Jump to content

leavethe_biker

Members
  • Posts

    9
  • Joined

  • Last visited

Everything posted by leavethe_biker

  1. It seems to be working now. Thank you (again!)
  2. Hi and thank you! It was still happening so I restarted it. When I restarted, Webroot said that something called syswow64 werfault.exe was trying to connect to the internet. I blocked it but thought maybe this was related to my connectivity issues?
  3. Hi - thanks for re-opening this. I just have a question: I've been having issues connecting to the internet in Chrome the last few days, and it seems to be happening more and more often. I keep getting messages like this one: Unable to access the network The connection to forums.malwarebytes.org was interrupted by a change in the network connection. Here are some suggestions: Reload this webpage later. Check your Internet connection. Restart any router, modem, or other network devices you may be using. Error 21 (net::ERR_NETWORK_CHANGED): A network change was detected. Is this related to the malware? Does it mean that there's still something going on with my computer, or is it a side effect of removing the malware? Thanks!
  4. Thank you so so so much! I really appreciate it. Once I get a new credit card number I will be sure to donate
  5. Results of screen317's Security Check version 0.99.64 Windows 7 Service Pack 1 x64 (UAC is enabled) ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 Webroot SecureAnywhere Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 27 Java 7 Update 21 Adobe Flash Player 11.7.700.202 Adobe Reader 10.1.2 Adobe Reader out of Date! Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.94 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  6. It says that no threats are found. It doesn't look like there's any kind of log for me to post, though.
  7. Okay, it only ran the quick scan because apparently it didn't find anything? Here is the log. Gmer.txt
  8. Hi and thank you, Marius. I found the Malwarebytes log and after looking at it it looks clean, which makes me think I found the malware with another program. It may have been the ESET online scanner. So I apologize is this isn't helpful, but I'm pasting the Malwarebytes log anyway: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.07.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Bethany :: BETHANY-PC [administrator] Protection: Enabled 6/8/2013 8:44:49 AM mbam-log-2013-06-08 (08-44-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219972 Time elapsed: 4 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) --------------------------------------------------------- Here is the Farbar FRST text: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 02 Ran by Bethany (administrator) on 11-06-2013 07:45:59 Running from C:\Users\Bethany\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Webroot) C:\Program Files\Webroot\WRSA.exe (Microsoft Corporation) C:\windows\system32\WLANExt.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe (TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe (Intel Corporation) C:\windows\system32\igfxext.exe (Intel Corporation) C:\windows\system32\igfxsrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Microsoft Corporation) C:\windows\SysWOW64\NOTEPAD.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\windows\SysWOW64\NOTEPAD.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] [x] HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation) HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation) HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11775592 2011-01-26] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 [2188904 2011-01-18] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated) HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x] HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1519016 2011-01-28] (TOSHIBA Corporation) HKLM\...\Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-05] (Intel® Corporation) HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation) HKCU\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com) HKCU\...\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited) HKLM-x32\...\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [532480 2010-11-09] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM [34160 2010-08-16] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x] HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED [3218792 2010-08-17] (Toshiba) HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294712 2010-11-29] (TOSHIBA Corporation) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [x] HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul [733648 2013-06-08] (Webroot) HKLM-x32\...\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [5365592 2009-01-26] (Safer Networking Limited) Startup: C:\ProgramData\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) Startup: C:\ProgramData\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/ SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll () BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited) BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation) BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: No Name - {96CEA57F-AC68-4618-A1A2-DCF5428AF18B} - No File BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll () BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll () Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Chrome: ======= CHR RestoreOnStartup: "hxxp://www.google.com/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (Delta SkyMiles Shopping Assistant) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhdcobklpdnnaokdbjeldffiijoajhgp\1.0.0.6_0\plugin/DeltaSSAPlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (YouTube) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AdBlock) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0 CHR Extension: (Webroot) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab\2.0.15_0 CHR Extension: (Gmail) - C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] () R2 N360; C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132056 2012-12-13] (Symantec Corporation) S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation) R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [733648 2013-06-08] (Webroot) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130608.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130608.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130610.025\ENG64.SYS [126040 2013-06-11] (Symantec Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130610.025\ENG64.SYS [126040 2013-06-11] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130610.025\EX64.SYS [2098776 2013-06-11] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130610.025\EX64.SYS [2098776 2013-06-11] (Symantec Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-08-29] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation) R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [112616 2013-06-08] (Webroot) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-11 07:45 - 2013-06-11 07:45 - 00000000 ____D C:\FRST 2013-06-11 07:44 - 2013-06-11 07:44 - 01920272 ____A (Farbar) C:\Users\Bethany\Desktop\FRST64.exe 2013-06-11 01:04 - 2013-06-11 01:05 - 00001810 ____A C:\AdwCleaner[s8].txt 2013-06-11 01:04 - 2013-06-11 01:04 - 00001750 ____A C:\AdwCleaner[R10].txt 2013-06-11 00:45 - 2013-06-11 00:46 - 00001689 ____A C:\AdwCleaner[R9].txt 2013-06-11 00:01 - 2013-06-11 00:01 - 00688992 ____A (Swearware) C:\Users\Bethany\Downloads\dds.com 2013-06-10 23:57 - 2013-06-11 00:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-06-10 23:54 - 2013-06-10 23:54 - 00000049 ____A C:\Users\Bethany\AppData\Roaming\mbam.context.scan 2013-06-10 23:07 - 2013-06-10 23:07 - 00001868 ____A C:\AdwCleaner[s7].txt 2013-06-10 23:06 - 2013-06-10 23:06 - 00001804 ____A C:\AdwCleaner[R8].txt 2013-06-10 22:42 - 2013-06-10 22:42 - 00000324 ____A C:\AdwCleaner[s6].txt 2013-06-10 22:40 - 2013-06-10 22:42 - 00001450 ____A C:\AdwCleaner[R7].txt 2013-06-10 22:36 - 2013-06-10 22:36 - 00000000 ____A C:\ProgramData\0x0304A000.sfl 2013-06-10 22:33 - 2013-06-10 22:35 - 00001629 ____A C:\AdwCleaner[s5].txt 2013-06-10 22:33 - 2013-06-10 22:33 - 00001565 ____A C:\AdwCleaner[R6].txt 2013-06-10 22:32 - 2013-06-10 22:32 - 00000324 ____A C:\AdwCleaner[s4].txt 2013-06-10 22:31 - 2013-06-10 22:31 - 00001446 ____A C:\AdwCleaner[R5].txt 2013-06-10 22:30 - 2013-06-10 22:30 - 00001386 ____A C:\AdwCleaner[R4].txt 2013-06-09 16:25 - 2013-06-09 16:29 - 158313199 ____A C:\Users\Bethany\Downloads\Daft Punk.zip 2013-06-09 11:32 - 2013-05-06 09:39 - 09060352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-09 11:32 - 2013-05-06 09:04 - 06033408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-09 11:32 - 2013-04-10 01:47 - 00735232 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-09 11:32 - 2013-04-10 01:46 - 12294656 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-09 11:32 - 2013-04-10 01:46 - 02458112 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-09 11:32 - 2013-04-10 01:03 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-09 11:32 - 2013-04-10 01:02 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-09 11:32 - 2013-04-10 01:02 - 02078208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-09 11:32 - 2013-02-28 08:03 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-09 11:32 - 2013-02-28 07:38 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-09 11:31 - 2013-04-10 01:51 - 01492992 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-09 11:31 - 2013-04-10 01:51 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-09 11:31 - 2013-04-10 01:51 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-09 11:31 - 2013-04-10 01:47 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-09 11:31 - 2013-04-10 01:46 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-09 11:31 - 2013-04-10 01:46 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-09 11:31 - 2013-04-10 01:08 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-09 11:31 - 2013-04-10 01:07 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-09 11:31 - 2013-04-10 01:07 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-09 11:31 - 2013-04-10 01:03 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-09 11:31 - 2013-04-10 01:03 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-09 11:31 - 2013-04-10 01:02 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-09 11:31 - 2012-06-16 01:16 - 00609792 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-09 11:31 - 2012-06-16 01:15 - 00911360 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-09 11:31 - 2012-06-16 00:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-09 11:31 - 2012-06-16 00:26 - 00428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-08 19:38 - 2013-06-08 19:38 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\Panda Security 2013-06-08 19:34 - 2013-06-11 01:07 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-06-08 19:34 - 2013-06-08 19:34 - 00000000 ____D C:\ProgramData\Panda Security 2013-06-08 19:29 - 2013-06-08 19:29 - 00808224 ____A C:\Users\Bethany\Downloads\PandaCloudAntivirus.exe 2013-06-08 19:12 - 2013-06-08 19:12 - 00000000 ____D C:\Users\Bethany\AppData\Local\lptmp1034542885 2013-06-08 18:53 - 2013-06-11 01:07 - 00000758 ____A C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk 2013-06-08 18:53 - 2013-06-08 18:53 - 00150160 ____A (Webroot) C:\Windows\SysWOW64\WRusr.dll 2013-06-08 18:53 - 2013-06-08 18:53 - 00102792 ____A (Webroot) C:\Windows\System32\WRusr.dll 2013-06-08 18:52 - 2013-06-10 23:28 - 00000000 ____D C:\ProgramData\WRData 2013-06-08 18:52 - 2013-06-08 18:52 - 00112616 ____A (Webroot) C:\Windows\System32\Drivers\WRkrn.sys 2013-06-08 18:52 - 2013-06-08 18:52 - 00000000 ____D C:\Program Files\Webroot 2013-06-08 18:51 - 2013-06-08 18:51 - 00733648 ____A (Webroot) C:\Users\Bethany\Downloads\wsainstall.exe 2013-06-08 18:26 - 2013-06-08 18:26 - 00000000 __SHD C:\Windows\System32\%APPDATA% 2013-06-08 17:58 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\System32\Drivers\etc\hosts.20130608-175810.backup 2013-06-08 17:26 - 2013-06-08 17:26 - 00001032 ____A C:\AdwCleaner[R3].txt 2013-06-08 17:26 - 2013-06-08 17:26 - 00000326 ____A C:\AdwCleaner[s3].txt 2013-06-08 17:25 - 2013-06-08 17:25 - 00000973 ____A C:\AdwCleaner[R2].txt 2013-06-08 17:20 - 2013-06-10 22:57 - 00001450 ____A C:\Users\Bethany\Desktop\Spybot - Search & Destroy.lnk 2013-06-08 17:20 - 2013-06-08 17:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-06-08 17:20 - 2013-06-08 17:20 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2013-06-08 17:18 - 2013-06-08 17:18 - 16409960 ____A (Safer Networking Limited ) C:\Users\Bethany\Downloads\spybotsd162.exe 2013-06-08 13:39 - 2013-06-08 13:39 - 00000000 ____D C:\Users\Bethany\AppData\Local\Eraser 6 2013-06-08 10:31 - 2013-06-11 06:19 - 00000514 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1c2114ee-96e4-4f32-8344-c324fd979e45.job 2013-06-08 10:30 - 2013-06-11 06:19 - 00000514 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f5673223-009d-410d-b329-6b3db6302e44.job 2013-06-08 10:30 - 2013-06-08 10:30 - 00001819 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\SUPERAntiSpyware.com 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-08 10:29 - 2013-06-08 10:30 - 26074448 ____A (SUPERAntiSpyware.com) C:\Users\Bethany\Downloads\SUPERAntiSpyware.exe 2013-06-08 08:56 - 2013-06-08 08:56 - 00000000 ____D C:\Program Files (x86)\ESET 2013-06-08 08:55 - 2013-06-08 08:55 - 02347384 ____A (ESET) C:\Users\Bethany\Downloads\esetsmartinstaller_enu.exe 2013-06-08 08:42 - 2013-06-11 01:09 - 00058016 ____A C:\Users\Bethany\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-08 08:38 - 2013-06-11 01:07 - 00275712 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-08 08:38 - 2013-06-11 01:07 - 00004238 ____A C:\Windows\PFRO.log 2013-06-08 08:38 - 2013-06-11 01:07 - 00000448 ____A C:\Windows\setupact.log 2013-06-08 08:38 - 2013-06-08 08:38 - 00000000 ____A C:\Windows\setuperr.log 2013-06-08 08:34 - 2013-06-08 08:35 - 00001850 ____A C:\AdwCleaner[s2].txt 2013-06-08 08:34 - 2013-06-08 08:34 - 00000326 ____A C:\AdwCleaner[s1].txt 2013-06-08 08:33 - 2013-06-08 08:33 - 00001860 ____A C:\AdwCleaner[R1].txt 2013-06-08 08:28 - 2013-06-08 08:28 - 00640135 ____A C:\Users\Bethany\Desktop\adwcleaner.exe 2013-06-08 06:18 - 2013-06-08 06:18 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-07 23:22 - 2013-06-07 23:22 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\Malwarebytes 2013-06-07 23:21 - 2013-06-07 23:21 - 00001084 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-06-07 23:21 - 2013-06-07 23:21 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-06-07 23:21 - 2013-06-07 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-07 23:21 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-06-07 23:20 - 2013-06-07 23:20 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Bethany\Downloads\mbam-setup-1.75.0.1300.exe 2013-05-15 18:37 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-15 18:37 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2013-05-15 18:37 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe 2013-05-15 18:37 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-05-15 18:37 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-05-15 18:37 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-05-15 18:37 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll 2013-05-15 18:37 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-05-15 18:37 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-05-15 18:37 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-05-15 18:37 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-15 18:36 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-15 18:36 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2013-05-15 18:36 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2013-05-14 20:06 - 2013-05-14 20:10 - 00000000 ____D C:\ProgramData\MiMedia 2013-05-14 20:06 - 2013-05-14 20:06 - 00000000 ____D C:\Program Files\MiMedia LLC 2013-05-14 19:55 - 2013-05-14 19:55 - 00000000 ____D C:\Users\Bethany\AppData\LocalGoogle 2013-05-14 19:54 - 2013-05-14 19:54 - 00781760 ____A (Google Inc.) C:\Users\Bethany\Downloads\googledrivesync.exe ==================== One Month Modified Files and Folders ======= 2013-06-11 07:45 - 2013-06-11 07:45 - 00000000 ____D C:\FRST 2013-06-11 07:44 - 2013-06-11 07:44 - 01920272 ____A (Farbar) C:\Users\Bethany\Desktop\FRST64.exe 2013-06-11 06:49 - 2011-08-29 20:47 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cc66ae5aa3be6e.job 2013-06-11 06:47 - 2012-05-06 10:32 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-11 06:31 - 2011-07-25 12:29 - 01114998 ____A C:\Windows\WindowsUpdate.log 2013-06-11 06:19 - 2013-06-08 10:31 - 00000514 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1c2114ee-96e4-4f32-8344-c324fd979e45.job 2013-06-11 06:19 - 2013-06-08 10:30 - 00000514 ____A C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f5673223-009d-410d-b329-6b3db6302e44.job 2013-06-11 01:16 - 2009-07-14 00:45 - 00025120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-11 01:16 - 2009-07-14 00:45 - 00025120 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-11 01:09 - 2013-06-08 08:42 - 00058016 ____A C:\Users\Bethany\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-11 01:07 - 2013-06-08 19:34 - 00000000 ____D C:\Program Files (x86)\Panda Security 2013-06-11 01:07 - 2013-06-08 18:53 - 00000758 ____A C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk 2013-06-11 01:07 - 2013-06-08 08:38 - 00275712 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-11 01:07 - 2013-06-08 08:38 - 00004238 ____A C:\Windows\PFRO.log 2013-06-11 01:07 - 2013-06-08 08:38 - 00000448 ____A C:\Windows\setupact.log 2013-06-11 01:07 - 2011-07-25 12:47 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-11 01:07 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-11 01:05 - 2013-06-11 01:04 - 00001810 ____A C:\AdwCleaner[s8].txt 2013-06-11 01:04 - 2013-06-11 01:04 - 00001750 ____A C:\AdwCleaner[R10].txt 2013-06-11 00:57 - 2013-06-10 23:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-06-11 00:46 - 2013-06-11 00:45 - 00001689 ____A C:\AdwCleaner[R9].txt 2013-06-11 00:01 - 2013-06-11 00:01 - 00688992 ____A (Swearware) C:\Users\Bethany\Downloads\dds.com 2013-06-10 23:54 - 2013-06-10 23:54 - 00000049 ____A C:\Users\Bethany\AppData\Roaming\mbam.context.scan 2013-06-10 23:28 - 2013-06-08 18:52 - 00000000 ____D C:\ProgramData\WRData 2013-06-10 23:06 - 2013-06-10 23:06 - 00001804 ____A C:\AdwCleaner[R8].txt 2013-06-10 22:57 - 2013-06-08 17:20 - 00001450 ____A C:\Users\Bethany\Desktop\Spybot - Search & Destroy.lnk 2013-06-10 22:42 - 2013-06-10 22:42 - 00000324 ____A C:\AdwCleaner[s6].txt 2013-06-10 22:42 - 2013-06-10 22:40 - 00001450 ____A C:\AdwCleaner[R7].txt 2013-06-10 22:36 - 2013-06-10 22:36 - 00000000 ____A C:\ProgramData\0x0304A000.sfl 2013-06-10 22:35 - 2013-06-10 22:33 - 00001629 ____A C:\AdwCleaner[s5].txt 2013-06-10 22:33 - 2013-06-10 22:33 - 00001565 ____A C:\AdwCleaner[R6].txt 2013-06-10 22:32 - 2013-06-10 22:32 - 00000324 ____A C:\AdwCleaner[s4].txt 2013-06-10 22:31 - 2013-06-10 22:31 - 00001446 ____A C:\AdwCleaner[R5].txt 2013-06-10 22:30 - 2013-06-10 22:30 - 00001386 ____A C:\AdwCleaner[R4].txt 2013-06-09 20:00 - 2012-03-02 20:04 - 00000000 ____D C:\Users\Bethany\Desktop\music to file 2013-06-09 16:29 - 2013-06-09 16:25 - 158313199 ____A C:\Users\Bethany\Downloads\Daft Punk.zip 2013-06-09 11:19 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2013-06-08 19:38 - 2013-06-08 19:38 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\Panda Security 2013-06-08 19:34 - 2013-06-08 19:34 - 00000000 ____D C:\ProgramData\Panda Security 2013-06-08 19:29 - 2013-06-08 19:29 - 00808224 ____A C:\Users\Bethany\Downloads\PandaCloudAntivirus.exe 2013-06-08 19:12 - 2013-06-08 19:12 - 00000000 ____D C:\Users\Bethany\AppData\Local\lptmp1034542885 2013-06-08 18:53 - 2013-06-08 18:53 - 00150160 ____A (Webroot) C:\Windows\SysWOW64\WRusr.dll 2013-06-08 18:53 - 2013-06-08 18:53 - 00102792 ____A (Webroot) C:\Windows\System32\WRusr.dll 2013-06-08 18:52 - 2013-06-08 18:52 - 00112616 ____A (Webroot) C:\Windows\System32\Drivers\WRkrn.sys 2013-06-08 18:52 - 2013-06-08 18:52 - 00000000 ____D C:\Program Files\Webroot 2013-06-08 18:51 - 2013-06-08 18:51 - 00733648 ____A (Webroot) C:\Users\Bethany\Downloads\wsainstall.exe 2013-06-08 18:26 - 2013-06-08 18:26 - 00000000 __SHD C:\Windows\System32\%APPDATA% 2013-06-08 18:03 - 2011-04-07 15:13 - 00000000 ____D C:\Windows\Panther 2013-06-08 18:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-06-08 17:58 - 2009-07-13 22:34 - 00449441 ___RA C:\Windows\System32\Drivers\etc\hosts.20130610-225918.backup 2013-06-08 17:41 - 2013-06-08 17:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-06-08 17:26 - 2013-06-08 17:26 - 00001032 ____A C:\AdwCleaner[R3].txt 2013-06-08 17:26 - 2013-06-08 17:26 - 00000326 ____A C:\AdwCleaner[s3].txt 2013-06-08 17:25 - 2013-06-08 17:25 - 00000973 ____A C:\AdwCleaner[R2].txt 2013-06-08 17:23 - 2012-06-24 11:55 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-06-08 17:23 - 2012-06-24 11:54 - 00000000 ____D C:\ProgramData\Skype 2013-06-08 17:20 - 2013-06-08 17:20 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2013-06-08 17:18 - 2013-06-08 17:18 - 16409960 ____A (Safer Networking Limited ) C:\Users\Bethany\Downloads\spybotsd162.exe 2013-06-08 13:39 - 2013-06-08 13:39 - 00000000 ____D C:\Users\Bethany\AppData\Local\Eraser 6 2013-06-08 10:30 - 2013-06-08 10:30 - 00001819 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\SUPERAntiSpyware.com 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2013-06-08 10:30 - 2013-06-08 10:30 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-08 10:30 - 2013-06-08 10:29 - 26074448 ____A (SUPERAntiSpyware.com) C:\Users\Bethany\Downloads\SUPERAntiSpyware.exe 2013-06-08 10:17 - 2009-07-14 01:08 - 00032554 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-06-08 08:56 - 2013-06-08 08:56 - 00000000 ____D C:\Program Files (x86)\ESET 2013-06-08 08:55 - 2013-06-08 08:55 - 02347384 ____A (ESET) C:\Users\Bethany\Downloads\esetsmartinstaller_enu.exe 2013-06-08 08:38 - 2013-06-08 08:38 - 00000000 ____A C:\Windows\setuperr.log 2013-06-08 08:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-06-08 08:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-06-08 08:35 - 2013-06-08 08:34 - 00001850 ____A C:\AdwCleaner[s2].txt 2013-06-08 08:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-06-08 08:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-06-08 08:34 - 2013-06-08 08:34 - 00000326 ____A C:\AdwCleaner[s1].txt 2013-06-08 08:33 - 2013-06-08 08:33 - 00001860 ____A C:\AdwCleaner[R1].txt 2013-06-08 08:28 - 2013-06-08 08:28 - 00640135 ____A C:\Users\Bethany\Desktop\adwcleaner.exe 2013-06-08 06:21 - 2012-03-03 16:43 - 00000000 ____D C:\Users\Bethany\AppData\Local\CrashDumps 2013-06-08 06:18 - 2013-06-08 06:18 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-08 06:18 - 2013-06-08 06:18 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-07 23:22 - 2013-06-07 23:22 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\Malwarebytes 2013-06-07 23:21 - 2013-06-07 23:21 - 00001084 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-06-07 23:21 - 2013-06-07 23:21 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-06-07 23:21 - 2013-06-07 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-07 23:20 - 2013-06-07 23:20 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Bethany\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-01 11:06 - 2013-01-12 18:56 - 00000000 ____D C:\Program Files (x86)\PC Checkup 2013-05-28 21:28 - 2011-09-09 21:18 - 00000000 ____D C:\Users\Bethany\AppData\Roaming\SoftGrid Client 2013-05-16 07:54 - 2009-07-14 01:13 - 00741680 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-15 20:56 - 2013-05-02 23:27 - 00000000 ____D C:\Users\Bethany\AppData\Local\NPE 2013-05-14 20:10 - 2013-05-14 20:06 - 00000000 ____D C:\ProgramData\MiMedia 2013-05-14 20:06 - 2013-05-14 20:06 - 00000000 ____D C:\Program Files\MiMedia LLC 2013-05-14 19:56 - 2013-04-04 17:47 - 00000000 ____D C:\Users\Bethany\Documents\L&M 2013-05-14 19:55 - 2013-05-14 19:55 - 00000000 ____D C:\Users\Bethany\AppData\LocalGoogle 2013-05-14 19:55 - 2011-08-29 20:23 - 00000000 ____D C:\Users\Bethany\AppData\Local\Google 2013-05-14 19:55 - 2011-07-25 12:47 - 00000000 ____D C:\Program Files (x86)\Google 2013-05-14 19:54 - 2013-05-14 19:54 - 00781760 ____A (Google Inc.) C:\Users\Bethany\Downloads\googledrivesync.exe 2013-05-14 19:49 - 2012-05-06 10:32 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-14 19:49 - 2012-05-06 10:32 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-05 07:23 ==================== End Of Log ============================ And the Addition text: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2013 02 Ran by Bethany at 2013-06-11 07:46:43 Run: Running from C:\Users\Bethany\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (Version: 11.7.700.202) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Reader X (10.1.2) MUI (Version: 10.1.2) Apple Application Support (Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) Bonjour (Version: 3.0.0.10) Cisco Connect (Version: 1.2.10218.1) D3DX10 (Version: 15.4.2368.0902) ESET Online Scanner v3 Google Chrome (Version: 27.0.1453.110) Google Drive (Version: 1.9.4536.8202) Google Update Helper (Version: 1.3.21.145) Intel PROSet Wireless Intel® Management Engine Components (Version: 7.0.0.1144) Intel® Processor Graphics (Version: 8.15.10.2353) Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000) Intel® Rapid Storage Technology (Version: 10.1.2.1004) Intel® Wireless Display Intel® Wireless Display (Version: 2.0.29.0) iTunes (Version: 11.0.2.26) Java 7 Update 21 (Version: 7.0.210) Java Auto Updater (Version: 2.1.9.5) Java 6 Update 27 (Version: 6.0.270) JMicron Flash Media Controller Driver (Version: 1.0.57.2) Junk Mail filter update (Version: 15.4.3502.0922) Label@Once 1.0 (Version: 1.0) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Mesh Runtime (Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) MSVCRT (Version: 15.4.2862.0708) MSVCRT_amd64 (Version: 15.4.2862.0708) Norton 360 (Version: 5.2.2.3) Norton PC Checkup (Version: 3.0.4.81.0) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (Version: 1.3.0) QuickTime (Version: 7.70.80.34) Realtek Ethernet Controller Driver (Version: 7.38.113.2011) Realtek High Definition Audio Driver (Version: 6.0.1.6305) Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0) Skype Launcher (Version: 2.01) Skype™ 6.1 (Version: 6.1.129) Spybot - Search & Destroy (Version: 1.6.2) SUPERAntiSpyware (Version: 5.6.1020) Synaptics Pointing Device Driver (Version: 15.2.11.1) Synctunes Desktop (Version: 1.1.0) TOSHIBA Application Installer (Version: 9.0.1.1) TOSHIBA Assist (Version: 4.02.02) TOSHIBA Bulletin Board (Version: 1.6.08.64) TOSHIBA Disc Creator (Version: 2.1.0.7 for x64) TOSHIBA eco Utility (Version: 1.2.24.64) TOSHIBA Face Recognition (Version: 3.1.9.64) TOSHIBA Flash Cards Support Utility (Version: 1.63.0.12C) TOSHIBA Hardware Setup (Version: 1.63.1.34C) TOSHIBA HDD Protection (Version: 2.2.1.12) TOSHIBA HDD/SSD Alert (Version: 3.1.64.8) Toshiba Laptop Checkup (Version: 2.0.10.26) TOSHIBA Media Controller (Version: 1.0.86.2) TOSHIBA Media Controller Plug-in (Version: 1.0.6.1) Toshiba Online Backup (Version: 2.0.0.25) TOSHIBA PC Health Monitor (Version: 1.7.5.64) TOSHIBA Quality Application (Version: 1.0.3) TOSHIBA Recovery Media Creator (Version: 2.1.3.5109) TOSHIBA ReelTime (Version: 1.7.17.64) TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0) TOSHIBA Service Station (Version: 2.1.52) TOSHIBA Sleep Utility (Version: 1.4.2.7) TOSHIBA Supervisor Password (Version: 1.63.51.2C) TOSHIBA Value Added Package (Version: 1.5.4.64) TOSHIBA VIDEO PLAYER (Version: 4.00.6.08-A) TOSHIBA Web Camera Application (Version: 2.0.0.19) TOSHIBA Wireless Display Monitor (Version: 1.0.1) TOSHIBA Wireless LAN Indicator (Version: 1.0.3) ToshibaRegistration (Version: 1.0.4) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Utility Common Driver (Version: 1.0.52.2C) Webroot SecureAnywhere (Version: 8.0.2.147) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3555.0308) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (Version: 15.4.3502.0922) Windows Live Mesh (Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2) Windows Live Messenger (Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live Photo Gallery (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) ==================== Restore Points ========================= 08-06-2013 21:22:10 Removed Skype Click to Call 08-06-2013 21:59:18 Windows Modules Installer 10-06-2013 11:57:01 Windows Modules Installer ==================== Hosts content: ========================== # Copyright © 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # # # Start of entries inserted by Spybot - Search & Destroy # This list is Copyright 2000-2008 Safer Networking Limited # End of entries inserted by Spybot - Search & Destroy # 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com There are more than 1000 lines starting with "127.0.0.1" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/11/2013 06:30:27 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (06/11/2013 06:26:22 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17389587 Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17389587 Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/11/2013 01:13:04 AM) (Source: Application Hang) (User: ) Description: The program SpybotSD.exe version 1.6.2.46 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 17b4 Start Time: 01ce6661b6d8689e Termination Time: 9 Application Path: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe Report Id: 968919e0-d255-11e2-86eb-b870f4bfba5f Error: (06/11/2013 01:07:56 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 11:08:58 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 10:38:08 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 10:33:07 PM) (Source: Application Hang) (User: ) Description: The program adwcleaner.exe version 2.3.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: be0 Start Time: 01ce664bc872f2e5 Termination Time: 15 Application Path: C:\Users\Bethany\Desktop\adwcleaner.exe Report Id: 3dd51527-d23f-11e2-bfa3-b870f4bfba5f System errors: ============= Error: (06/11/2013 06:20:24 AM) (Source: DCOM) (User: ) Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Error: (06/11/2013 01:07:45 AM) (Source: Service Control Manager) (User: ) Description: The Common Client Job Manager Service service terminated with service-specific error %%-1. Error: (06/10/2013 11:08:55 PM) (Source: Service Control Manager) (User: ) Description: The Common Client Job Manager Service service terminated with service-specific error %%-1. Error: (06/10/2013 10:37:41 PM) (Source: Service Control Manager) (User: ) Description: The Common Client Job Manager Service service terminated with service-specific error %%-1. Error: (06/10/2013 00:23:14 PM) (Source: Service Control Manager) (User: ) Description: The Common Client Job Manager Service service terminated with service-specific error %%-1. Error: (06/10/2013 06:38:15 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service. Error: (06/09/2013 10:45:45 PM) (Source: Server) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{F9719151-EE1C-4C59-9008-2649FC344E86} because another computer on the network has the same name. The server could not start. Error: (06/09/2013 10:16:04 PM) (Source: Server) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{F9719151-EE1C-4C59-9008-2649FC344E86} because another computer on the network has the same name. The server could not start. Error: (06/09/2013 10:15:52 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service. Error: (06/09/2013 10:35:57 AM) (Source: DCOM) (User: ) Description: {8086EBD4-43E3-4B19-BEB3-F0EA4ECF319C} Microsoft Office Sessions: ========================= Error: (06/11/2013 06:30:27 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8 Error: (06/11/2013 06:26:22 AM) (Source: SideBySide)(User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17389587 Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17389587 Error: (06/11/2013 06:19:44 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/11/2013 01:13:04 AM) (Source: Application Hang)(User: ) Description: SpybotSD.exe1.6.2.4617b401ce6661b6d8689e9C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe968919e0-d255-11e2-86eb-b870f4bfba5f Error: (06/11/2013 01:07:56 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 11:08:58 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 10:38:08 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/10/2013 10:33:07 PM) (Source: Application Hang)(User: ) Description: adwcleaner.exe2.3.0.2be001ce664bc872f2e515C:\Users\Bethany\Desktop\adwcleaner.exe3dd51527-d23f-11e2-bfa3-b870f4bfba5f ==================== Memory info =========================== Percentage of memory in use: 47% Total physical RAM: 6050.69 MB Available physical RAM: 3148.13 MB Total Pagefile: 12099.57 MB Available Pagefile: 9053.99 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (TI106151W0F) (Fixed) (Total:580.59 GB) (Free:501.84 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 637CA5D8) Partition 1: (Active) - (Size=1 GB) - (Type=27) Partition 2: (Not Active) - (Size=581 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14 GB) - (Type=17) ==================== End Of Log ============================ I will run the GMER rootkit tool next but was wondering if I need to close the Farber Tool without clicking Fix, first? Thanks again.
  9. I recently discovered that my credit card number had been stolen, and while searching my computer with Malwarebytes, discovered malware that my antivirus had missed. I ran a few programs - Malwarebytes, Spybot, Adwcleaner - and thought my computer was clean. But I recently tried running Adwcleaner again and it keeps bringing up 2 things that it will "delete" but will then reappear when I run it again (see below). What is this, and how can I permanently get rid of it? Thank you for any help you can give me! # AdwCleaner v2.302 - Logfile created 06/10/2013 at 23:07:27 # Updated 06/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Bethany - BETHANY-PC # Boot Mode : Normal # Running from : C:\Users\Bethany\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Registry is clean. -\\ Google Chrome v27.0.1453.110 File : C:\Users\Bethany\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1860 octets] - [08/06/2013 08:33:00] AdwCleaner[R2].txt - [973 octets] - [08/06/2013 17:25:39] AdwCleaner[R3].txt - [1032 octets] - [08/06/2013 17:26:00] AdwCleaner[R4].txt - [1386 octets] - [10/06/2013 22:30:21] AdwCleaner[R5].txt - [1446 octets] - [10/06/2013 22:31:38] AdwCleaner[R6].txt - [1565 octets] - [10/06/2013 22:33:19] AdwCleaner[R7].txt - [1450 octets] - [10/06/2013 22:40:51] AdwCleaner[R8].txt - [1804 octets] - [10/06/2013 23:06:05] AdwCleaner[s1].txt - [326 octets] - [08/06/2013 08:34:20] AdwCleaner[s2].txt - [1850 octets] - [08/06/2013 08:34:53] AdwCleaner[s3].txt - [326 octets] - [08/06/2013 17:26:16] AdwCleaner[s4].txt - [324 octets] - [10/06/2013 22:32:02] AdwCleaner[s5].txt - [1629 octets] - [10/06/2013 22:33:46] AdwCleaner[s6].txt - [324 octets] - [10/06/2013 22:42:25] AdwCleaner[s7].txt - [1739 octets] - [10/06/2013 23:07:27] ########## EOF - C:\AdwCleaner[s7].txt - [1799 octets] ##########
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.