TechSpot

Adware, popups and dinging

By GoneBajaSR
Sep 28, 2013
  1. Hi: appreciate the guidance from here...will post log files as directed.

    thx

    jp

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.09.28.01

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16688
    Lana :: LANA-PC [administrator]

    Protection: Enabled

    9/27/2013 7:19:57 PM
    mbam-log-2013-09-27 (19-19-57).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 203763
    Time elapsed: 4 minute(s), 19 second(s)

    Memory Processes Detected: 2
    C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> 2152 -> No action taken.
    C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 2008 -> Delete on reboot.

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 10
    HKCR\CLSID\{d77aa852-def3-43cb-a3f5-bd679de72f32} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCR\TypeLib\{c3c45c5f-2f1b-4012-a854-f89dc99f2335} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCR\Interface\{7F66829F-F442-431F-AF59-E4474505A67A} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32} (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
    HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\Update lucky leap (PUP.Optional.LuckyLeap.A) -> No action taken.
    HKCU\SOFTWARE\LUCKY LEAP (PUP.Optional.LuckyLeap.A) -> No action taken.

    Registry Values Detected: 1
    HKCU\Software\lucky leap|iid (PUP.Optional.LuckyLeap.A) -> Data: def_luckyleap -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 1
    C:\Program Files (x86)\lucky leap (PUP.Optional.LuckyLeap.A) -> No action taken.

    Files Detected: 13
    C:\Program Files (x86)\lucky leap\luckyleapBHO.dll (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Users\Lana\Downloads\SoftonicDownloader_for_snapseed (1).exe (PUP.Optional.Softonic) -> No action taken.
    C:\Users\Lana\Downloads\SoftonicDownloader_for_snapseed.exe (PUP.Optional.Softonic) -> No action taken.
    C:\Users\Lana\Local Settings\Temporary Internet Files\Content.IE5\LF3FUETH\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\updateluckyleap.InstallState (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\luckyleap.Common.dll (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\luckyleap.ico (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\luckyleapUninstall.exe (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\sqlite3.exe (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> No action taken.
    C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Delete on reboot.

    (end)
     
  2. GoneBajaSR

    GoneBajaSR TS Rookie Topic Starter

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16688
    Run by Lana at 11:06:26 on 2013-09-28
    Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6098.3620 [GMT -6:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\dashost.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\SysWOW64\srvany.exe
    C:\Windows\KMService.exe
    C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\lucky leap\updateluckyleap.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
    C:\Program Files (x86)\Nero\Update\NASvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\System32\dwm.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\taskhostex.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
    C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    C:\Users\Lana\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.softonic.com/MOY00016/tb_v1?SearchSource=10&cc=&mi=c8a623ad00000000000008606e455fe2
    uDefault_Page_URL = hxxp://asus13.msn.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
    BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: {D5233FCD-D258-4903-89B8-FB1568E7413D} -
    BHO: lucky leap: {d77aa852-def3-43cb-a3f5-bd679de72f32} - C:\Program Files (x86)\lucky leap\luckyleapbho.dll
    BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN24JBR03S05KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
    uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    mRun: [ASUS Easy Update] C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [Act.Outlook.Service] "C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe"
    mRun: [Act! Preloader] "C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe" -preload
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    StartupFolder: C:\Users\Lana\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Lana\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SAGEAC~1.LNK - C:\Program Files (x86)\ACT\Act for Windows\Sage.ACT.Integration.exe
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} -
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{44C843CA-1B6D-42CA-AAAD-3EA1BE0CFF02} : DHCPNameServer = 192.168.1.254
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-27 204880]
    R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-27 378944]
    R2 ActService;ACT! Service Host;C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [2011-11-15 18432]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-17 239616]
    R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-10-26 920736]
    R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-10-26 951936]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-10-26 149120]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-9-27 33400]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-27 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-27 46808]
    R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-20 166720]
    R2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-27 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-27 701512]
    R2 MSSQL$ACT7;SQL Server (ACT7);C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe [2011-9-21 61913952]
    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-20 365376]
    R2 Update lucky leap;Update lucky leap;C:\Program Files (x86)\lucky leap\updateluckyleap.exe [2013-8-29 206624]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-11-20 98472]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]
    R3 LVUVC64;@oem22.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC);C:\Windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-27 25928]
    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-10-26 683664]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
    S0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-27 65336]
    S1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-27 1030952]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
    S2 Sage ACT! Scheduler;Sage ACT! Scheduler;C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [2011-11-15 81920]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
    S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-26 645952]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2011-9-21 59744]
    S4 RsFx0150;RsFx0150 Driver;C:\Windows\System32\Drivers\RsFx0150.sys [2010-4-3 313696]
    S4 SQLAgent$ACT7;SQL Server Agent (ACT7);C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE [2011-9-21 428384]
    .
    =============== Created Last 30 ================
    .
    2013-09-28 01:18:11--------d-----w-C:\Users\Lana\AppData\Roaming\Malwarebytes
    2013-09-28 01:18:01--------d-----w-C:\ProgramData\Malwarebytes
    2013-09-28 01:18:0025928----a-w-C:\Windows\System32\drivers\mbam.sys
    2013-09-28 01:18:00--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-09-28 01:17:43--------d-----w-C:\Users\Lana\AppData\Local\Programs
    2013-09-28 01:11:5472016----a-w-C:\Windows\System32\drivers\aswRdr2.sys
    2013-09-28 01:11:5080816----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
    2013-09-28 01:11:5065336----a-w-C:\Windows\System32\drivers\aswRvrt.sys
    2013-09-28 01:11:50204880----a-w-C:\Windows\System32\drivers\aswVmm.sys
    2013-09-28 01:11:501030952----a-w-C:\Windows\System32\drivers\aswSnx.sys
    2013-09-28 01:11:3341664----a-w-C:\Windows\avastSS.scr
    2013-09-28 01:11:17--------d-----w-C:\Program Files\AVAST Software
    2013-09-28 01:10:48--------d-----w-C:\ProgramData\AVAST Software
    2013-09-27 23:05:159694160----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DB9B1B0-8ED5-45D2-9D40-285FC96A1A6A}\mpengine.dll
    2013-09-27 21:13:369694160----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2013-09-24 19:58:02--------d-----w-C:\Program Files (x86)\lucky leap
    2013-09-20 15:59:37--------d-----w-C:\Program Files (x86)\Citrix
    2013-09-20 15:58:35--------d-----w-C:\Users\Lana\AppData\Local\Citrix
    2013-09-17 22:23:27--------d-----w-C:\Users\Lana\AppData\Roaming\TeamViewer
    2013-09-17 21:51:35--------d-----w-C:\Users\Lana\AppData\Local\ElevatedDiagnostics
    2013-09-17 18:59:37144896----a-w-C:\Windows\System32\tssdisai.dll
    2013-09-16 01:37:08--------d-----w-C:\Program Files (x86)\Softonic
    2013-09-16 01:37:05--------d-----w-C:\Users\Lana\AppData\Roaming\Softonic
    2013-09-16 01:37:04--------d-----w-C:\Users\Lana\AppData\Local\Nik Software
    2013-09-16 01:36:47--------d-----w-C:\Program Files (x86)\Nik Software
    2013-09-16 00:19:50965008------w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA5D2246-A342-4E48-8D16-DDAEB43DE5BA}\gapaengine.dll
    2013-09-11 10:39:59701952----a-w-C:\Program Files\Internet Explorer\ieproxy.dll
    2013-09-10 16:13:39911032----a-w-C:\Program Files\Windows Defender\MpClient.dll
    2013-09-10 16:12:55694272----a-w-C:\Windows\SysWow64\rpcrt4.dll
    2013-09-10 16:12:551314816----a-w-C:\Windows\System32\rpcrt4.dll
    2013-09-10 16:12:532233168----a-w-C:\Windows\System32\drivers\tcpip.sys
    2013-09-10 16:07:5298304----a-w-C:\Windows\System32\apprepsync.dll
    2013-09-10 16:07:5287040----a-w-C:\Windows\SysWow64\apprepapi.dll
    2013-09-10 16:07:5274240----a-w-C:\Windows\SysWow64\apprepsync.dll
    2013-09-10 16:07:5268096----a-w-C:\Windows\System32\cryptsvc.dll
    2013-09-10 16:07:52337408----a-w-C:\Windows\System32\wintrust.dll
    2013-09-10 16:07:52261120----a-w-C:\Windows\SysWow64\wintrust.dll
    2013-09-10 16:07:521889280----a-w-C:\Windows\System32\crypt32.dll
    2013-09-10 16:07:521568256----a-w-C:\Windows\SysWow64\crypt32.dll
    2013-09-10 16:07:52124416----a-w-C:\Windows\System32\apprepapi.dll
    .
    ==================== Find3M ====================
    .
    2013-09-18 23:26:3578296----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-09-18 23:26:35694232----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-08-21 04:12:062241024----a-w-C:\Windows\System32\wininet.dll
    2013-08-21 04:11:59915968----a-w-C:\Windows\System32\uxtheme.dll
    2013-08-21 04:11:5953760----a-w-C:\Windows\System32\UXInit.dll
    2013-08-21 04:11:073959296----a-w-C:\Windows\System32\jscript9.dll
    2013-08-21 04:11:0467072----a-w-C:\Windows\System32\iesetup.dll
    2013-08-21 04:11:04136704----a-w-C:\Windows\System32\iesysprep.dll
    2013-08-21 02:34:512706432----a-w-C:\Windows\System32\mshtml.tlb
    2013-08-21 02:06:111767936----a-w-C:\Windows\SysWow64\wininet.dll
    2013-08-21 02:06:0644032----a-w-C:\Windows\SysWow64\UXInit.dll
    2013-08-21 02:05:282876928----a-w-C:\Windows\SysWow64\jscript9.dll
    2013-08-21 02:05:2561440----a-w-C:\Windows\SysWow64\iesetup.dll
    2013-08-21 02:05:25109056----a-w-C:\Windows\SysWow64\iesysprep.dll
    2013-08-21 01:43:542706432----a-w-C:\Windows\SysWow64\mshtml.tlb
    2013-08-20 23:52:56534528----a-w-C:\Windows\SysWow64\uxtheme.dll
    2013-08-16 05:41:1358200----a-w-C:\Windows\System32\drivers\dam.sys
    2013-08-16 05:39:262371728----a-w-C:\Windows\System32\WSService.dll
    2013-08-16 05:32:48209200----a-w-C:\Windows\System32\NotificationUI.exe
    2013-08-16 05:22:2240448----a-w-C:\Windows\System32\wuapp.exe
    2013-08-16 05:22:114917760----a-w-C:\Windows\System32\sppsvc.exe
    2013-08-16 05:20:30105984----a-w-C:\Windows\System32\WinSetupUI.dll
    2013-08-15 22:43:2135328----a-w-C:\Windows\SysWow64\wuapp.exe
    2013-08-15 22:43:0784992----a-w-C:\Windows\SysWow64\wudriver.dll
    2013-08-15 22:43:07126976----a-w-C:\Windows\SysWow64\wuwebv.dll
    2013-08-15 22:43:03562688----a-w-C:\Windows\SysWow64\WSShared.dll
    2013-08-15 22:43:03159232----a-w-C:\Windows\SysWow64\WSSync.dll
    2013-08-15 22:43:0283968----a-w-C:\Windows\SysWow64\OEMLicense.dll
    2013-08-15 22:43:02167424----a-w-C:\Windows\SysWow64\WSClient.dll
    2013-08-15 22:43:02143872----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
    2013-08-15 22:43:02124928----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
    2013-08-15 22:42:5276800----a-w-C:\Windows\SysWow64\setupcln.dll
    2013-08-15 22:42:4791648----a-w-C:\Windows\SysWow64\sppc.dll
    2013-08-03 04:30:144038144----a-w-C:\Windows\System32\win32k.sys
    2013-07-09 08:04:07120144----a-w-C:\Windows\System32\drivers\msgpioclx.sys
    2013-07-09 06:18:21439488----a-w-C:\Windows\System32\WerFault.exe
    2013-07-09 04:25:45385768----a-w-C:\Windows\SysWow64\WerFault.exe
    2013-07-09 03:57:19245760----a-w-C:\Windows\SysWow64\LocationApi.dll
    2013-07-08 22:46:00543744----a-w-C:\Windows\System32\wwanmm.dll
    2013-07-08 22:46:00414208----a-w-C:\Windows\System32\wwanconn.dll
    2013-07-08 22:46:00370688----a-w-C:\Windows\System32\Wwanadvui.dll
    2013-07-08 22:45:16312832----a-w-C:\Windows\System32\LocationApi.dll
    2013-07-06 00:16:171025024----a-w-C:\Windows\System32\localspl.dll
    2013-07-03 00:23:43391168----a-w-C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
    2013-07-03 00:23:12778752----a-w-C:\Windows\System32\oleaut32.dll
    2013-07-03 00:22:261300480----a-w-C:\Windows\System32\gdi32.dll
    2013-07-03 00:11:23268800----a-w-C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
    2013-07-03 00:11:02551424----a-w-C:\Windows\SysWow64\oleaut32.dll
    2013-07-02 00:44:1436288----a-w-C:\Windows\System32\drivers\WdBoot.sys
    2013-07-01 22:08:49247216----a-w-C:\Windows\System32\drivers\WdFilter.sys
    2013-06-30 22:30:1467072----a-w-C:\Windows\SysWow64\openfiles.exe
    2013-06-30 22:29:2277312----a-w-C:\Windows\System32\openfiles.exe
    .
    ============= FINISH: 11:06:34.04 ===============
     
  3. GoneBajaSR

    GoneBajaSR TS Rookie Topic Starter

    Mistake, will repost
     
  4. GoneBajaSR

    GoneBajaSR TS Rookie Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 8
    Boot Device: \Device\HarddiskVolume2
    Install Date: 4/9/2013 2:27:57 PM
    System Uptime: 9/27/2013 3:02:26 PM (20 hours ago)
    .
    Motherboard: ASUSTeK COMPUTER INC. | | CM6330_CM6630_CM6730_CM6830
    Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz | LGA1155 | 3101/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 150 GiB total, 81.993 GiB free.
    D: is FIXED (NTFS) - 765 GiB total, 765.158 GiB free.
    E: is CDROM (UDF)
    G: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP27: 9/15/2013 7:36:30 PM - Installed Snapseed
    RP28: 9/24/2013 4:45:04 PM - Windows Update
    RP29: 9/27/2013 7:11:03 PM - avast! Free Antivirus Setup
    .
    ==== Installed Programs ======================
    .
    ???
    ????
    Adobe Reader X (10.1.8) MUI
    AI Suite II
    AMD APP SDK Runtime
    AMD Catalyst Install Manager
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ASUS Easy Update
    ASUS Music Maker
    ASUS MX Suite
    ASUS Video easy
    ASUSDVD
    avast! Free Antivirus
    Bing Bar
    Bonjour
    Catalyst Control Center
    Catalyst Control Center - Branding
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    Catalyst Control Center Profiles Desktop
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Citrix Online Launcher
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dropbox
    eManual
    Firebird SQL Server - MAGIX Edition
    Fotogalerie
    Galeria de Fotografias
    Galerie de photos
    Galería de fotos
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToMeeting 5.8.0.1189
    HP FWUpdateEDO2
    HP Officejet Pro 8600 Basic Device Software
    HP Officejet Pro 8600 Help
    HP Officejet Pro 8600 Product Improvement Study
    HP Update
    HPDiagnosticAlert
    HydraVision
    I.R.I.S. OCR
    iCloud
    Intel(R) Management Engine Components
    Intel® Trusted Connect Service Client
    iTunes
    lucky leap 3.0.0
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft Application Error Reporting
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft SkyDrive
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2008 R2 (64-bit)
    Microsoft SQL Server 2008 R2 Native Client
    Microsoft SQL Server 2008 R2 RsFx Driver
    Microsoft SQL Server 2008 R2 Setup (English)
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft SQL Server Browser
    Microsoft SQL Server VSS Writer
    Microsoft Sync Framework 2.0 Core Components (x86) ENU
    Microsoft Sync Framework 2.0 Provider Services (x86) ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Movie Maker
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2758694)
    Nero 12 Essentials OEM.a01
    Nero ControlCenter
    Nero ControlCenter Help (CHM)
    Nero Core Components
    Nero Express
    Nero Express Help (CHM)
    Nero Launcher
    Nero Update
    Photo Common
    Photo Gallery
    Prerequisite installer
    Raccolta foto
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    S?????? f?t???af???
    Sage ACT! Pro 2012
    Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
    Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
    Snapseed
    Softonic toolbar on IE and Chrome
    SQL Server 2008 R2 Common Files
    SQL Server 2008 R2 Database Engine Services
    SQL Server 2008 R2 Database Engine Shared
    Sql Server Customer Experience Improvement Program
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Why ASUS PC
    Windows Live
    Windows Live ???
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/27/2013 3:33:05 PM, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
    9/24/2013 6:47:59 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user Lana-PC\Lana SID (S-1-5-21-2420420098-1629028483-150908305-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftMahjong_1.6.4.30605_x86__8wekyb3d8bbwe SID (S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================
     
  5. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==================================

    [​IMG] Your MBAM log says "No action taken">
    Re-run MBAM fix all issues and post new log.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...