We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Potential Virus - Help please
Comments
-
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-25 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-25 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-17 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-17 369584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-17 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-4-25 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-9-17 46808]
R2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 OS Selector;Acronis OS Selector activator;c:\program files\acronis\diskdirector\oss\reinstall_svc.exe [2010-5-25 2139400]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-2-26 3467768]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-6-19 1097728]
S0 kl1;kl1;c:\windows\system32\drivers\kl1.sys --> c:\windows\system32\drivers\kl1.sys [?]
S2 BITS ACS;Background Intelligent Transfer Service BITS ACS;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
S2 BITSAppMgmt;Background Intelligent Transfer Service BITSAppMgmt;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
S2 BITSwscsvc;Background Intelligent Transfer Service BITS ACS BITSwscsvc;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
S2 LmHostsClipSrvMessenger;TCP/IP NetBIOS Helper LmHostsClipSrv LmHostsClipSrvMessenger;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
S2 MSDTCHTTPFilter;Distributed Transaction Coordinator MSDTCHTTPFilter;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [2010-11-17 16968]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-1 40776]
S3 MFE_RR;MFE_RR;\??\c:\docume~1\admins\locals~1\temp\mfe_rr.sys --> c:\docume~1\admins\locals~1\temp\mfe_rr.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-4-11 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-4-11 7680]
S3 rm;rm;\??\c:\windows\system32\drivers\rm.sys --> c:\windows\system32\drivers\rm.sys [?]
S4 RapportMgmtServicestisvc;Rapport Management Service RapportMgmtServicestisvc;c:\windows\system32\activedsl.exe srv --> c:\windows\system32\activedsl.exe srv [?]
.
=============== Created Last 30 ================
.
2013-09-01 21:13:34
d
w- c:\documents and settings\admins\application data\FixZeroAccess
2013-09-01 21:07:36 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-01 21:07:36
d
w- c:\program files\Malwarebytes' Anti-Malware
2013-09-01 21:00:56
d
w- c:\documents and settings\all users\application data\HitmanPro
2013-09-01 19:25:15 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-01 08:29:05
d
w- C:\Malwarebytes
2013-08-29 18:06:57
d
w- c:\documents and settings\all users\application data\APN
2013-08-29 17:58:37
d
w- c:\documents and settings\all users\application data\Garmin
2013-08-29 17:58:37
d
w- c:\documents and settings\admins\local settings\application data\Garmin
2013-08-29 17:58:23
d
w- c:\documents and settings\admins\local settings\application data\GARMIN_Corp
2013-08-29 17:44:16
d
w- c:\program files\Garmin GPS Plugin
2013-08-29 17:44:06
d
w- c:\program files\Garmin
2013-08-14 20:27:57
d
w- c:\windows\system32\MRT
.
==================== Find3M ====================
.
2013-08-03 13:18:38 1543680 ----a-w- c:\windows\system32\wmvdecod.dll
2013-07-27 21:45:22 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-27 21:45:22 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:13 43520
w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12 1469440
w- c:\windows\system32\inetcpl.cpl
2013-07-25 17:53:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-25 17:53:50 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-25 15:52:59 385024
w- c:\windows\system32\html.iec
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 21:16:40.42 ===============Always get a Qualified opinion - My qualifications are that I am OLD and GRUMPY:p:p0 -
Go here and read through the instructions for downloading and running ComboFix:
Bleeping Computer ComboFix Tutorial- IMPORTANT! Ensure you temporarily turn off Avast before running.
Instructions here - Save combofix to your desktop.
- Double click combofix.exe & follow the prompts closely.
- Combofix may reboot the PC several times.
- When it's finished, it will automatically produce a log. Post the contents of that log.
- It can also be found on your C:\ drive named combofix.txt
0 - IMPORTANT! Ensure you temporarily turn off Avast before running.
-
Go here and read through the instructions for downloading and running ComboFix:
Bleeping Computer ComboFix Tutorial- IMPORTANT! Ensure you temporarily turn off Avast before running.
Instructions here - Save combofix to your desktop.
- Double click combofix.exe & follow the prompts closely.
- Combofix may reboot the PC several times.
- When it's finished, it will automatically produce a log. Post the contents of that log.
- It can also be found on your C:\ drive named combofix.txt
Hi Waddler_8
Chrome won't let me save combofix to the desktop and when I click on the download it runs through some stuff before a warning comes up saying that combofix can't be renamed, then it closes.
Ie won't load so can only use chrome.Always get a Qualified opinion - My qualifications are that I am OLD and GRUMPY:p:p0 - IMPORTANT! Ensure you temporarily turn off Avast before running.
-
You must have an existing copy in the downloads folder.
Go into c:\documents and settings\admins\my documents\downloads
Delete any copies of combofix named combofix(1).exe or combofix(2).exe etc
The file must be combofix.exe only.
Run it from the downloads folder if you're having trouble saving it to the desktop.0 -
You must have an existing copy in the downloads folder.
Go into c:\documents and settings\admins\my documents\downloads
Delete any copies of combofix named combofix(1).exe or combofix(2).exe etc
The file must be combofix.exe only.
Run it from the downloads folder if you're having trouble saving it to the desktop.
Hi Waddler_8.
Was able to run combofix, thanks. Using nexus to post this as laptop won't connect To internet again. Have copied the log to data stick and will post this from work pc tomorrow.
Very many thanks again.Always get a Qualified opinion - My qualifications are that I am OLD and GRUMPY:p:p0 -
Try rebooting once more, or going into the control panel > network connections & disable then re-enable your network connection.0
-
Hi waddler_8.
MSE is blocking me posting the log, even just a fraction of it. I have e-mailed the site but have you experienced this before or do you think there is a problem with the .txt file?Always get a Qualified opinion - My qualifications are that I am OLD and GRUMPY:p:p0 -
might not work, but to post the log try changing all references of system 32 to system42!!
> . !!!! ----> .0 -
Just email me the log - I'll PM you my email address.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178K Life & Family
- 260.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards