Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Chasing something...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Chasing something...

Unread postby geniusless » March 6th, 2013, 9:41 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 17:41 on 06/03/2013 by Owner
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa]
"auditbaseobjects"= 0x0000000000 (0)
"auditbasedirectories"= 0x0000000000 (0)
"crashonauditfail"= 0x0000000000 (0)
"fullprivilegeauditing"=00 (REG_BINARY)
"Bounds"=00 30 00 00 00 20 00 00 (REG_BINARY)
"LimitBlankPasswordUse"= 0x0000000001 (1)
"LmCompatibilityLevel"= 0x0000000003 (3)
"NoLmHash"= 0x0000000001 (1)
"Notification Packages"="scecli"
"Security Packages"="kerberos msv1_0 schannel wdigest tspkg"
"Authentication Packages"="msv1_0"
"LsaPid"= 0x00000002ec (748)
"SecureBoot"= 0x0000000001 (1)
"ProductType"= 0x0000000003 (3)
"disabledomaincreds"= 0x0000000000 (0)
"everyoneincludesanonymous"= 0x0000000000 (0)
"forceguest"= 0x0000000000 (0)
"restrictanonymous"= 0x0000000000 (0)
"restrictanonymoussam"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\AccessProviders]
"ProviderOrder"="Windows NT Access Provider"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"="%SystemRoot%\system32\ntmarta.dll"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Audit]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Audit\AuditPolicy]
(Unable to open key)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Audit\PerUserAuditing]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Audit\PerUserAuditing\System]
(Unable to open key)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Credssp]
"DebugLogLevel"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Data]
"Pattern"=71 cc 64 73 f3 34 e9 40 b0 21 f7 09 58 64 3f 29 (REG_BINARY)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\FipsAlgorithmPolicy]
"Enabled"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\GBG]
"GrafBlumGroup"=73 2f 85 a8 8b 1a dd f3 59 (REG_BINARY)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\JD]
"Lookup"=c0 27 bc 04 7c ec (REG_BINARY)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Kerberos]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Kerberos\Domains]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Kerberos\HostToRealm]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Kerberos\Parameters]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\MSV1_0]
"Auth132"="IISSUBA"
"NtlmMinClientSec"= 0x0000000000 (0)
"NtlmMinServerSec"= 0x0000000000 (0)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\Skew1]
"SkewMatrix"=47 f2 3c 1d c3 a2 f7 d6 d9 1c c4 99 36 ad 42 9b (REG_BINARY)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\SSO]
(No values found)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\lsa\SspiCache]
(No values found)


-= EOF =-
geniusless
Regular Member
 
Posts: 42
Joined: February 28th, 2013, 11:24 pm
Advertisement
Register to Remove

Re: Chasing something...

Unread postby askey127 » March 7th, 2013, 7:35 am

geniusless,
Unless there are compelling reasons to install Java for a particular website, I would leave it OFF your computer .
It has been (and still is right now) a serious security risk.
https://www.computerworld.com/s/article/9237124/Researcher_unearths_two_new_Java_zero_day_bugs

From what I can see, the machine looks normal to me, at this point.
Tell me how the machine is behaving for you.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Chasing something...

Unread postby geniusless » March 7th, 2013, 12:56 pm

It feels better. It did crash a couple times yesterday, got the blue screen...
geniusless
Regular Member
 
Posts: 42
Joined: February 28th, 2013, 11:24 pm

Re: Chasing something...

Unread postby geniusless » March 7th, 2013, 1:10 pm

so if I notice any java installed in install/uninstall programs I should remove it, can i block it from ever happening?
geniusless
Regular Member
 
Posts: 42
Joined: February 28th, 2013, 11:24 pm

Re: Chasing something...

Unread postby askey127 » March 7th, 2013, 2:57 pm

The only way it will ever happen is if you allow "Java Updater" in your installed programs, or if you allow some website to talk you into installing Java so you can view their site.
You uninstalled all the Java stuff after my first reply (I hope).

Do you want to check the hard drive for defects that might cause a blue screen?
Hardware failures or problems are most often the cause.
If software is responsible, it's usually a driver file.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Chasing something...

Unread postby geniusless » March 7th, 2013, 3:22 pm

You have been a great help so far, I wouldn't mind going on if you don't :) Although you are here to help people with malware, not hardware lol... Actually let's call it good, I can handle hardware, and driver issues.
geniusless
Regular Member
 
Posts: 42
Joined: February 28th, 2013, 11:24 pm

Re: Chasing something...

Unread postby askey127 » March 7th, 2013, 5:22 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 42 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware