Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help with Firewall/Hacker

23 Jul 2013   #21
DigitalOctave

Windows x64
 
 
ADW log

here you go




Attached Files
File Type: txt AdwCleaner[S1].txt (3.1 KB, 2 views)
My System SpecsSystem Spec
.
23 Jul 2013   #22
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Open Notepad. Inside Notepad paste the highlighted text inside Notepad


start
C:\Users\Enrique\AppData\Local\Temp\GBLCY.exe
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048 2013-04-05] ()
HKCU\...\Run: [Dargon] - C:\Dargon\DargonD.exe [x]
HKCU\...\Run: [WindowsUpdatevisd] - C:\Users\Enrique\OEPTK\HTWAQ.vbs [1382121 2013-07-06] ()
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {21A51130-7285-49FE-B3F6-2385CC71CDEA} URL =
BHO-x32: Yealt Class - {40C78C4E-5AE5-4762-9B7D-D2DE31B03B77} - C:\Windows\SysWow64\yealt.dll (Yealt)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
cmd: netsh winsock reset
cmd: ipconfig /flush dns
C:\Users\Enrique\AppData\Roaming\JvXsG
C:\Users\Enrique\AppData\Roaming\QMBVL
C:\Users\Enrique\AppData\Roaming\nBLut
C:\Users\Enrique\AppData\Roaming\JEsNE
C:\32788R22FWJFW
C:\Windows\Tasks\SA.DAT
end


Click on File ===> Save As
File Name: Fixlist.txt
Save as type: All Files
Location: Desktop

Click on the Save button

Open FRST64.exe and click on the [Fix] button. Once done it will create a new log called Fixlog.txt Upload the new Fixlog.txt with your reply.

Once done run these two programs next

TDSSKILLER

download link TDSSKiller

Right-click TDSSKILLER.exe select


When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System

Click: OK


Press: Start Scan


If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue
If malicious objects are found, they show in the Scan results.
Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)


When done, the tool outputs its log to the disk with the Windows Operating System, normally C:\


Logs have a name like:
C:\TDSSKiller.X.X.X_12.04.2013_15.31.43_log.txt


Please post the TDSSKiller log in your reply.

On
Hold down Control and click on ESET Online Scanner to open ESET OnlineScan in a new window
Click the button
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

On or
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Right click on choose on your desktop
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
My System SpecsSystem Spec
23 Jul 2013   #23
DigitalOctave

Windows x64
 
 
Logs

Still here, its taking a while for ESET here are the first 2 for now
My System SpecsSystem Spec
.

23 Jul 2013   #24
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Uninstall these programs

Daemons Tools lite ( reason : causes BSODs on Windows 7 )
McAfee ( BSOD issue and not as good of a antivirus )
RegCleanPro ( don't need a reg cleaner for windows 7 )

After you remove Mcafee run the tool below

MCPR < download link
My System SpecsSystem Spec
23 Jul 2013   #25
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Don't see any logs uploaded .
My System SpecsSystem Spec
23 Jul 2013   #26
DigitalOctave

Windows x64
 
 

sorry for that


Attached Files
File Type: txt Fixlog.txt (5.6 KB, 1 views)
File Type: txt TDSSKiller.2.8.18.0_23.07.2013_03.17.57_log.txt (251.6 KB, 2 views)
My System SpecsSystem Spec
23 Jul 2013   #27
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Tdsskiller came out clean . Once the ESET is complete restart the PC .
My System SpecsSystem Spec
23 Jul 2013   #28
DigitalOctave

Windows x64
 
 

So far its found 4 Win32/BitCoinMiner.p Applications
Its stuck at 56 scanning through steam
5 Trojans at 91% going through cookies
My System SpecsSystem Spec
23 Jul 2013   #29
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Once ESET is done and you restart the PC . Rerun FSS to see where we stand on the services .

Then run RogueKiller

RogueKiller for 32bit <==== Download Link

RogueKiller for 64bit <==== Download Link

Click on one of the links above that goes with your Windows 7 bit versions

Save to the Desktop.

Close all windows and browsers

Right click on and choose

Press: SCAN

provide the RKreport.txt (Mode: Scan) in your reply.
My System SpecsSystem Spec
23 Jul 2013   #30
DigitalOctave

Windows x64
 
 

91% scanning through cookies
My System SpecsSystem Spec
Reply

 Help with Firewall/Hacker




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows firewall blocking .exe file even after firewall is disabled
Hey everyone, This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out. I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...
System Security
Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall i
I have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...
System Security
Windows Firewall starts with 3rd party firewall installed and active
Hi guys, Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running? It makes me nervous! :confused: I have a fresh installation of Comodo Internet Security. The only reason I knew it was running was because I got the message after a reboot,...
System Security
Can't share network with firewall on, can't reset firewall to default
I suddenly noticed my desktop wasn't on the network any more. On inspection, network discovery and file sharing was disabled. I tried to enable it, but it would not. I found out if I turned off the firewall it worked fine. I tried to reset the firewall to default, but I get "Could not restore the...
Network & Sharing
Windows Personal Firewall service and Mcafee firewall not turning on
I have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps: Download both...
System Security
eset firewall and anti virus or whats the best firewall with windows
IS the esset firewall any worth comparied to comando? or outpost or others? I know its mainly a anti virus with built in firewall but does is it worth it? is comando the best?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:38.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App