uTalk

Official forum for Utopia Community

You are not logged in.

#1 2021-03-02 05:38:23

Drassen
Member
Registered: 2021-01-11
Posts: 71

Am I infected?

Hi,

My Acer Aspire 4810T has been running slowly, especially the browser (Chrome).
The laptop has 3GB RAM, 250GB HD (just over 25% is free) and runs 32-bit Windows Vista Home Premium SP2.

I use AVG 2015 and it hasn't detected anything lately.

I often stream radio (http://www.bbc.co.uk/radio/player/bbc_radio_two) whilst using the laptop and usually whenever I try to load a new browser page it stutters, but that can also happen if I open, say, Excel. Most web pages seem to take far too long to load and jump about up and down the screen as the web page graphics latently load. Sometimes a page will seem to have loaded but still shows in the tab as loading, sometimes this site is a good example - when the bar at the bottom of the browser says it is waiting for something (perhaps in-turn waiting for some script to run).

I've had problems with Adobe reader before (trying and failing to upgrade itself) but not lately.

I would be most grateful for any pointers for a resolution/improvement please. I would not normally consider myself as dim but computers often defeat me: I try and review things methodically but do usually find software/settings bewilderingly complicated!

Right now in my Windows start bar (is that the same as toolbar?) the network icon (two display screens) is showing with the front screen blank and a red cross in the bottom right hand corner - yet a connection IS established and I'm working on the internet as usual!

Thanking you in anticipation of any kind pointers at all please, Mac

1. MBAM scan log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/01/2015
Scan Time: 21:18:56
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.12.09
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Paul

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 389821
Time Elapsed: 31 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [dbae6c8a6a1ff442d509826950b2ba46],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [dbae6c8a6a1ff442d509826950b2ba46],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [3158bf37deab81b569b56582bf4303fd],
PUP.Optional.RightSurf.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update RightSurf, Quarantined, [becb80760089b5812bf778649d6728d8],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [5d2cf501177239fdcc14f8b77a893ec2],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [5d2c7f772663de582bcb9a2bf70d629e],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT, Quarantined, [5d2cf402abdeb1854cde01ae26dd27d9],

Registry Values: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0T1F1P1F1C0U2W, Quarantined, [5d2c7f772663de582bcb9a2bf70d629e]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT|Install, 1, Quarantined, [5d2cf402abdeb1854cde01ae26dd27d9]

Registry Data: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-3001494471-2282584797-2024260631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.conduit.com/?ctid=CT3...= … 57A6&SSPV=, Good: (www.google.com), Bad: (http://search.conduit.com/?ctid=CT3...),Replaced,[c6c3728408810234112950385fa6f907]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

2. DDS log(s):

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16599 BrowserJavaVersion: 10.55.2
Run by Paul at 15:00:36 on 2015-01-16
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3001.999 [GMT 0:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Windows\system32\igfxext.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\igfxext.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vp32&d=0609&m=aspire_4810t
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vp32&d=0609&m=aspire_4810t
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=2&o=vp32&d=0609&m=aspire_4810t
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [Acer ePower Management] c:\program files\acer\acer powersmart manager\ePowerTrayLauncher.exe
mRun: [ODDPwr] "c:\program files\acer\optical drive power management\ODDPwr.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdSync.exe
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
StartupFolder: c:\users\paul\appdata\roaming\micros~1\windows\startm~1\programs\startup\google~2.lnk - c:\users\paul\appdata\local\google\chrome\application\chrome.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{70B6A819-4738-4E7C-8D8F-1D91F4E4CB05} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F29F8D5D-F525-4808-A378-87F1459F3FB3} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-7-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-10-5 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-18 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-18 121624]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-12-8 208152]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-18 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-8-28 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-10-10 200984]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2014-12-18 298080]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2009-6-14 117256]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer powersmart manager\ePowerSvc.exe [2009-6-14 703008]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2008-10-9 19504]
R2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2008-10-9 16432]
R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2008-10-9 59952]
R2 MWLService;MyWinLocker Service;c:\program files\egistec\mywinlocker 3\x86\MWLService.exe [2008-10-27 306736]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-4-1 54528]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\acer\optical drive power management\ODDPWRSvc.exe [2009-6-14 118784]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-6-14 237568]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2011-8-1 45288]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-6-14 112128]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-6-14 50176]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 androidusb;Google Device Driver;c:\windows\system32\drivers\wsadb.sys [2013-3-24 34216]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-3-24 80184]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/09/2005, 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-3-9 33792]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
.
=============== Created Last 30 ================
.
2015-01-13 13:08:34 -------- d-----w- C:\AdwCleaner
2015-01-12 21:18:27 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-12 21:18:10 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-12 21:18:10 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-12 21:18:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-12 21:18:10 -------- d-----w- c:\programdata\Malwarebytes
2015-01-12 21:18:10 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
.
==================== Find3M ====================
.
2014-12-08 21:25:06 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-12-03 02:06:01 278528 ----a-w- c:\windows\system32\schannel.dll
2014-11-24 20:44:32 367104 ----a-w- c:\windows\system32\html.iec
2014-11-24 20:40:49 1810944 ----a-w- c:\windows\system32\jscript9.dll
2014-11-24 20:35:25 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-11-24 20:34:40 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-24 20:33:56 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-24 20:33:47 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-11-24 20:32:47 11776 ----a-w- c:\windows\system32\mshta.exe
2014-11-24 20:32:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-18 21:41:58 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-11-07 01:33:21 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-04 00:19:33 2048 ----a-w- c:\windows\system32\tzres.dll
2014-10-24 01:04:29 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-24 01:03:40 499200 ----a-w- c:\windows\system32\kerberos.dll
.
============= FINISH: 15:03:15.74 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 14/06/2009 02:22:50
System Uptime: 16/01/2015 09:01:44 (6 hours ago)
.
Motherboard: Acer | | Aspire 4810T
Processor: Intel(R) Core(TM)2 Solo CPU U3500 @ 1.40GHz | CPU | 1400/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 57.342 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP478: 15/01/2015 15:58:27 - Scheduled Checkpoint
RP479: 16/01/2015 13:37:58 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Acer Backup Manager
Acer Crystal Eye Webcam
Acer eRecovery Management
Acer GridVista
Acer PowerSmart Manager
Acer Product Registration
Acer ScreenSaver
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader XI (11.0.08)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Audacity 2.0.5
AVG 2015
Backup Manager Basic
BitLord 2.3
Compatibility Pack for the 2007 Office system
Defraggler
EPSON Copy Utility
EPSON Photo Print
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
eSobi v2
ESPRX500 Operation Guide
ESPRX500 Reference Guide
FastStone Image Viewer 4.6
Fugawi UK Digital Maps version 2
FugawiUK-1v2 - S. England and S. Wales
Gmail Backup
Google Chrome
Google Drive
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Humax Media Controller GUI
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
Intel® Matrix Storage Manager
Internet Explorer (Enable DEP)
Java 7 Update 55
Java Auto Updater
K-Lite Codec Pack 10.2.0 Basic
Launch Manager
Malwarebytes Anti-Malware version 2.0.4.1028
MediaCoder 0.8.28.5582
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Office Suite Activation Assistant
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
Optical Drive Power Management
Orion
PowerDVD
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype™ 6.11
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Visual Studio 2012 x86 Redistributables
Windows Resource Kit Tools - SubInAcl.exe
Winmail Opener 1.4
Xvid 1.2.1 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
15/01/2015 15:02:39, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
13/01/2015 14:05:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
13/01/2015 14:05:34, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/01/2015 21:52:13, Error: Service Control Manager [7024] - The Dritek WMI Service service terminated with service-specific error 0 (0x0).
12/01/2015 18:12:35, Error: Service Control Manager [7000] - The Update RightSurf service failed to start due to the following error: The system cannot find the path specified.
09/01/2015 19:10:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
.
==== End Of File ===========================

Offline

#2 2021-03-02 05:42:51

Ollester
Member
Registered: 2021-01-11
Posts: 64

Re: Am I infected?

Welcome aboard

Please, observe following rules:
Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

Download RogueKiller from one of the following links and save it to your Desktop

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/top … l-windows/

Download  Malwarebytes Anti-Rootkit (MBAR) to your desktop.
Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Double click on downloaded file. OK self extracting prompt.
MBAR will start. Click "Next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
"mbar-log-{date} (xx-xx-xx).txt"
"system-log.txt"
NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

Offline

Board footer

Powered by FluxBB