30 . 2012-06-04 15:21 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-12 02:30 . 2011-06-02 00:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-11 23:47 . 2010-08-13 23:09 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-11 14:22 . 2011-06-11 05:58 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-04-11 14:22 . 2011-06-11 05:58 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-03-12 05:10 . 2010-08-13 21:29 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 05:45 . 2013-04-10 21:40 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-04-10 21:40 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-04-10 21:40 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-04-10 21:40 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-04-10 21:40 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-10 21:40 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-08-14 23:40 . 2011-08-14 22:17 33001712 ----a-w- c:\program files (x86)\Nuance PDF Reader.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}]
c:\users\Lolita\AppData\Local\DownloadTerms\temp.dat [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2010-07-05 333088]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-03-09 1849856]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-01 232992]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - NisDrv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 02:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{25393362-FCFF-4744-B3EC-D70782CC531F}"= "c:\users\Lolita\AppData\Local\TNT2\Profiles\10369\passport64.dll" [BU]
.
[HKEY_CLASSES_ROOT\CLSID\{25393362-FCFF-4744-B3EC-D70782CC531F}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-18 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-18 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-18 410648]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://yahoo.com/?ilc=10&fr=ydwnld-home
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Vafmusic2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - ExtSQL: 2013-03-19 20:02; [email protected]; c:\program files (x86)\Mozilla Firefox\extensions\[email protected]
FF - ExtSQL: 2013-04-18 21:53; {650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}; c:\program files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - ExtSQL: 2013-04-19 20:00; {c72c0c73-4eb0-4fb3-af0f-074e97326cfd}; c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
FF - ExtSQL: 2013-04-25 15:48; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: 1969-12-31 19:00; {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}; c:\users\Lolita\AppData\Roaming\Mozilla\Firefox\Profiles\j8v586mm.default-1361841784927\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
FF - ExtSQL: !HIDDEN! 2011-08-14 14:23; [email protected]; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{04eb382a-4b48-4de7-a570-b0307b9b13c7} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-OtShot - c:\program files (x86)\OtShot\otshot.exe
SafeBoot-83414374.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-30 15:27:14
ComboFix-quarantined-files.txt 2013-04-30 19:27
ComboFix2.txt 2013-04-21 02:35
ComboFix3.txt 2013-04-20 22:04
.
Pre-Run: 187,742,093,312 bytes free
Post-Run: 187,685,146,624 bytes free
.
- - End Of File - - 58C1A4DB7E0A5122F186DEC786B397DE
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Apple Application Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
AVG PC Tuneup
BufferChm
D110
D3DX10
Destinations
DeviceDiscovery
GPBaseService2
HPAppStudio
HPPhotoGadget
HPProductAssistant
Intel® Graphics Media Accelerator Driver
Junk Mail filter update
[email protected] 1.0
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla (1.7.13)
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
MyHeritage Family Tree Builder
Nuance PDF Reader
PS_AIO_07_D110_SW_Min
QuickTime
QuickTransfer
Realtek USB 2.0 Card Reader
Revo Uninstaller 1.89
Safari
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shutterfly Express Uploader
SmartWebPrinting
SolutionCenter
Status
The Weather Channel App
Toolbox
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Hardware Setup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Supervisor Password
ToshibaRegistration
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables
Visual Studio Tools for the Office system 3.0 Runtime
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
  • 0

#39
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

Run Malwarebytes

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#40
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

Advertisements


#41
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP