Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Is my Computer ok?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Is my Computer ok?

Unread postby MESA » December 26th, 2014, 11:19 am

Hi there,my computer isn't showing any visable signs of malware at the moment but avast blocked a copule of thind and I would really appreciate if someone could check my logs to make sure everything is ok please?P.s there was too much to post in one post so I had to post both logs in seperate posts.Thank you.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by Comet at 15:01:49 on 2014-12-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4000.2472 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: -{9030D464-4C02-4ABF-8ECC-5164760863C6} - <orphaned>
BHO: -{B4F3A835-0E21-4959-BA22-42B3008E02FF} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{7EBDDF97-D62B-4DBF-854F-87BED32D7D47} : DHCPNameServer = 194.168.4.100 194.168.8.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - <no file>
x64-SSODL: WebCheck - <orphaned>
Hosts: 0.0.0.0 fr.a2dfp.net
Hosts: 0.0.0.0 m.fr.a2dfp.net
Hosts: 0.0.0.0 mfr.a2dfp.net
Hosts: 0.0.0.0 ad.a8.net
Hosts: 0.0.0.0 asy.a8ww.net
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Comet\AppData\Roaming\Mozilla\Firefox\Profiles\sf6r2y69.default-1406561880196\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - http://www.google.co.uk
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-11-22 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-11-22 267632]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-1-17 137312]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-1-17 211552]
R0 vidsflt67;Acronis Disk Storage Filter (67);C:\Windows\System32\drivers\vsflt67.sys [2013-1-17 146528]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-11-22 436624]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-11-22 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-11-22 83280]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-11-22 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-22 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-3-24 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-3-24 969016]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-24 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-3-24 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-3-24 63704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-26 533096]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-1-17 367200]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-3-26 158976]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-1-17 3459024]
S4 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-6-28 5915352]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-12-20 15:32:12 -------- d-----w- C:\Program Files\CCleaner
2014-12-18 11:53:04 -------- d-----w- C:\Users\Comet\AppData\Local\Macromedia
2014-12-18 11:52:57 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-18 11:52:56 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-18 11:52:36 -------- d-----w- C:\Users\Comet\AppData\Local\Adobe
2014-12-18 10:27:19 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 10:27:19 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-10 10:58:49 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 10:45:13 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 10:45:13 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 10:45:13 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 10:45:13 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 10:45:13 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 10:45:12 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 10:45:12 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 10:45:12 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 10:45:12 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 10:45:12 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 10:43:59 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
.
==================== Find3M ====================
.
2014-12-26 12:28:02 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-23 10:24:16 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-11-22 22:24:02 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-11-22 22:24:02 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-11-22 22:24:02 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-11-22 22:24:02 43152 ----a-w- C:\Windows\avastSS.scr
2014-11-22 22:24:02 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-11-22 22:24:02 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-11-22 22:24:02 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 06:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 06:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 06:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
.
============= FINISH: 15:02:28.48 ===============
Last edited by MESA on December 26th, 2014, 5:33 pm, edited 1 time in total.
MESA
Regular Member
 
Posts: 35
Joined: January 17th, 2013, 3:11 pm
Advertisement
Register to Remove

Re: Assistance needed please

Unread postby MESA » December 26th, 2014, 11:30 am

It wont let me post the attach.txt log.It is really really long as it contains all the entries from my hosts file?
MESA
Regular Member
 
Posts: 35
Joined: January 17th, 2013, 3:11 pm

Re: Is my Computer ok?

Unread postby wannabeageek » December 27th, 2014, 10:05 pm

Hi MESA,

Post the attach.txt log in your next post. If it exceeds the limit for a standard post, load it as an attachment.

wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Is my Computer ok?

Unread postby MESA » December 28th, 2014, 9:18 am

Hi Thank you.
I had to add it as an attachment as it did indeed exceed the limit.
You do not have the required permissions to view the files attached to this post.
MESA
Regular Member
 
Posts: 35
Joined: January 17th, 2013, 3:11 pm

Re: Is my Computer ok?

Unread postby wannabeageek » December 29th, 2014, 12:21 am

Hi MESA,

Logs look ok so far. I noticed you have CCleaner installed. It is a good program other than the registry cleaner as part of bundle. We do not recommend the use of "registry cleaners" of any type. They serve little or no purpose, and will give no discernible improvement to the performance of your computer.

Lets have a deeper look. Please run the following:

FRST - Farbar Recovery Scanner Tool for Vista-W7 Image

Please download FRST64.exe ... by Farbar. Save it to your desktop.

  1. Right click on FRST64.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt it to your reply.
    The first time the tool is run, it makes also another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Is my Computer ok?

Unread postby MESA » December 29th, 2014, 6:52 am

Hi there.
Thank you for looking over my logs.As my computer isn't showing any malware symptoms and the initial logs appear fine I'm quite happy to leave it it that if that's ok?
It was just for peace of mind really.
Thank you very much.
MESA
Regular Member
 
Posts: 35
Joined: January 17th, 2013, 3:11 pm

Re: Is my Computer ok?

Unread postby NonSuch » December 30th, 2014, 1:28 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 42 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware