Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : NickD [Admin rights]
Mode : Scan – Date : 07/18/2013 09:22:36
| ARK || FAK || MBR |
here are the logs
also why does roguekiller find google update as malicious?
and i have delete the java sun folder from appdata (got rid of java long ago, dont know why remnants are there as i used a java remover i believe)
result of the 3 scans 9 this program is good, picked up roboot that no other antivirus thought was malicious
for the otl scan i only saw otl log, no extra log
[*]Wait for initial scan to finish - if there is any query, click No;
[*]Click Scan button and wait until the full scan is complete;
[*]Click Save … - save the report to the Desktop (named Gmer1 );
[*]Right-click wherever in the GMER’s window and select Options > 3rd party - click the Scan button;
[*]Please wait until the full scan is complete;
[*]Click Save … button and save report to Desktop (named Gmer2 );
note: time scan for Gmer2 log may take some time
[*]Click the >>> and select Autostart card;
[*]After quick scan, click Copy button;
[*]Open notepad and Paste text. Save report to the Desktop (named Gmer3 )
Attach here all Gmer logreports. (Gmer1; Gmer2 and Gmer3)
about the combofix, it was ran many times during a infection under malwarebytes forum malwarepro mrcharlie
ran kaspersky scan and they said
Vulnerabilities (2)
Information about applications and operating system components in which vulnerabilities have been detected.
C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
i dont understand that as its uptodate
edit: running your scans now
edit: gmer logs too large to attach
[*] Click on MoveIt! button; OTM may ask to reboot the machine. Please do so if asked.
[*]Copy/Paste the contents under the Results line here in your next reply.
[i]Note:It will also create a log in the C:_OTM\MovedFiles - open the newest .log file present, and copy/paste the contents of that document back here in your next post.
[*]
You mean if i have evidence of browser redirects? nope , system is fast( at one time it was slow because i had malwarebytes pro and it affected my audio , but i did some fixes so everything is alright)
i thought i had a rootkit because of rogue killer (its in my first post above) results
edit: gonna run the program now
Then click the Run Fix button at the top.
Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
OTM by OldTimer - Version 3.1.21.0 log created on 08072013_131042
Files moved on Reboot…
File move failed. C:\Users\PatricK\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
========== FILES ==========
c:\users\PatricK\AppData\Local\tjnet\cdloader folder moved successfully.
c:\users\PatricK\AppData\Local\tjnet folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\Upgrade folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\ug00000 folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\st00000 folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\lr00001 folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\lr00000 folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp\in00000 folder moved successfully.
c:\users\PatricK\AppData\Roaming\mjusbsp folder moved successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 08072013_132452