adampantano

Honorary Members

View Profile See their activity

Posts
22
Joined
September 11, 2013
Last visited
September 15, 2013

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by adampantano

Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Sorry for the late post. I wanted to give it a day or so of activity to see if I got any popups. And so far, I have not been asked to download that ad.yieldmanager.com since we last spoke. For additional security, I also installed Adblocker Plus. Here is my log: Ok Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus Free Edition 2013 Lavasoft Ad-Aware Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Ad-Aware Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 JavaFX 2.0.3 Java 7 Update 40 Java version out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader 10.1.2 Adobe Reader out of Date! Google Chrome 29.0.1547.66 ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Spybot Teatimer.exe is disabled! AVG avgwdsvc.exe Ad-Aware Antivirus AdAwareService.exe Ad-Aware Antivirus SBAMSvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
- September 15, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Might have worked! Browsed occasionally last night and no pop up request to download and install that file.
- September 14, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Didn't find anything.
- September 13, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

This is the only log I see... ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
- September 13, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Also, I have been noticing different ads on pages, even something like Yahoo. They are called "AdChoices" when I click on properties the link takes me to "http://ad.yieldmanager.com/pixel?id=1048831&t=2&piggyback=http%3A%2F%2Finfo%2Eyahoo%2Ecom%2Fprivacy%2Fus%2Fyahoo%2Frelevantads%2Ehtml" or something similar. So it is def related to this yieldmanager request (whatever is causing it).
- September 12, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

The only browser I have installed is IE10 and I reset it yesterday as well. Still no luck.
- September 12, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

See image for what keeps popping up requesting that I install this software. Every couple of times a page loads.
- September 12, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 02 Ran by Adam Pantano (administrator) on ADAMPANTANO-PC on 11-09-2013 21:40:47 Running from C:\Users\Adam Pantano\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (AMD) C:\Windows\system32\atiesrxx.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe (Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (AOL Inc.) C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (NETGEAR) C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe () C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_168_ActiveX.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor) HKLM\...\Run: [intelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] () HKCU\...\Run: [AIM for Windows] - C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe [2930288 2012-12-05] (AOL Inc.) HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation) HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd) HKCU\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5472016 2009-04-30] (Logitech Inc.) HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-14] (SUPERAntiSpyware) MountPoints2: {258d84da-c0c2-11e2-a6ac-c860006e03fe} - F:\MotoCastSetup.exe -a MountPoints2: {ebaa3360-8879-11e2-a788-c860006e03fe} - G:\MotoCastSetup.exe -a MountPoints2: {f4c46e04-6f8c-11e1-8e1d-806e6f6e6963} - E:\setup.exe HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.) HKLM-x32\...\Run: [bDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-04-29] (cyberlink) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-02-16] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.) HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft) HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run [x] HKLM-x32\...\Run: [sDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Startup: C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com) R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink) R2 RalinkRegistryWriter; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2012-04-30] (Ralink Technology, Corp.) R2 RalinkRegistryWriter64; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [455424 2012-04-30] (Ralink Technology, Corp.) R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) S2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-09] (GFI Software) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] () S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] () R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x] S3 cpuz130; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] S3 motccgp; system32\DRIVERS\motccgp.sys [x] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x] S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x] S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x] S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-11 21:40 - 2013-09-11 21:40 - 00000000 ____D C:\FRST 2013-09-11 21:18 - 2013-09-11 21:19 - 00004940 _____ C:\Windows\WindowsUpdate.log 2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-11 07:13 - 2013-09-11 07:13 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\adawarebp 2013-09-10 22:40 - 2013-09-10 22:40 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT1.txt 2013-09-10 22:39 - 2013-09-10 22:39 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT.txt 2013-09-10 22:35 - 2013-09-10 22:35 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 22:30 - 2013-09-10 22:35 - 01029490 _____ (Thisisu) C:\Users\Adam Pantano\Desktop\JRT.exe 2013-09-10 21:41 - 2013-09-11 07:12 - 00000000 ____D C:\AdwCleaner 2013-09-10 21:41 - 2013-09-10 21:41 - 01037278 _____ C:\Users\Adam Pantano\Desktop\AdwCleaner.exe 2013-09-10 21:12 - 2013-09-10 21:12 - 00002935 _____ C:\Users\Adam Pantano\Desktop\RKreport[0]_S_09102013_211254.txt 2013-09-10 21:11 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Adam Pantano\Desktop\RK_Quarantine 2013-09-10 21:05 - 2013-09-10 21:05 - 03788288 _____ C:\Users\Adam Pantano\Desktop\RogueKillerX64.exe 2013-09-10 21:03 - 2013-09-10 21:03 - 00027172 _____ C:\Users\Adam Pantano\Desktop\dds.txt 2013-09-10 21:03 - 2013-09-10 21:03 - 00010494 _____ C:\Users\Adam Pantano\Desktop\attach.txt 2013-09-10 21:02 - 2013-09-10 21:02 - 00688992 ____R (Swearware) C:\Users\Adam Pantano\Desktop\dds.scr 2013-09-10 20:03 - 2013-09-11 07:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-09-10 20:03 - 2013-09-10 20:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-09-10 20:03 - 2013-09-10 20:03 - 00001386 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-09-10 20:03 - 2013-09-10 20:03 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-09-10 20:03 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-09-10 20:02 - 2013-09-10 20:02 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Adam Pantano\Desktop\spybotsd-2.1.21-SR2.exe 2013-09-09 23:03 - 2013-09-09 23:03 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\PasswordBox 2013-09-09 22:42 - 2013-09-10 23:01 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-09-09 22:42 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com 2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2013-09-09 22:41 - 2013-09-09 22:42 - 27404504 _____ (SUPERAntiSpyware) C:\Users\Adam Pantano\Desktop\SUPERAntiSpyware.exe 2013-09-09 21:40 - 2013-09-09 21:46 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus 2013-09-09 21:40 - 2013-09-09 21:40 - 00004348 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan 2013-09-09 21:40 - 2013-09-09 21:40 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics 2013-09-09 21:38 - 2013-09-11 21:15 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection 2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner 2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Lavasoft 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Downloaded Installations 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2013-09-09 21:37 - 2013-09-09 23:05 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus 2013-09-09 21:37 - 2013-09-09 21:37 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe 2013-09-09 21:37 - 2013-09-09 21:37 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys 2013-09-09 21:36 - 2013-09-09 21:36 - 05616264 _____ (Lavasoft Limited) C:\Users\Adam Pantano\Desktop\Adaware_Installer.exe 2013-09-08 22:57 - 2013-09-08 22:57 - 00090852 _____ C:\Users\Adam Pantano\Desktop\395637621248637851.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00090428 _____ C:\Users\Adam Pantano\Desktop\753471652949093105.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00073479 _____ C:\Users\Adam Pantano\Desktop\15769549389785069375.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00053562 _____ C:\Users\Adam Pantano\Desktop\15508204569846420613.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00046323 _____ C:\Users\Adam Pantano\Desktop\12812555374516349257.jpeg 2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs 2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\ProgramData\SplitMediaLabs 2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs 2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software 2013-08-18 09:48 - 2013-08-18 09:48 - 00000000 ____D C:\ProgramData\Logitech 2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\Program Files\iTunes 2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-17 19:27 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iPod 2013-08-17 19:25 - 2013-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-15 03:04 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-15 03:04 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-15 03:04 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-15 03:04 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-15 03:04 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-15 03:04 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-15 03:04 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-15 03:04 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-15 03:04 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-15 03:04 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-15 03:04 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-15 03:04 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-15 03:04 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 03:04 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-14 22:37 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 22:37 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-14 22:37 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 22:37 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-14 22:37 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 22:37 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 22:37 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-14 22:37 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 22:37 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 22:37 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 22:37 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 22:37 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 22:37 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-14 22:37 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-14 22:37 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-14 22:37 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 22:37 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 22:37 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-14 22:37 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 22:37 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-14 22:37 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-14 22:37 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-14 22:37 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-14 22:37 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-14 22:37 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-14 22:37 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 22:37 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-12 03:00 - 2013-08-12 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 ==================== One Month Modified Files and Folders ======= 2013-09-11 21:40 - 2013-09-11 21:40 - 01949642 _____ (Farbar) C:\Users\Adam Pantano\Desktop\FRST64.exe 2013-09-11 21:40 - 2013-09-11 21:40 - 00000000 ____D C:\FRST 2013-09-11 21:23 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-11 21:23 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-11 21:19 - 2013-09-11 21:18 - 00004940 _____ C:\Windows\WindowsUpdate.log 2013-09-11 21:17 - 2013-05-13 14:43 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-11 21:15 - 2013-09-09 21:38 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2013-09-11 21:15 - 2013-08-10 21:17 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs 2013-09-11 21:15 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-11 21:09 - 2013-02-20 00:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 ____D C:\Windows\system32\appmgmt 2013-09-11 17:19 - 2013-02-18 22:13 - 00000000 ____D C:\ProgramData\MFAData 2013-09-11 07:13 - 2013-09-11 07:13 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\adawarebp 2013-09-11 07:12 - 2013-09-10 21:41 - 00000000 ____D C:\AdwCleaner 2013-09-11 07:09 - 2013-09-10 20:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-09-10 23:01 - 2013-09-09 22:42 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2013-09-10 22:40 - 2013-09-10 22:40 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT1.txt 2013-09-10 22:39 - 2013-09-10 22:39 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT.txt 2013-09-10 22:35 - 2013-09-10 22:35 - 00000000 ____D C:\Windows\ERUNT 2013-09-10 22:35 - 2013-09-10 22:30 - 01029490 _____ (Thisisu) C:\Users\Adam Pantano\Desktop\JRT.exe 2013-09-10 22:09 - 2013-02-20 00:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-10 22:09 - 2013-02-20 00:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-10 22:09 - 2012-03-16 13:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-10 21:52 - 2009-07-14 01:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-10 21:41 - 2013-09-10 21:41 - 01037278 _____ C:\Users\Adam Pantano\Desktop\AdwCleaner.exe 2013-09-10 21:13 - 2013-09-10 21:11 - 00000000 ____D C:\Users\Adam Pantano\Desktop\RK_Quarantine 2013-09-10 21:12 - 2013-09-10 21:12 - 00002935 _____ C:\Users\Adam Pantano\Desktop\RKreport[0]_S_09102013_211254.txt 2013-09-10 21:05 - 2013-09-10 21:05 - 03788288 _____ C:\Users\Adam Pantano\Desktop\RogueKillerX64.exe 2013-09-10 21:03 - 2013-09-10 21:03 - 00027172 _____ C:\Users\Adam Pantano\Desktop\dds.txt 2013-09-10 21:03 - 2013-09-10 21:03 - 00010494 _____ C:\Users\Adam Pantano\Desktop\attach.txt 2013-09-10 21:02 - 2013-09-10 21:02 - 00688992 ____R (Swearware) C:\Users\Adam Pantano\Desktop\dds.scr 2013-09-10 20:06 - 2013-09-10 20:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-09-10 20:03 - 2013-09-10 20:03 - 00001386 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-09-10 20:03 - 2013-09-10 20:03 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-09-10 20:02 - 2013-09-10 20:02 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Adam Pantano\Desktop\spybotsd-2.1.21-SR2.exe 2013-09-10 19:50 - 2013-06-01 14:06 - 00000000 ____D C:\Users\Adam Pantano\Documents\TOOLBAR 2013-09-10 19:47 - 2013-09-09 22:42 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection 2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner 2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus 2013-09-10 19:47 - 2013-04-26 14:49 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-10 19:47 - 2013-04-26 14:49 - 00000000 ____D C:\ProgramData\Skype 2013-09-10 19:47 - 2013-03-30 10:29 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar 2013-09-10 19:47 - 2013-02-18 22:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\AVG2013 2013-09-10 19:47 - 2013-02-18 16:20 - 00000000 ___RD C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-10 19:47 - 2013-02-18 16:20 - 00000000 ____D C:\Users\Adam Pantano 2013-09-10 19:47 - 2012-03-16 13:36 - 00000000 ____D C:\Windows\system32\Macromed 2013-09-10 19:47 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-09-10 19:47 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-09-10 19:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration 2013-09-10 19:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat 2013-09-09 23:05 - 2013-09-09 21:37 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus 2013-09-09 23:04 - 2013-06-01 14:05 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-09 23:03 - 2013-09-09 23:03 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\PasswordBox 2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com 2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2013-09-09 22:42 - 2013-09-09 22:41 - 27404504 _____ (SUPERAntiSpyware) C:\Users\Adam Pantano\Desktop\SUPERAntiSpyware.exe 2013-09-09 21:46 - 2013-09-09 21:40 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus 2013-09-09 21:40 - 2013-09-09 21:40 - 00004348 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan 2013-09-09 21:40 - 2013-09-09 21:40 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Lavasoft 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Downloaded Installations 2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2013-09-09 21:37 - 2013-09-09 21:37 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe 2013-09-09 21:37 - 2013-09-09 21:37 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys 2013-09-09 21:36 - 2013-09-09 21:36 - 05616264 _____ (Lavasoft Limited) C:\Users\Adam Pantano\Desktop\Adaware_Installer.exe 2013-09-08 22:57 - 2013-09-08 22:57 - 00090852 _____ C:\Users\Adam Pantano\Desktop\395637621248637851.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00090428 _____ C:\Users\Adam Pantano\Desktop\753471652949093105.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00073479 _____ C:\Users\Adam Pantano\Desktop\15769549389785069375.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00053562 _____ C:\Users\Adam Pantano\Desktop\15508204569846420613.jpeg 2013-09-08 22:57 - 2013-09-08 22:57 - 00046323 _____ C:\Users\Adam Pantano\Desktop\12812555374516349257.jpeg 2013-09-02 01:14 - 2013-04-26 14:49 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Skype 2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs 2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\ProgramData\SplitMediaLabs 2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs 2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software 2013-08-18 09:49 - 2013-08-10 21:17 - 00000000 ____D C:\Program Files (x86)\Logitech 2013-08-18 09:49 - 2013-08-10 21:16 - 00008797 _____ C:\Windows\system32\lvcoinst.log 2013-08-18 09:49 - 2013-08-10 21:15 - 00000000 ____D C:\Program Files\Common Files\LogiShrd 2013-08-18 09:48 - 2013-08-18 09:48 - 00000000 ____D C:\ProgramData\Logitech 2013-08-18 09:45 - 2013-08-10 21:15 - 00000000 ____D C:\ProgramData\LogiShrd 2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iTunes 2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-17 19:27 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iPod 2013-08-17 19:25 - 2013-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-08-15 04:21 - 2013-03-30 10:29 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys 2013-08-15 03:58 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2013-08-15 03:23 - 2011-03-08 19:38 - 00000000 ____D C:\Windows\Panther 2013-08-15 03:01 - 2013-07-14 03:00 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 03:01 - 2013-05-01 20:40 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-15 03:00 - 2013-02-20 08:00 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-12 03:00 - 2013-08-12 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 Files to move or delete: ==================== C:\Users\ADAMPA~1\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 00:51 ==================== End Of Log ============================ Addition.txt
- September 12, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Any other suggestions? This BS requests me to install this every couple of pages I load.
- September 12, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

I am still getting the requests today to download the ad.yieldmanager file.
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Happened in both Chrome and IE. I am following these steps now: http://malwaretips.com/blogs/ad-yieldmanager-virus/
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Guess it did not work. I was browsing Yahoo Sports and got a request to download "get-user-id.js from ad.yieldmanager.com". God, this is annoying.
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Uninstalled, then denied to download some .exe file upon uninstallation. Restarted and it is no longer in my programs. The orange hyperlinks are now gone. So far no random "search assist" new windows. Will post back if I get any further popups. Thanks for your help.
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

I found Sendori in my programs. I am going to uninstall.
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Did not work. Still see the orange hyperlinks and popups. The ads that pop up also say "Sendori" if that helps at all.
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.11.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Adam Pantano :: ADAMPANTANO-PC [administrator] 9/10/2013 9:48:58 PM MBAM-log-2013-09-10 (21-52-06).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 222298 Time elapsed: 2 minute(s), 47 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Adam Pantano\Desktop\Setup.exe (PUP.Optional.IBryte) -> No action taken. (end)
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

# AdwCleaner v3.003 - Report created 10/09/2013 at 21:43:59 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Adam Pantano - ADAMPANTANO-PC # Running from : C:\Users\Adam Pantano\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\blekko toolbars Folder Deleted : C:\ProgramData\Search Protection Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility Folder Deleted : C:\Users\Adam Pantano\AppData\LocalLow\adawaretb ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb Key Deleted : HKLM\Software\adawaretb Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 ************************* AdwCleaner[R0].txt - [6808 octets] - [10/09/2013 21:42:27] AdwCleaner[s0].txt - [6754 octets] - [10/09/2013 21:43:59] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6814 octets] ##########
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

RogueKiller V8.6.10 _x64_ [sep 9 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Adam Pantano [Admin rights] Mode : Scan -- Date : 09/10/2013 21:12:54 | ARK || FAK || MBR | ¤¤¤ Bad processes : 2 ¤¤¤ [sUSP PATH] nexdef.exe -- C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe [-] -> KILLED [TermProc] [sUSP PATH] SearchProtection.exe -- C:\ProgramData\Search Protection\SearchProtection.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 8 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : AIM for Windows ("C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe" [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-603108328-2774621648-2957917973-1000\[...]\Run : AIM for Windows ("C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe" [7]) -> FOUND [RUN][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [7]) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [bROK VAL] HKCR\[...]\command : () -> MISSING ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤ [Adam Pantano][sUSP PATH] NexDef Plug-in.lnk : C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk @C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe [-][-] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDS723020BLA642 +++++ --- User --- [MBR] e586aac099f535a4daa92294c78d1bc0 [bSP] 05ad55a80422b83a6b3ad38d75f01f30 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 500 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1026048 | Size: 40960 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 84912128 | Size: 1866267 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HDS723020BLA642 +++++ --- User --- [MBR] 8081c2ba23b90f5cc447b56b614dbed6 [bSP] 9b2f533c20e0c751fe7be299b0a7c5c1 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_09102013_211254.txt >>
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2/18/2013 3:20:15 PM System Uptime: 9/10/2013 7:47:58 PM (2 hours ago) . Motherboard: ASUSTeK Computer INC. | | P8Z68-V LE Processor: Intel® Core i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1823 GiB total, 1722.122 GiB free. D: is FIXED (NTFS) - 40 GiB total, 34.643 GiB free. E: is CDROM (CDFS) F: is FIXED (FAT32) - 233 GiB total, 215.634 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318} Description: High Definition Audio Controller Device ID: PCI\VEN_1002&DEV_AA58&SUBSYS_AA581545&REV_00\4&2E16EFB5&0&01E0 Manufacturer: Microsoft Name: High Definition Audio Controller PNP Device ID: PCI\VEN_1002&DEV_AA58&SUBSYS_AA581545&REV_00\4&2E16EFB5&0&01E0 Service: HDAudBus . ==== System Restore Points =================== . RP79: 8/24/2013 12:21:03 PM - Installed XSplit Broadcaster RP80: 8/25/2013 7:00:10 PM - Windows Backup RP81: 9/1/2013 7:00:10 PM - Windows Backup RP82: 9/8/2013 7:00:10 PM - Windows Backup RP83: 9/10/2013 7:34:35 PM - Restore Operation . ==== Installed Programs ====================== . Ad-Aware Antivirus Ad-Aware Security Add-on Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.2) Adobe Shockwave Player 11.6 Age of Empires II: HD Edition AIM for Windows AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders Apple Application Support Apple Mobile Device Support Apple Software Update Application Profiles Asmedia ASM104x USB 3.0 Host Controller Driver AVG 2013 AVG SafeGuard toolbar Bonjour CameraHelperMsi Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink Power2Go CyberLink PowerDVD 10 D3DX10 Diablo III Download Updater (AOL Inc.) erLT iCloud Intel® Control Center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Monitor 2.0 iTunes Java 7 Update 25 Java Auto Updater JavaFX 2.0.3 Junk Mail filter update Logitech Vid Logitech Webcam Software Logitech Webcam Software Driver Package LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS VideoEffects LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) NETGEAR WNDA4100 Genie PasswordBox Path of Exile Photo Common Photo Gallery QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Sendori SimCity 2000 Special Edition Skype Click to Call Skype™ 6.6 Spybot - Search & Destroy Steam SUPERAntiSpyware Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources XSplit Broadcaster . ==== Event Viewer Messages From Past Week ======== . 9/10/2013 7:44:49 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 9/10/2013 7:24:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 9/10/2013 7:24:51 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/10/2013 3:06:54 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. . ==== End Of File ===========================
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2 Run by Adam Pantano at 21:03:12 on 2013-09-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16364.11569 [GMT -4:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\PasswordBox\pbbtnService.exe C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Sendori\sndappv2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Sendori\SendoriSvc.exe C:\Program Files (x86)\Sendori\Sendori.Service.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Sendori\SendoriUp.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Sendori\SendoriTray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\ProgramData\Search Protection\SearchProtection.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\PROGRA~2\AD-AWA~1\AdAware.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\PasswordBox\Application\BgPageServer.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\MsSpellCheckingFacility.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: PasswordBox Toolbar: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll TB: PasswordBox Toolbar: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll uRun: [AIM for Windows] "C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe uRun: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" mRun: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" StartupFolder: C:\Users\ADAMPA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe StartupFolder: C:\Users\ADAMPA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: C:\Windows\System32\Sendori.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{30DBC389-AECA-476F-8E55-42C6A1FEDE7D} : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{30DBC389-AECA-476F-8E55-42C6A1FEDE7D}\147514747435D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA}\0727563747967656 : NameServer = 75.75.75.75,75.75.76.76 TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA}\0727563747967656 : DHCPNameServer = 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-7-10 45880] R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-9-9 14456] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-30 45856] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-6-13 1236336] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-2-15 240640] R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-16 13592] R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-9-7 67584] R2 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [2012-4-30 377088] R2 RalinkRegistryWriter64;RalinkRegistryWriter64;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2012-4-30 455424] R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-9-10 1817560] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-9-10 1033688] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-9-10 171928] R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008] R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-8-15 1643184] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-2-24 126952] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-2-24 389608] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-1-15 96768] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136] R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-28 646248] S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/03/16 13:42:15;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-3-9 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-8-25 158976] S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-4-30 30232] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-20 1255736] . =============== Created Last 30 ================ . 2013-09-11 00:03:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-09-11 00:03:49 17272 ----a-w- C:\Windows\System32\sdnclean64.exe 2013-09-11 00:03:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-09-10 03:03:52 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\PasswordBox 2013-09-10 02:42:35 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com 2013-09-10 02:42:31 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-09-10 02:42:31 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-09-10 01:57:28 -------- d-----w- C:\Program Files (x86)\PasswordBox 2013-09-10 01:40:50 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics 2013-09-10 01:40:48 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus 2013-09-10 01:38:26 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus 2013-09-10 01:38:15 -------- d-----w- C:\ProgramData\Downloaded Installations 2013-09-10 01:38:14 -------- d-----w- C:\ProgramData\Search Protection 2013-09-10 01:38:13 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\adawarebp 2013-09-10 01:38:13 -------- d-----w- C:\ProgramData\blekko toolbars 2013-09-10 01:38:12 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection 2013-09-10 01:38:08 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner 2013-09-10 01:38:02 -------- d-----w- C:\Program Files (x86)\Lavasoft 2013-09-10 01:37:22 47496 ----a-w- C:\Windows\System32\sbbd.exe 2013-09-10 01:37:22 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys 2013-09-10 01:37:21 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus 2013-08-24 16:21:42 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs 2013-08-24 16:21:37 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2013-08-24 16:21:16 -------- d-----w- C:\ProgramData\SplitMediaLabs 2013-08-24 16:21:16 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs 2013-08-24 16:20:54 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs 2013-08-18 13:53:02 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software 2013-08-18 13:49:38 53248 ----a-r- C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2013-08-18 13:48:56 -------- d-----w- C:\Program Files (x86)\Common Files\LWS 2013-08-17 23:27:55 -------- d-----w- C:\Program Files\iPod 2013-08-17 23:27:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-17 23:27:54 -------- d-----w- C:\Program Files\iTunes 2013-08-17 23:27:54 -------- d-----w- C:\Program Files (x86)\iTunes 2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-08-15 02:37:58 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-08-12 07:00:17 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 . ==================== Find3M ==================== . 2013-08-21 15:09:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-21 15:09:11 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-08-21 15:09:07 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-08-15 08:21:37 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-07-20 05:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys 2013-07-20 05:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2013-07-20 05:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-07-20 05:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-07-10 05:32:38 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-01 16:49:06 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll 2013-07-01 05:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2013-06-25 00:20:11 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-25 00:20:11 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-06-25 00:20:11 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys . ============= FINISH: 21:03:21.91 ===============
- September 11, 2013
- 33 replies
Search Assist

adampantano replied to adampantano's topic in Resolved Malware Removal Logs

You want me to copy and paste results of the two text files in this thread?
- September 11, 2013
- 33 replies
Search Assist

adampantano posted a topic in Resolved Malware Removal Logs

Hi Everyone, I believe I have some Malware or Adware on my PC. I currently have tried AVG, Spybot, CC Cleaner, Super Anti Spyware, Ad Aware, and Malbytes Anti Malware with no luck. This is the problem I am account. When I click on links (even safe links like Yahoo) a new window will popup that says something like "This ad ware brought to you by SearchAssist.com. It will close in 30 seconds of inactivity" or something. It also turns certain Words into hyperlinks that are orange in color and double underlined. Does anyone know how to remove this. Thank you in advance!
- September 11, 2013
- 33 replies

Events

Profiles

Forums

Everything posted by adampantano

Important Information