[Blain1]

Seems to be better, i went into to msconfig and unchecked the realtek thing, rkill no longer finds it.

Thanks for all your help.

[Advertisements]

Bah new Rkill file

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 09/03/2013 06:51:55 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Nomary\AppData\Local\Temp\RtkBtMnt.exe (PID: 3716) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\RtkBtMnt.exe (PID: 3716) [T-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocrE935.tmp\bin\rubyw.exe (PID: 2400) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocrE935.tmp\bin\rubyw.exe (PID: 2400) [T-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocr1F33.tmp\bin\rubyw.exe (PID: 3656) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocr1F33.tmp\bin\rubyw.exe (PID: 3656) [T-HEUR]

6 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingc.../hosts-permbat/

Program finished at: 09/03/2013 06:53:12 PM
Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s)

[Blain1]

Bah new Rkill file

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 09/03/2013 06:51:55 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Nomary\AppData\Local\Temp\RtkBtMnt.exe (PID: 3716) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\RtkBtMnt.exe (PID: 3716) [T-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocrE935.tmp\bin\rubyw.exe (PID: 2400) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocrE935.tmp\bin\rubyw.exe (PID: 2400) [T-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocr1F33.tmp\bin\rubyw.exe (PID: 3656) [UP-HEUR]
* C:\Users\Nomary\AppData\Local\Temp\ocr1F33.tmp\bin\rubyw.exe (PID: 3656) [T-HEUR]

6 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingc.../hosts-permbat/

Program finished at: 09/03/2013 06:53:12 PM
Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s)

[Buddierdl]

Those are false positives and nothing to worry about. Let's run an online scan.


Run ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

• Please go here then click on:
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

[Blain1]

Ok i thought i disabled all AV programs but this still showed up:

C:\Program Files\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D application

[Buddierdl]

You have Avira, which bundles the Ask toolbar, so that can be left alone.

Is the computer running okay now? Let's check for updates.

Download Security Check by screen317 from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

[Blain1]

It's running very well looks like I need to defrag

Heres the file:


Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java™ 6 Update 16
Java™ 6 Update 20
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
Mozilla Thunderbird (17.0.8)
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````

[Buddierdl]

Sorry for the delay. I was out of town over the weekend. I'll get back to you soon.

[Buddierdl]

Do you have Microsoft Security Essentials and Avira installed? If so, you need to remove one of them as running multiple real-time anti-virus programs is not recommended. It actually decreases system performance and security, as the two programs can fight each other.

I would recommend keeping MSE. Let me know what you decide.

[Buddierdl]

Did you get one of the AV's uninstalled? Do you need more details?

[Buddierdl]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.