Jump to content

syvpuglover

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'll take care of those last steps. Vipre is running fine now. Thanks again, Charlie ... from all of the Malmbergs! Happy household now.
  2. And here's the Security Check log: Results of screen317's Security Check version 0.99.71 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! GFI Software VIPRE Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 25 Adobe Reader XI Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.72 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  3. # AdwCleaner v2.306 - Logfile created 07/27/2013 at 09:08:42 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dean - DEAN-PC # Boot Mode : Normal # Running from : C:\Users\Dean\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Dean\AppData\Local\PackageAware ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.72 File : C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1195 octets] - [27/07/2013 08:56:01] AdwCleaner[s1].txt - [1140 octets] - [27/07/2013 09:08:42] ########## EOF - C:\AdwCleaner[s1].txt - [1200 octets] ##########
  4. Pretty clean: # AdwCleaner v2.306 - Logfile created 07/27/2013 at 08:56:01# Updated 19/07/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Dean - DEAN-PC# Boot Mode : Normal# Running from : C:\Users\Dean\Desktop\adwcleaner.exe# Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Dean\AppData\Local\PackageAware ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Found : HKCU\Software\SoftonicKey Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.72 File : C:\Users\Dean\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1070 octets] - [27/07/2013 08:56:01] ########## EOF - C:\AdwCleaner[R1].txt - [1130 octets] ##########
  5. The MBAR scan was clean the first time, but I went ahead and ran it a second time just to be safe. Logs are attached. I had internet access right away, but the firewall and anti-virus wouldn't run, nor windows updates. The fixdamage took care of the firewall and the updates, but I am still not able to start Vipre. I get a message saying the services aren't running and to contact tech support if it continues. I don't know if this is related to the virus or not. I may need to reinstall that software. Everything else seems to be running great though. I sure do appreciate this! system-log.txt mbar-log-2013-07-27 (06-30-55).txt
  6. Looking good! Here's the fixlog.txt file. I was just able to do a normal restart on the affected computer, so I'm going to finish the rest of your instructions now and then I'll come back and post those logs. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-07-2013 Ran by SYSTEM at 2013-07-27 06:07:51 Run:1 Running from F:\ Boot Mode: Recovery ============================================== HKU\Dean\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. C:\Users\Dean\GoToAssistDownloadHelper.exe => Moved successfully. C:\Users\Dean\AppData\Roaming\cache.dat => Moved successfully. C:\Users\Dean\AppData\Roaming\cache.ini => Moved successfully. ==== End of Fixlog ====
  7. Thank you so much for your time. My son does have anti-virus software installed, but it doesn't do any good if he doesn't leave it turned on. Here's the file: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013 Ran by SYSTEM on 26-07-2013 20:25:01 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [4620288 2013-02-23] (Broadcom Corporation) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1881384 2009-10-23] (Synaptics Incorporated) Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\MyColors\fast64.dll [X] HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKU\Dean\...\Run: [PlayNC Launcher] - [x] HKU\Dean\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-04-22] () HKU\Dean\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKU\Dean\...\Winlogon: [shell] explorer.exe,C:\Users\Dean\AppData\Roaming\cache.dat [104448 2011-11-16] () <==== ATTENTION HKU\Default\...\Run: [sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Default User\...\Run: [sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) ==================== Services (Whitelisted) ================= S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-06-08] (LogMeIn, Inc.) S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-06-08] (LogMeIn, Inc.) S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.) S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-24] () S4 SBAMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [3680512 2013-04-18] (ThreatTrack Security, Inc.) S2 SBPIMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [175936 2013-04-18] (ThreatTrack Security, Inc.) S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE [33280 2013-02-23] () ==================== Drivers (Whitelisted) ==================== S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-05-15] (ThreatTrack Security) S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-31] (LogMeIn, Inc.) S2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88432 2013-04-16] (ThreatTrack Security, Inc.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.) S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org) S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org) S4 LMIRfsClientNP; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-26 20:24 - 2013-07-26 20:24 - 00000000 ____D C:\FRST 2013-07-26 17:53 - 2013-07-26 19:03 - 00000004 _____ C:\Users\Dean\AppData\Roaming\cache.ini 2013-07-25 15:47 - 2013-07-25 15:47 - 00000220 _____ C:\Users\Dean\Desktop\....txt 2013-07-24 05:50 - 2013-07-24 05:51 - 00003185 _____ C:\Users\Dean\Downloads\InterruptBar-v1.37.zip 2013-07-23 09:25 - 2013-07-23 09:25 - 00041235 _____ C:\Users\Dean\Downloads\Unconfirmed 771082.crdownload 2013-07-14 06:20 - 2013-07-14 06:20 - 00003180 _____ C:\Windows\System32\Tasks\{DAC0EB56-DBDE-46DF-A9B5-92AD1F1851D9} 2013-07-12 14:52 - 2013-07-12 14:52 - 00142290 _____ C:\Users\Dean\Downloads\Bagnon_5.3.4.zip 2013-07-12 12:37 - 2013-07-12 12:37 - 00000000 ____D C:\Windows\pss 2013-07-10 21:04 - 2013-07-10 21:05 - 01739095 _____ C:\Users\Dean\Downloads\DBM-Core-5.3.4.zip 2013-07-10 04:35 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-10 04:35 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-10 04:35 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-10 04:35 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-10 04:35 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-10 04:35 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-07-10 04:35 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-07-10 04:35 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-07-10 04:35 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-07-10 04:35 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-07-10 04:35 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-07-10 04:35 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-10 04:35 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-10 04:35 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-07-10 04:35 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-10 04:34 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-10 04:34 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-10 04:34 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-10 04:34 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-07-10 04:34 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-07-10 04:34 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-07-09 11:56 - 2013-06-04 19:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-07-09 11:56 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2013-07-09 11:56 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-07-09 11:56 - 2013-05-05 22:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2013-07-09 11:56 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-09 11:56 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-07-09 11:56 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-07-07 18:39 - 2013-07-07 18:39 - 00605166 _____ C:\Users\Dean\Downloads\MikScrollingBattleText-5.7.129.zip 2013-07-07 18:35 - 2013-07-07 18:35 - 00298255 _____ C:\Users\Dean\Downloads\Gladius_3.0.2.zip 2013-07-07 17:07 - 2013-07-07 17:07 - 00002470 _____ C:\Users\Public\Desktop\Rollercoaster Tycoon Deluxe Edition.lnk 2013-07-07 17:06 - 2013-07-07 17:06 - 00003084 _____ C:\Windows\System32\Tasks\{26988B69-186E-484F-AC23-34916923C073} 2013-07-07 17:00 - 2013-07-07 17:06 - 00000000 ____D C:\closecombat2 2013-07-07 16:59 - 2013-07-07 16:59 - 00002976 _____ C:\Windows\System32\Tasks\{DCFE72A8-0502-4D38-9F6D-5CD8C78FE952} 2013-07-07 16:55 - 2013-07-14 06:21 - 00000000 ____D C:\Users\Dean\Downloads\closecombat2 2013-07-07 16:49 - 2013-07-07 16:49 - 00003236 _____ C:\Windows\System32\Tasks\{7406072F-2981-48AF-B254-9CD6651B2EA8} 2013-07-07 16:48 - 2013-07-07 16:48 - 00000000 ____D C:\Program Files (x86)\close combat 2013-07-07 16:45 - 2013-07-07 16:46 - 99868584 _____ C:\Users\Dean\Downloads\closecombat2.zip 2013-07-07 16:35 - 2013-07-07 16:35 - 00000000 ____D C:\Users\Dean\Documents\GameFly 2013-07-07 16:35 - 2013-07-07 16:35 - 00000000 ____D C:\Users\Dean\AppData\Roaming\GameFly 2013-07-07 16:34 - 2013-07-07 16:34 - 00001869 _____ C:\Users\Dean\Desktop\GameFly.lnk 2013-07-07 16:33 - 2013-07-07 16:36 - 00000000 ____D C:\Program Files (x86)\GameFly 2013-07-07 16:32 - 2013-07-07 16:32 - 26069118 _____ C:\Users\Dean\Downloads\gamefly_setup.exe 2013-07-07 16:29 - 2013-07-07 16:29 - 16458752 _____ C:\Users\Dean\Downloads\msabtf (1).exe 2013-07-07 16:23 - 2013-07-07 16:23 - 16458752 _____ C:\Users\Dean\Downloads\msabtf.exe 2013-07-06 22:46 - 2013-07-06 22:46 - 00077725 _____ C:\Users\Dean\Downloads\BattlegroundTargets-50300-3.zip 2013-07-06 22:42 - 2013-07-06 22:42 - 00432791 _____ C:\Users\Dean\Downloads\TidyPlates_6_11_3.zip 2013-07-03 16:28 - 2013-07-03 16:31 - 734760960 _____ C:\Users\Dean\Downloads\Princess Mononoke English Dubbed.avi 2013-07-03 11:48 - 2013-05-15 13:23 - 00031264 _____ (ThreatTrack Security) C:\Windows\System32\Drivers\gfiutil.sys 2013-07-03 08:58 - 2013-07-03 08:58 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-03 08:58 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys 2013-07-01 00:39 - 2013-07-01 00:40 - 01472807 _____ C:\Users\Dean\Downloads\AtlasLoot-v7.06.00.zip 2013-06-28 00:18 - 2013-06-28 00:18 - 00701572 _____ C:\Users\Dean\Downloads\Gatherer-4.3.1.zip 2013-06-26 16:08 - 2013-06-26 16:08 - 00078297 _____ C:\Users\Dean\Downloads\Postal-v3.5.1.zip 2013-06-26 10:42 - 2013-06-26 10:43 - 00686335 _____ C:\Users\Dean\Downloads\XPerl-r851.zip 2013-06-26 10:42 - 2013-06-26 10:42 - 00379949 _____ C:\Users\Dean\Downloads\Recount-v5.3.0a_release.zip 2013-06-26 10:41 - 2013-06-26 10:41 - 00144417 _____ C:\Users\Dean\Downloads\eCastingBar40001.zip 2013-06-26 09:51 - 2013-06-26 09:51 - 00699635 _____ C:\Users\Dean\Downloads\TitanPanel-5.1.21.50300.zip 2013-06-26 09:47 - 2013-06-26 09:47 - 00000000 ____D C:\Users\Dean\Documents\My Curse 2013-06-26 09:45 - 2013-06-26 09:45 - 00401760 _____ () C:\Users\Dean\Downloads\setup.exe 2013-06-26 09:45 - 2013-06-26 09:45 - 00003110 _____ C:\Windows\System32\Tasks\{62D1D1BC-BB82-472D-BF84-2CA496F8F16E} 2013-06-26 09:43 - 2013-06-26 09:43 - 03828698 _____ C:\Users\Dean\Downloads\AuctioneerSuite-5.17.5413.zip ==================== One Month Modified Files and Folders ======= 2013-07-26 20:24 - 2013-07-26 20:24 - 00000000 ____D C:\FRST 2013-07-26 19:03 - 2013-07-26 17:53 - 00000004 _____ C:\Users\Dean\AppData\Roaming\cache.ini 2013-07-26 18:54 - 2013-02-24 00:50 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-07-26 18:45 - 2013-04-22 00:03 - 00000000 ____D C:\Users\Dean\AppData\Local\PMB Files 2013-07-26 18:22 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-07-26 18:22 - 2009-07-13 20:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-07-26 18:18 - 2013-02-24 00:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-07-26 18:15 - 2013-02-24 00:50 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-07-26 18:14 - 2013-03-15 19:45 - 00038221 _____ C:\Windows\setupact.log 2013-07-26 18:14 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-07-26 18:11 - 2013-02-24 17:12 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Skype 2013-07-26 18:10 - 2013-02-23 17:40 - 01292336 _____ C:\Windows\WindowsUpdate.log 2013-07-26 17:55 - 2013-03-15 19:50 - 00052946 _____ C:\Windows\PFRO.log 2013-07-26 11:55 - 2013-05-21 17:09 - 00003460 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask 2013-07-25 23:21 - 2013-02-24 01:31 - 00000000 ____D C:\Program Files (x86)\Steam 2013-07-25 15:47 - 2013-07-25 15:47 - 00000220 _____ C:\Users\Dean\Desktop\....txt 2013-07-24 05:51 - 2013-07-24 05:50 - 00003185 _____ C:\Users\Dean\Downloads\InterruptBar-v1.37.zip 2013-07-23 09:37 - 2013-03-15 14:49 - 00000000 ____D C:\ProgramData\PCDr 2013-07-23 09:37 - 2013-03-15 14:48 - 00000000 ____D C:\Program Files\AlienAutopsy 2013-07-23 09:25 - 2013-07-23 09:25 - 00041235 _____ C:\Users\Dean\Downloads\Unconfirmed 771082.crdownload 2013-07-22 22:35 - 2013-04-30 18:59 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Ventrilo 2013-07-16 22:09 - 2013-02-24 17:12 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-07-16 22:09 - 2013-02-24 17:12 - 00000000 ____D C:\ProgramData\Skype 2013-07-15 13:26 - 2013-04-22 00:03 - 00000000 ____D C:\ProgramData\PMB Files 2013-07-14 06:21 - 2013-07-07 16:55 - 00000000 ____D C:\Users\Dean\Downloads\closecombat2 2013-07-14 06:20 - 2013-07-14 06:20 - 00003180 _____ C:\Windows\System32\Tasks\{DAC0EB56-DBDE-46DF-A9B5-92AD1F1851D9} 2013-07-12 14:52 - 2013-07-12 14:52 - 00142290 _____ C:\Users\Dean\Downloads\Bagnon_5.3.4.zip 2013-07-12 13:13 - 2013-02-24 00:50 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-12 13:13 - 2013-02-24 00:50 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-12 12:37 - 2013-07-12 12:37 - 00000000 ____D C:\Windows\pss 2013-07-12 12:34 - 2013-06-06 14:47 - 00000000 ____D C:\Users\Dean\AppData\Local\LogMeIn Hamachi 2013-07-10 21:05 - 2013-07-10 21:04 - 01739095 _____ C:\Users\Dean\Downloads\DBM-Core-5.3.4.zip 2013-07-10 13:13 - 2009-07-13 20:45 - 00268856 _____ C:\Windows\System32\FNTCACHE.DAT 2013-07-10 13:12 - 2013-03-13 18:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-10 13:12 - 2013-03-13 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-07-10 13:12 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-10 13:12 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-10 13:12 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-10 04:40 - 2009-07-13 21:13 - 00793636 _____ C:\Windows\System32\PerfStringBackup.INI 2013-07-10 04:36 - 2013-02-23 22:23 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-07-07 18:39 - 2013-07-07 18:39 - 00605166 _____ C:\Users\Dean\Downloads\MikScrollingBattleText-5.7.129.zip 2013-07-07 18:35 - 2013-07-07 18:35 - 00298255 _____ C:\Users\Dean\Downloads\Gladius_3.0.2.zip 2013-07-07 17:09 - 2013-06-01 19:47 - 00074122 _____ C:\Windows\DirectX.log 2013-07-07 17:07 - 2013-07-07 17:07 - 00002470 _____ C:\Users\Public\Desktop\Rollercoaster Tycoon Deluxe Edition.lnk 2013-07-07 17:06 - 2013-07-07 17:06 - 00003084 _____ C:\Windows\System32\Tasks\{26988B69-186E-484F-AC23-34916923C073} 2013-07-07 17:06 - 2013-07-07 17:00 - 00000000 ____D C:\closecombat2 2013-07-07 16:59 - 2013-07-07 16:59 - 00002976 _____ C:\Windows\System32\Tasks\{DCFE72A8-0502-4D38-9F6D-5CD8C78FE952} 2013-07-07 16:49 - 2013-07-07 16:49 - 00003236 _____ C:\Windows\System32\Tasks\{7406072F-2981-48AF-B254-9CD6651B2EA8} 2013-07-07 16:48 - 2013-07-07 16:48 - 00000000 ____D C:\Program Files (x86)\close combat 2013-07-07 16:46 - 2013-07-07 16:45 - 99868584 _____ C:\Users\Dean\Downloads\closecombat2.zip 2013-07-07 16:36 - 2013-07-07 16:33 - 00000000 ____D C:\Program Files (x86)\GameFly 2013-07-07 16:35 - 2013-07-07 16:35 - 00000000 ____D C:\Users\Dean\Documents\GameFly 2013-07-07 16:35 - 2013-07-07 16:35 - 00000000 ____D C:\Users\Dean\AppData\Roaming\GameFly 2013-07-07 16:34 - 2013-07-07 16:34 - 00001869 _____ C:\Users\Dean\Desktop\GameFly.lnk 2013-07-07 16:32 - 2013-07-07 16:32 - 26069118 _____ C:\Users\Dean\Downloads\gamefly_setup.exe 2013-07-07 16:29 - 2013-07-07 16:29 - 16458752 _____ C:\Users\Dean\Downloads\msabtf (1).exe 2013-07-07 16:23 - 2013-07-07 16:23 - 16458752 _____ C:\Users\Dean\Downloads\msabtf.exe 2013-07-06 22:46 - 2013-07-06 22:46 - 00077725 _____ C:\Users\Dean\Downloads\BattlegroundTargets-50300-3.zip 2013-07-06 22:42 - 2013-07-06 22:42 - 00432791 _____ C:\Users\Dean\Downloads\TidyPlates_6_11_3.zip 2013-07-03 23:34 - 2013-03-14 14:57 - 00000000 ____D C:\Users\Dean\AppData\Roaming\vlc 2013-07-03 21:11 - 2013-03-11 15:15 - 00000000 ____D C:\Users\Dean\AppData\Roaming\BitTorrent 2013-07-03 16:31 - 2013-07-03 16:28 - 734760960 _____ C:\Users\Dean\Downloads\Princess Mononoke English Dubbed.avi 2013-07-03 11:17 - 2013-02-24 01:22 - 00002015 _____ C:\Users\Public\Desktop\VIPRE.lnk 2013-07-03 08:58 - 2013-07-03 08:58 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-07-03 08:58 - 2013-06-06 14:46 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2013-07-02 13:30 - 2013-03-16 22:25 - 00000000 ____D C:\Users\Dean\AppData\Roaming\Mumble 2013-07-01 00:40 - 2013-07-01 00:39 - 01472807 _____ C:\Users\Dean\Downloads\AtlasLoot-v7.06.00.zip 2013-06-28 13:02 - 2013-06-18 00:54 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2013-06-28 00:18 - 2013-06-28 00:18 - 00701572 _____ C:\Users\Dean\Downloads\Gatherer-4.3.1.zip 2013-06-27 18:36 - 2013-02-23 23:15 - 00000000 ____D C:\Users\Dean\AppData\Local\Deployment 2013-06-26 16:08 - 2013-06-26 16:08 - 00078297 _____ C:\Users\Dean\Downloads\Postal-v3.5.1.zip 2013-06-26 10:43 - 2013-06-26 10:42 - 00686335 _____ C:\Users\Dean\Downloads\XPerl-r851.zip 2013-06-26 10:42 - 2013-06-26 10:42 - 00379949 _____ C:\Users\Dean\Downloads\Recount-v5.3.0a_release.zip 2013-06-26 10:41 - 2013-06-26 10:41 - 00144417 _____ C:\Users\Dean\Downloads\eCastingBar40001.zip 2013-06-26 09:51 - 2013-06-26 09:51 - 00699635 _____ C:\Users\Dean\Downloads\TitanPanel-5.1.21.50300.zip 2013-06-26 09:47 - 2013-06-26 09:47 - 00000000 ____D C:\Users\Dean\Documents\My Curse 2013-06-26 09:45 - 2013-06-26 09:45 - 00401760 _____ () C:\Users\Dean\Downloads\setup.exe 2013-06-26 09:45 - 2013-06-26 09:45 - 00003110 _____ C:\Windows\System32\Tasks\{62D1D1BC-BB82-472D-BF84-2CA496F8F16E} 2013-06-26 09:43 - 2013-06-26 09:43 - 03828698 _____ C:\Users\Dean\Downloads\AuctioneerSuite-5.17.5413.zip Files to move or delete: ==================== C:\Users\Dean\GoToAssistDownloadHelper.exe C:\Users\Dean\AppData\Roaming\cache.dat C:\Users\Dean\AppData\Roaming\cache.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-07-15 11:47:15 Restore point made on: 2013-07-23 14:06:25 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3838.36 MB Available physical RAM: 3220.91 MB Total Pagefile: 3836.51 MB Available Pagefile: 3217.29 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:81.22 GB) NTFS (Disk=0 Partition=2) Drive f: (WebhardUSB) (Removable) (Total:1.86 GB) (Free:1.81 GB) FAT32 (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 9E7A17BF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=2 GB) - (Type=0C) LastRegBack: 2013-07-23 13:59 ==================== End Of Log ============================
  8. I need help to remove this virus please. I have tried booting into safe mode, but it will not allow it. Whenever I attempt, it restarts the computer. Thank you.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.