just a simple system checkup plz

I haven’t been on here for here awhile and remembering how good the malware experts are, i haven’t forgotten this forum still my no.1 Anyway i have been lurking around the past couple of weeks with essexboy and magna86’s work. i don’t have any infection to my experience but i have been using infected usbs and downloading torrents, but let’s just say my system’s infected somewhere and note that i don’t have internet on my computer since i lost my portable modem awhile ago, no avast/mbm on my computer either but i thought too big to download from my ph as i don’t have enuff data pack for a 100+ mb softwares and i’m posting this from my phone and i’ll be using it for your instructions, just wondering if you guys could help me out in this situation thanx Happy New Year

for a check, we need logs http://forum.avast.com/index.php?topic=53253.0
Malwarebytes / OTL / aswMBR

but i have been using infected usbs..............
free MCShield USB protector www.mcshield.net

Thankyou pondus, you changed your profile pic

yepp … ManU logo is gone, many others was using it ;D

when i click on mcshield it takes me to a site should i click the “mcshield 2” the huge button on the top right,

Hello,

At the top there should be a downloads tab. Click that then way off to the top-right “Download Fresh New version of MCShield 2”. That’s the one you want

i can’t find mcshield logs, it said no malwares found immediately after insert, as for answ…logs mine is win8 here are the logs

one more left

start > all programs > MCShield > logs > all scans

That’s what i’m talking about pondus, that instruction is for win8 predecessors, when i go start in win8, the metro style appears; its different.

I dont have W8 so have no idea where stuff are…maybe a W8 user can tell you
Anyway malware experts should be online later and guide you

Thankyou pondus

Hi,

Yours OTL’s log is actually RogueKiller’s log. ;D

Please download Farbar Recovery Scan Tool (
http://www.mcshield.net/personal/magna86/Images/FRST_canned.png
) by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Edit:

…and post me aswMBR logs (guide from here) as well:
http://forum.avast.com/index.php?topic=53253.0

Hi magna86
ansMBR is not yet compatible with win8 as the guide said and the site “Farbar Recovery…” gave me a site saying “unfortunately the page your looking for is not here” somethin like that

Farbar link is working here, try again…

idk what’s wrong but after about 4 tries it still said unfortunately page not available, i downloaded farbar otherways for bit 64 and it worked heres the log

idk wat’s wrong but everytime i try it says unfortunately the page is not avaiable but i got farbar somehow and it worked on FRST for 64 bit heres the logs

Hi augustus,

My apologies for aswMBR and Windows 8, I was not pay attention. :-\ I waited the primary logs …

You have been attach the FRST.txt log under the name of “Addition.txt”.
Ok, let’s start from bigining…

Windows 8 is the first Microsoft’s cloud operating system. How M$ was the target of many users (the most famous criticism is the lack of Start button and Start menu), M$ has released a free update for Windows 8 , simply called as Windows 8.1. Win8 and Win8.1, although at first look looks very similar, they are not. They have different kernel. Windows 8.1 is much better and more stable and improvements over Win8.
Moreover, M$ has worked a lot in “under the hood” of Win8 (8.1) and it can be considered as twiked Windows 7.

Why I’m writing all this?
Well, first after this maware check-cleaning, I recommend to you to visit Windows Store and download&install this free 8.1 update.
Difference and changelos Win8.1 compared to Win8 you may found on the Internet.
Also, still there is no registry cleaner or somekind windows 8 twiker that is compatible with the Win8. They will be run on an 8 but they work on heuristics for Windows 7.
M$ has already done a fantastic job by twiking Win8 and if any software claims that he will speed up Win8, you need to know that is a lie !

(IObit) D:\Advanced SystemCare 4\ASCService.exe
Therefore, the recommendation is to remove the software from your system. + IOBit has malicious with malwarebytes, see here: https://forums.malwarebytes.org/index.php?showtopic=29681

PS: MCShield is recommended to be located by default %program files (86)%

(MyCity) D:\[b]my tools[/b]\MCShield\MCShieldRTM.exe

Next, RogueKiller is powerfull Anti-Malware tool for specific infections. RK isn’t diagnostic tool.
These keys …

¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
...they are not malware related.

Extra File Scanning check:

Please go to: VirusTotal

[*] Click the Choose File button.
[*] Please copy/paste the following text into the ‘File name:’ box:

    C:\Windows\system32\Drivers\uolvllek.sys  

[*] Click Open then click the Scan it! button just below.
[*] This will scan the file. Please be patient.
[*] If you get a message saying File already analyzed: click Reanalyse
[*] Once scanned, copy and paste the URL from your browser address bar in your next reply.

Next …

Re-run FRST. This time I shall need FRST.txt and Addition.txt

[*]Double-click to run it.
[*]Under Optional Scan ensure Addition.txt are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The shall make also another log (Addition.txt). Please attach it to your reply.

Edit post:
typo

thanks alot but i’m also confused here
i used iobit a awhile back ago and it found five viruses and cleaned it but after another while i installed iobit and it again said it found 5 viruses and cleaned again so i just decided to keep it. what’s up with that?

If you ask me, IOBit is just an blotware software. IOBit as such will never be allowed to run on my host system or on any client computer that I privately kept in alive.

I gave you a high recommendation, of course, it’s up to you if you’ll listen to it or not. :wink:

Please continue with Virustotal and posting fresh bouth FRST report.