Welcome to GeekPolice!
Homeslow computer
Page 3 of 4 • 
1, 2, 3, 4 
- Superdave
Security Officer
-
OS : Windows 8.1 and a dual-boot with XP Home SP3
Anti-Malware : MSE, Windows Defender, Windows firewall
Posts : 4253
Rubies : 61714
Likes : 28 
Superdave on 26th July 2012, 7:38 pm
That's great. Now we can continue to see what's left over.
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1
Link 2
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*******************************************************
Please download Rooter and Save it to your desktop.
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1
Link 2
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*******************************************************
Please download Rooter and Save it to your desktop.
- Double click it to start the tool.Vista and Windows7 run as administrator.
- Click Scan.
- Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.
- Denny978
Intermediate
-
OS : windows xp
Posts : 133
Rubies : 4818
Likes : 0 -
Denny978 on 26th July 2012, 9:18 pm
Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.62.0.1300
HijackThis 2.0.2
JavaFX 2.1.1
Java(TM) 6 Update 21
Java(TM) 7 Update 5
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.62.0.1300
HijackThis 2.0.2
JavaFX 2.1.1
Java(TM) 6 Update 21
Java(TM) 7 Update 5
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
- Denny978Intermediate
-
OS : windows xp
Posts : 133
Rubies : 4818
Likes : 0 -
Denny978 on 26th July 2012, 9:21 pm
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 22 Stepping 1, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 14.0.1 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:286 Go - Free:235 Go )
D:\ [CD_Rom]
Q:\ [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
.
Scan : 17:20.43
Path : C:\Users\chuck\Downloads\Rooter.exe
User : chuck ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ???:?????? (276)
______ ???:?????? (428)
______ ???:?????? (464)
______ ???:?????? (476)
______ ???:?????? (532)
______ ???:?????? (560)
______ ???:?????? (568)
______ ???:?????? (576)
______ ???:?????? (688)
______ ???:?????? (756)
______ ???:?????? (808)
______ ???:?????? (924)
______ ???:?????? (976)
______ ???:?????? (384)
______ C:\Program Files\Dell\DellDock\DockLogin.exe (460)
______ ???:?????? (652)
______ ???:?????? (1124)
______ ???:?????? (1160)
______ ???:?????? (1268)
______ ???:?????? (1304)
______ C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (1396)
______ C:\Program Files (x86)\Common Files\Motive\McciCMService.exe (1424)
______ ???:?????? (1476)
______ C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1548)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (1772)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1808)
______ C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe (1832)
______ ???:?????? (1892)
______ C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe (1952)
______ ???:?????? (1228)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (1940)
______ ???:?????? (2504)
______ ???:?????? (2572)
______ ???:?????? (2588)
______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (2640)
______ ???:?????? (2772)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (2780)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (2796)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (2944)
______ ???:?????? (3324)
______ ???:?????? (3332)
______ ???:?????? (3340)
______ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3744)
______ ???:?????? (3936)
______ C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (2892)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3236)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3108)
______ C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4564)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4876)
______ ???:?????? (4120)
______ ???:?????? (4764)
______ ???:?????? (2468)
______ ???:?????? (2208)
______ ???:?????? (620)
______ ???:?????? (4756)
______ C:\Users\chuck\Downloads\Rooter.exe (4804)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:41094144)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:41943040 | Length:12916359168)
\Device\Harddisk0\Partition3 (Start_Offset:12958302208 | Length:307113230336)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 91c00577-4e38-48ad-a3bb-04a564da01e5.job
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 98ff3b40-b21e-44c3-a8a8-5c3b444e75b9.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 17:20.48
.
C:\Rooter$\Rooter_1.txt - (26/07/2012 | 17:20.48)
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 22 Stepping 1, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 14.0.1 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:286 Go - Free:235 Go )
D:\ [CD_Rom]
Q:\ [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
.
Scan : 17:20.43
Path : C:\Users\chuck\Downloads\Rooter.exe
User : chuck ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ???:?????? (276)
______ ???:?????? (428)
______ ???:?????? (464)
______ ???:?????? (476)
______ ???:?????? (532)
______ ???:?????? (560)
______ ???:?????? (568)
______ ???:?????? (576)
______ ???:?????? (688)
______ ???:?????? (756)
______ ???:?????? (808)
______ ???:?????? (924)
______ ???:?????? (976)
______ ???:?????? (384)
______ C:\Program Files\Dell\DellDock\DockLogin.exe (460)
______ ???:?????? (652)
______ ???:?????? (1124)
______ ???:?????? (1160)
______ ???:?????? (1268)
______ ???:?????? (1304)
______ C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (1396)
______ C:\Program Files (x86)\Common Files\Motive\McciCMService.exe (1424)
______ ???:?????? (1476)
______ C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1548)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (1772)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1808)
______ C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe (1832)
______ ???:?????? (1892)
______ C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe (1952)
______ ???:?????? (1228)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (1940)
______ ???:?????? (2504)
______ ???:?????? (2572)
______ ???:?????? (2588)
______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (2640)
______ ???:?????? (2772)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (2780)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (2796)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (2944)
______ ???:?????? (3324)
______ ???:?????? (3332)
______ ???:?????? (3340)
______ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3744)
______ ???:?????? (3936)
______ C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (2892)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3236)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3108)
______ C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4564)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4876)
______ ???:?????? (4120)
______ ???:?????? (4764)
______ ???:?????? (2468)
______ ???:?????? (2208)
______ ???:?????? (620)
______ ???:?????? (4756)
______ C:\Users\chuck\Downloads\Rooter.exe (4804)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:41094144)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:41943040 | Length:12916359168)
\Device\Harddisk0\Partition3 (Start_Offset:12958302208 | Length:307113230336)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 91c00577-4e38-48ad-a3bb-04a564da01e5.job
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 98ff3b40-b21e-44c3-a8a8-5c3b444e75b9.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 17:20.48
.
C:\Rooter$\Rooter_1.txt - (26/07/2012 | 17:20.48)
- SuperdaveSecurity Officer
-
OS : Windows 8.1 and a dual-boot with XP Home SP3
Anti-Malware : MSE, Windows Defender, Windows firewall
Posts : 4253
Rubies : 61714
Likes : 28 -
Superdave on 26th July 2012, 11:02 pm
Looking over your log it seems you don't have any antivirus software.
Before we continue download and install a free antivirus.
Remember to only install one antivirus!
1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal
4) Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
4-a) Microsoft Security Essentials for Windows XP
5) Comodo Antivirus (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition
7) ThreatFire
It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
***********************************************************
click Start, right click My Computer and click manage. answer the Elevation prompt, if asked. Double click Services and Applications on the left and single click Services. look for Security Center. click Start. hopefully you wont get an error. right click Security Center in services where it says startup type, choose automatic
*************************************************************
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the
button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
Before we continue download and install a free antivirus.
Remember to only install one antivirus!
1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal
4) Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
4-a) Microsoft Security Essentials for Windows XP
5) Comodo Antivirus (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition
7) ThreatFire
It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
***********************************************************
Did you try it this way?also i try to turn on windows security service but it says service cant be started
click Start, right click My Computer and click manage. answer the Elevation prompt, if asked. Double click Services and Applications on the left and single click Services. look for Security Center. click Start. hopefully you wont get an error. right click Security Center in services where it says startup type, choose automatic
*************************************************************
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the
button.•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on to download the ESET Smart Installer. Save it to your desktop.
- Double click on the icon on your desktop.
•Check
•Click the
button.•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.•Push the
button.•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
- Denny978Intermediate
-
OS : windows xp
Posts : 133
Rubies : 4818
Likes : 0 -
Denny978 on 27th July 2012, 10:18 am
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\Drop Down Deals\YontooIEClient.dll.vir Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\Users\chuck\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com\chrome\pptextlinks.jar Win32/Adware.Gamevance.Gen application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\Drop Down Deals\YontooIEClient.dll.vir Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\Users\chuck\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com\chrome\pptextlinks.jar Win32/Adware.Gamevance.Gen application deleted - quarantined
- Denny978Intermediate
-
OS : windows xp
Posts : 133
Rubies : 4818
Likes : 0 -
Denny978 on 27th July 2012, 8:17 pm
running pretty good cant seem to get rid of ask.com search window in mozilla. i would like it to be google. ive tried changing it in internet options and searching for ask anywhere on my computer.
- Denny978Intermediate
-
OS : windows xp
Posts : 133
Rubies : 4818
Likes : 0 -
Denny978 on 27th July 2012, 8:35 pm
just tryed rebooting it was super slow restarting. I went to msconfig just to see if i could change start up to fix that a little and i see guffins broswer plugin loader...I did get hijackthis to remove guffins once i ran tdsskiller so i thought that was gone. also tired to get mcafee off here i see that in start up to
Page 3 of 4 • 1, 2, 3, 4
Similar topics
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 3 of 4
Permissions in this forum:
You can reply to topics in this forum
