Home > Am I > Am I Infected? DDs Logs

Am I Infected? DDs Logs

Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log I am still working on this, but I had to take a break b/c I (and other family members) have needed the computer for work. Do you really trust the source? The requested name is valid, but no data of the requested type was found. 10/22/2011 6:45:28 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={508EF757-A614-4F69-B213-2BC351F083CE}:The initial Secure Socket Tunneling Protocol request could not be this contact form

I don't remember if has ever been changed. Thanks! Adobe Flash Player Flash Player out of Date! Back to top #4 Jo* Jo* SuperMember Malware Team 1,196 posts Posted 25 January 2014 - 07:19 AM Hello jeff matthews,why do you think the machine is "heavily infected"?P2P - I

PLEASE TURN OFF YOUR CAPS LOCK. Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll TB: {D4FA7277-A69D-40AF-9280-58690CE75087} - No File TB: {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll BHO: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - UrlHelper Class BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - Yontoo Layers BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Yahoo!

Share this post Link to post Share on other sites AdvancedSetup    Staff Root Admin 63,886 posts Location: US ID: 69   Posted March 7, 2011 Please remove any and all R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe I am including a screenshot taken right after the Ad-Aware uninstall -- before my 1st post to this forum -- showing a Windows Defender alert I may have responded to inappropriately Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes

Back to top #12 Broni Broni The Coolest BC Computer BC Advisor 41,488 posts OFFLINE Gender:Male Location:Daly City, CA Local time:02:09 PM Posted 22 May 2013 - 10:14 PM ive UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log David Houlihan — were removed in the wake of that report, as were at least two other care providers.

A small box will open, with an explanation about the tool. Using the site is easy and fun. Contents of the 'Scheduled Tasks' folder . 2011-11-06 c:\windows\Tasks\RMSchedule.job - c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-11-06 06:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-05-30 16:50 22408 LAN connected.

The service key does not exist. https://forums.malwarebytes.org/topic/131792-help-i-am-infected-with-malware/ If you are sure it is unnecessary, I can remove it.The Norton AV remnant should be removed.Thanks! The requested name is valid, but no data of the requested type was found. 10/22/2011 6:46:29 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={9176B2D4-213B-44EF-AD9F-C572F83D0F1F}:The initial Secure Socket Tunneling Protocol request could not be Tonight Cloudy.

Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT weblink Program finished at: 05/22/2013 02:56:04 AM Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s) Back to top #8 Broni Broni The Coolest BC Computer BC Advisor 41,488 posts OFFLINE The detailed error message is provided below. Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 7/13/2010 4:18:38 PM System Uptime: 10/29/2011 2:03:58 PM (2 hours ago) .

This can be due to network connectivity issues or certificate (trust) issues. It has done this 1 time(s). Bush Lewis receives 4 literary awards for 'March: Book Three' AP Analysis: Road trips end badly for Packers, Steelers A song goes viral after Women's March on Washington 'Every Minute Counts' navigate here Purchase a digital-only subscription now for unlimited online access to local news and information.

Share this post Link to post Share on other sites whattodo    New Member Topic Starter Members 48 posts ID: 58   Posted February 20, 2011 Hi, again -- I am It's free. That is the system configuration and setup partition.


Correct the problem and try again. Don't knowingly lie about anyone or anything. What the Tech → Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal Javascript Disabled Detected You currently have javascript disabled. This service might not be installed.

Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.Do not install RP293: 10/22/2011 3:16:49 PM - Windows 7 Service Pack 1 RP294: 10/22/2011 11:14:28 PM - Windows Update RP296: 10/24/2011 8:25:10 AM - Windows Modules Installer RP297: 10/24/2011 8:27:01 AM - Windows C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files his comment is here Thanks for your understanding.I will return as soon as possible with more instructions.*** Graduate of the WTT Classroom Cheers,Jo Back to top #3 jeff matthews jeff matthews Advanced Member Authentic Member

Helpers here look for topics with zero replies, and if you have replied to your own topic they will assume you're already being helped. I think one of the guys on the team may use it though and they might be able to help you with it better.The GFI tool though not perfect either does Backup any files that cannot be replaced. ZoneAlarm Antivirus Antivirus up to date! (On Access scanning disabled!)`````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version Adobe Flash Player 10 Flash Player out of

Then I can consider trying a clean install, if our fixes haven't fixed things. It may cause a delay in my replies.