Jump to content

Bullseye1863

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. That's great Kevin, thanks so much! Yes it's OK to close out the thread!
  2. Thanks Kevin. Here's the log. All processes killed========== FILES ==========< ipconfig /flushdns /c >Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.C:\Users\Rich\Desktop\cmd.bat deleted successfully.C:\Users\Rich\Desktop\cmd.txt deleted successfully.C:\FRST\Quarantine folder moved successfully.C:\FRST\Logs folder moved successfully.C:\FRST\Hives\Users\00000002 folder moved successfully.C:\FRST\Hives\Users\00000001 folder moved successfully.C:\FRST\Hives\Users folder moved successfully.C:\FRST\Hives folder moved successfully.C:\FRST folder moved successfully.C:\Users\Rich\AppData\Local\Temp\307C.tmp moved successfully.C:\Users\Rich\AppData\Local\Temp\3533.tmp moved successfully.C:\Users\Rich\AppData\Local\Temp\PDF5716.tmp moved successfully.DllUnregisterServer procedure not found in C:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\IEHelper.dllC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\IEHelper.dll moved successfully.C:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Setup.exe moved successfully.C:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\ccp.exe moved successfully.DllUnregisterServer procedure not found in C:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\IEHelper.dllC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\IEHelper.dll moved successfully.C:\Users\Rich\Downloads\cbsidlm-tr1_11-OFXViewer-ORG-75628573.exe moved successfully.C:\Windows\System32\FlashPlayerUpdateService.exe moved successfully.C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe moved successfully.File/Folder C:\Windows\SysWOW64\FlashPlayerUpdateService.exe not found.File/Folder C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe not found.========== COMMANDS ========== [EMPTYTEMP] User: Administrator->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Public User: Rich->Temp folder emptied: 7351482891 bytes->Temporary Internet Files folder emptied: 108093044 bytes->FireFox cache emptied: 19888473 bytes->Google Chrome cache emptied: 212406251 bytes->Flash cache emptied: 79503 bytes %systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 633880268 bytes%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 19391555 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42304743 bytesRecycleBin emptied: 45395063 bytes Total Files Cleaned = 8,042.00 mb OTM by OldTimer - Version 3.1.21.0 log created on 09192013_204831 Files moved on Reboot...C:\Users\Rich\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.C:\Users\Rich\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. Registry entries deleted on Reboot... System seems to be working fine but I will report back if any problems are encountered. Thanks again, it's much appreciated Bullseye1863
  3. Thanks Kevin, so the ESET SCAN hasn't actually removed the threats that were found yet then, that's correct? Fixlog and ESET SCAN below. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-09-2013Ran by Rich at 2013-09-18 20:31:01 Run:1Running from C:\Users\Rich\DownloadsBoot Mode: Normal============================================== Content of fixlist:*****************StartC:\Users\Rich\AppData\Local\Temp\0087479e-8af8-4a33-b0b3-a0e272727e99.dllC:\Users\Rich\AppData\Local\Temp\01cabf1b-0dc4-4144-bd0b-f1f1254f1e4c.dllC:\Users\Rich\AppData\Local\Temp\0977a2c6-17c6-4b34-b84c-a708e0e8f9af.dllC:\Users\Rich\AppData\Local\Temp\0a6d6a91-6a2b-4fdc-9387-af3f20d66faa.dllC:\Users\Rich\AppData\Local\Temp\0afab3f5-57f8-44ae-b780-69720c578e8f.dllC:\Users\Rich\AppData\Local\Temp\0d5f85e5-dc13-408c-9c90-3ea923637fd5.dllC:\Users\Rich\AppData\Local\Temp\0e8df721-b8b7-4b0e-a696-5e39bf2de3d4.dllC:\Users\Rich\AppData\Local\Temp\0fe7ad4c-d227-4bd0-95ab-eee2c32e886c.dllC:\Users\Rich\AppData\Local\Temp\139964ef-07ea-4f6a-a61c-eab90e3854cc.dllC:\Users\Rich\AppData\Local\Temp\14ddaf94-084f-46ec-be51-6ad7e1182658.dllC:\Users\Rich\AppData\Local\Temp\14efddd8-9bc3-4061-ac25-d3a07612082f.dllC:\Users\Rich\AppData\Local\Temp\1f24c792-bbc7-4d13-a327-a4dbd032453d.dllC:\Users\Rich\AppData\Local\Temp\210ef00f-358e-449c-afc7-4a2c4d8ad646.dllC:\Users\Rich\AppData\Local\Temp\299c36cc-0e9a-4ad6-bcea-879fa8cf85f9.dllC:\Users\Rich\AppData\Local\Temp\2be2a2f2-008e-464d-831b-37338eebd07e.dllC:\Users\Rich\AppData\Local\Temp\2f6c47f6-b524-48c7-8f3d-02bdc60e7146.dllC:\Users\Rich\AppData\Local\Temp\31c7062c-77ad-4496-8904-7c1b1c369d71.dllC:\Users\Rich\AppData\Local\Temp\32d346f0-a11d-4b36-83b6-7f39e7320b97.dllC:\Users\Rich\AppData\Local\Temp\3688bf2d-7c90-4de3-afd1-2c52352ba501.dllC:\Users\Rich\AppData\Local\Temp\388837dd-6fc3-4d06-a042-17ba87dbe965.dllC:\Users\Rich\AppData\Local\Temp\415f32f2-8621-4469-a85e-72f55356e41e.dllC:\Users\Rich\AppData\Local\Temp\47720de4-cbf3-4cc1-a042-41ad2a7cdfd1.dllC:\Users\Rich\AppData\Local\Temp\4c140a68-89b0-40ef-bd43-14050c56d5a3.dllC:\Users\Rich\AppData\Local\Temp\4c178caf-4ea2-48a7-8bd6-5421bae61d81.dllC:\Users\Rich\AppData\Local\Temp\5c11f94e-6173-4cbc-a35e-b06a0f1d1b6a.dllC:\Users\Rich\AppData\Local\Temp\62d1d068-5c0a-44ed-87e8-d0b012615bba.dllC:\Users\Rich\AppData\Local\Temp\65f0e3ca-3fcb-4ff3-ba62-2f7e9d599ccb.dllC:\Users\Rich\AppData\Local\Temp\6a5050b4-38fd-4c03-ae23-b49a72d9b394.dllC:\Users\Rich\AppData\Local\Temp\6a9acb4b-2985-4241-be59-ac76cd8d66cc.dllC:\Users\Rich\AppData\Local\Temp\6c21f13f-9689-459f-a313-fc6218636bc0.dllC:\Users\Rich\AppData\Local\Temp\71d7ca55-d0c2-42f3-9307-3e9422fba942.dllC:\Users\Rich\AppData\Local\Temp\770d196e-4aa7-42c8-8115-403fb3adebcc.dllC:\Users\Rich\AppData\Local\Temp\78092f9a-d49b-4ad1-81ba-fc37b5298617.dllC:\Users\Rich\AppData\Local\Temp\7ed5af97-5500-4080-b551-e2bc430f8ecb.dllC:\Users\Rich\AppData\Local\Temp\82170a70-9959-4d4b-80d7-3ddb19329bf1.dllC:\Users\Rich\AppData\Local\Temp\888574ff-e3ec-4a0f-9e86-636b8fed138f.dllC:\Users\Rich\AppData\Local\Temp\8a4815eb-a7c8-4377-8bf2-c833f976bdd4.dllC:\Users\Rich\AppData\Local\Temp\8c2e8a77-37a8-4e3f-bdeb-a6eef6d29fcf.dllC:\Users\Rich\AppData\Local\Temp\8eb778bf-9452-4358-af40-9346fe030225.dllC:\Users\Rich\AppData\Local\Temp\918b5cb4-6582-4982-a0ed-17c46b917197.dllC:\Users\Rich\AppData\Local\Temp\92b21671-91d6-4529-b795-2196e190ee0d.dllC:\Users\Rich\AppData\Local\Temp\92b23c07-b76a-4a00-be19-1f6d7f5c4591.dllC:\Users\Rich\AppData\Local\Temp\96189548-f15b-4c55-bc59-f454cfc4ec54.dllC:\Users\Rich\AppData\Local\Temp\ac33bde4-73b2-45da-8f3b-85dbf42ee900.dllC:\Users\Rich\AppData\Local\Temp\ada8456c-5b0c-40e5-aa2d-ba94f669f07e.dllC:\Users\Rich\AppData\Local\Temp\AutoRun.exeC:\Users\Rich\AppData\Local\Temp\AutoRunGUI.dllC:\Users\Rich\AppData\Local\Temp\b135c352-f3bb-4131-a0fa-6298bfc97c22.dllC:\Users\Rich\AppData\Local\Temp\b14cb926-277d-4d28-a977-1e9e4a93c0a3.dllC:\Users\Rich\AppData\Local\Temp\b22c4574-6f9d-4353-ac61-e799070ae4a9.dllC:\Users\Rich\AppData\Local\Temp\b2e4e5b4-49d3-45fb-b359-34079fa007b1.dllC:\Users\Rich\AppData\Local\Temp\b433ad80-f9f7-4c88-b5bf-334ab4b7321c.dllC:\Users\Rich\AppData\Local\Temp\b943653c-1b2f-429e-b5ab-7d493cd14932.dllC:\Users\Rich\AppData\Local\Temp\bc5d5a6a-6dbc-423b-8a10-2b6fdc1ca3e2.dllC:\Users\Rich\AppData\Local\Temp\bc5fed7b-21fc-41a6-8256-6d3fb825f9d2.dllC:\Users\Rich\AppData\Local\Temp\c4734da3-a699-43e7-8648-df90fbb1ce60.dllC:\Users\Rich\AppData\Local\Temp\cd5284f7-1838-49bb-bf00-a3537b620286.dllC:\Users\Rich\AppData\Local\Temp\contentDATs.exeC:\Users\Rich\AppData\Local\Temp\d8ba0f07-0d8e-4db8-b4e4-30d92eac82d2.dllC:\Users\Rich\AppData\Local\Temp\d9544fd3-bcf6-4810-859c-88754b8e0a24.dllC:\Users\Rich\AppData\Local\Temp\df4f1eb1-ce86-47b5-a29a-f0b1c46e8f1a.dllC:\Users\Rich\AppData\Local\Temp\df87f017-7f8b-41c7-8a64-27869fdb6907.dllC:\Users\Rich\AppData\Local\Temp\DivXWebPlayerInstaller.exeC:\Users\Rich\AppData\Local\Temp\e2d3f28a-621a-4151-bc0f-11640cd8553d.dllC:\Users\Rich\AppData\Local\Temp\e64432dd-8ab1-4619-8785-55b53b40b16c.dllC:\Users\Rich\AppData\Local\Temp\e6592065-0dc4-421b-aa4b-da3b651c3ad0.dllC:\Users\Rich\AppData\Local\Temp\e978a29b-9483-4b3e-b888-90e8322f140e.dllC:\Users\Rich\AppData\Local\Temp\ea0a42a7-1b58-4091-8064-e6aecbae9387.dllC:\Users\Rich\AppData\Local\Temp\ebfb8d10-93e9-4a91-a7fc-7ac339893f45.dllC:\Users\Rich\AppData\Local\Temp\eca49c3a-7625-4728-9d20-e17efc3e871b.dllC:\Users\Rich\AppData\Local\Temp\ef7e977c-24c5-49db-9f71-ecfbca253d3f.dllC:\Users\Rich\AppData\Local\Temp\Extract.exeC:\Users\Rich\AppData\Local\Temp\f118e631-16b6-4071-a2d9-3f4469ced29e.dllC:\Users\Rich\AppData\Local\Temp\f1d7021b-c227-49d8-a3ad-a88683cc4a65.dllC:\Users\Rich\AppData\Local\Temp\f7409a45-15d1-41cb-bcdb-ba9a3deade34.dllC:\Users\Rich\AppData\Local\Temp\MixiDJToolbar_yh.exeC:\Users\Rich\AppData\Local\Temp\Quarantine.exeC:\Users\Rich\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Rich\AppData\Local\Temp\SkypeSetup.exeC:\Users\Rich\AppData\Local\Temp\sp54620.exeC:\Users\Rich\AppData\Local\Temp\SP54714.exeC:\Users\Rich\AppData\Local\Temp\SP55086.exeC:\Users\Rich\AppData\Local\Temp\SP55151.exeC:\Users\Rich\AppData\Local\Temp\SP55549.exeC:\Users\Rich\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\Rich\AppData\Local\Temp\UninstallHPSA.exeC:\Users\Rich\AppData\Local\Temp\vcredist_x64.exeEnd ***************** C:\Users\Rich\AppData\Local\Temp\0087479e-8af8-4a33-b0b3-a0e272727e99.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\01cabf1b-0dc4-4144-bd0b-f1f1254f1e4c.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0977a2c6-17c6-4b34-b84c-a708e0e8f9af.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0a6d6a91-6a2b-4fdc-9387-af3f20d66faa.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0afab3f5-57f8-44ae-b780-69720c578e8f.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0d5f85e5-dc13-408c-9c90-3ea923637fd5.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0e8df721-b8b7-4b0e-a696-5e39bf2de3d4.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\0fe7ad4c-d227-4bd0-95ab-eee2c32e886c.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\139964ef-07ea-4f6a-a61c-eab90e3854cc.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\14ddaf94-084f-46ec-be51-6ad7e1182658.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\14efddd8-9bc3-4061-ac25-d3a07612082f.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\1f24c792-bbc7-4d13-a327-a4dbd032453d.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\210ef00f-358e-449c-afc7-4a2c4d8ad646.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\299c36cc-0e9a-4ad6-bcea-879fa8cf85f9.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\2be2a2f2-008e-464d-831b-37338eebd07e.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\2f6c47f6-b524-48c7-8f3d-02bdc60e7146.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\31c7062c-77ad-4496-8904-7c1b1c369d71.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\32d346f0-a11d-4b36-83b6-7f39e7320b97.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\3688bf2d-7c90-4de3-afd1-2c52352ba501.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\388837dd-6fc3-4d06-a042-17ba87dbe965.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\415f32f2-8621-4469-a85e-72f55356e41e.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\47720de4-cbf3-4cc1-a042-41ad2a7cdfd1.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\4c140a68-89b0-40ef-bd43-14050c56d5a3.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\4c178caf-4ea2-48a7-8bd6-5421bae61d81.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\5c11f94e-6173-4cbc-a35e-b06a0f1d1b6a.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\62d1d068-5c0a-44ed-87e8-d0b012615bba.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\65f0e3ca-3fcb-4ff3-ba62-2f7e9d599ccb.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\6a5050b4-38fd-4c03-ae23-b49a72d9b394.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\6a9acb4b-2985-4241-be59-ac76cd8d66cc.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\6c21f13f-9689-459f-a313-fc6218636bc0.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\71d7ca55-d0c2-42f3-9307-3e9422fba942.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\770d196e-4aa7-42c8-8115-403fb3adebcc.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\78092f9a-d49b-4ad1-81ba-fc37b5298617.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\7ed5af97-5500-4080-b551-e2bc430f8ecb.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\82170a70-9959-4d4b-80d7-3ddb19329bf1.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\888574ff-e3ec-4a0f-9e86-636b8fed138f.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\8a4815eb-a7c8-4377-8bf2-c833f976bdd4.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\8c2e8a77-37a8-4e3f-bdeb-a6eef6d29fcf.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\8eb778bf-9452-4358-af40-9346fe030225.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\918b5cb4-6582-4982-a0ed-17c46b917197.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\92b21671-91d6-4529-b795-2196e190ee0d.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\92b23c07-b76a-4a00-be19-1f6d7f5c4591.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\96189548-f15b-4c55-bc59-f454cfc4ec54.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\ac33bde4-73b2-45da-8f3b-85dbf42ee900.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\ada8456c-5b0c-40e5-aa2d-ba94f669f07e.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\AutoRun.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b135c352-f3bb-4131-a0fa-6298bfc97c22.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b14cb926-277d-4d28-a977-1e9e4a93c0a3.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b22c4574-6f9d-4353-ac61-e799070ae4a9.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b2e4e5b4-49d3-45fb-b359-34079fa007b1.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b433ad80-f9f7-4c88-b5bf-334ab4b7321c.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\b943653c-1b2f-429e-b5ab-7d493cd14932.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\bc5d5a6a-6dbc-423b-8a10-2b6fdc1ca3e2.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\bc5fed7b-21fc-41a6-8256-6d3fb825f9d2.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\c4734da3-a699-43e7-8648-df90fbb1ce60.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\cd5284f7-1838-49bb-bf00-a3537b620286.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\contentDATs.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\d8ba0f07-0d8e-4db8-b4e4-30d92eac82d2.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\d9544fd3-bcf6-4810-859c-88754b8e0a24.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\df4f1eb1-ce86-47b5-a29a-f0b1c46e8f1a.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\df87f017-7f8b-41c7-8a64-27869fdb6907.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\DivXWebPlayerInstaller.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\e2d3f28a-621a-4151-bc0f-11640cd8553d.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\e64432dd-8ab1-4619-8785-55b53b40b16c.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\e6592065-0dc4-421b-aa4b-da3b651c3ad0.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\e978a29b-9483-4b3e-b888-90e8322f140e.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\ea0a42a7-1b58-4091-8064-e6aecbae9387.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\ebfb8d10-93e9-4a91-a7fc-7ac339893f45.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\eca49c3a-7625-4728-9d20-e17efc3e871b.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\ef7e977c-24c5-49db-9f71-ecfbca253d3f.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\Extract.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\f118e631-16b6-4071-a2d9-3f4469ced29e.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\f1d7021b-c227-49d8-a3ad-a88683cc4a65.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\f7409a45-15d1-41cb-bcdb-ba9a3deade34.dll => Moved successfully.C:\Users\Rich\AppData\Local\Temp\MixiDJToolbar_yh.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\Quarantine.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SecurityScan_Release.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\sp54620.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SP54714.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SP55086.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SP55151.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SP55549.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\SpotifyUpgrader.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.C:\Users\Rich\AppData\Local\Temp\vcredist_x64.exe => Moved successfully. ==== End of Fixlog ==== ESET SCAN C:\FRST\Quarantine\MixiDJToolbar_yh.exe a variant of Win32/Toolbar.Babylon.A applicationC:\Users\Rich\AppData\Local\Temp\307C.tmp Win32/Toolbar.Babylon.M applicationC:\Users\Rich\AppData\Local\Temp\3533.tmp Win32/Toolbar.Babylon.M applicationC:\Users\Rich\AppData\Local\Temp\PDF5716.tmp JS/Exploit.Pdfka.PTV trojanC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\IEHelper.dll a variant of Win32/Toolbar.Babylon.E applicationC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Setup.exe a variant of Win32/Toolbar.Babylon.H applicationC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\ccp.exe Win32/Toolbar.Babylon.M applicationC:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\IEHelper.dll Win32/Toolbar.Babylon.E applicationC:\Users\Rich\Downloads\cbsidlm-tr1_11-OFXViewer-ORG-75628573.exe Win32/DownloadAdmin.G applicationC:\Windows\System32\FlashPlayerUpdateService.exe Win32/Downloader.Agent.L applicationC:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe Win32/Downloader.Agent.L applicationC:\Windows\SysWOW64\FlashPlayerUpdateService.exe Win32/Downloader.Agent.L applicationC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Win32/Downloader.Agent.L application Thanks.
  4. Thanks yet again Kevin. Happy to report that everything now appears to be working as normal! Here are the logs anyway: JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.1 (09.15.2013:1)OS: Windows 7 Home Premium x64Ran by Rich on 17/09/2013 at 20:37:54.50~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1906510967-1372018587-2623179206-1002\Software\SweetIMSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{85E2B7BF-7FAA-4DFD-816C-74431D5C58E8}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{85E2B7BF-7FAA-4DFD-816C-74431D5C58E8} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Rich\appdata\local\adawarebp"Successfully deleted: [Folder] "C:\Users\Rich\appdata\local\slick savings"Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{000F56D1-EF38-41E9-974C-D322A5396BA8}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{03912A0F-F75A-4E57-9610-97C79EBE6D2C}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{039B8F0A-B878-449C-A0E5-0D3090E47DBE}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{05545DDA-FFE3-4894-9830-1F8F1D9559E2}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{05878108-A2BC-4954-946E-70A4DFBD1650}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{0C53F6A4-612B-4513-923B-500F4DA71629}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{162495A6-4DC8-41C4-9301-4FC7B8A6629E}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{18058690-FB6B-4697-9F43-8CF49DF61A16}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{1C546991-B9A3-4611-8E74-4F153C60AB67}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{1CCCBCF1-08D3-4909-A9B3-BF0A04CFF44E}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{20791CA9-91FB-4616-8F54-E479B0733EA9}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{221293DF-755B-4C38-821C-FD9FA6379FE5}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{25D47234-C04B-46EA-A1E0-750BB534822A}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{29D35DDA-2665-4921-97A3-FC705DEE16C5}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{2E1F93B3-D342-4D0F-99A2-D3181171BC29}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{3634042C-64A1-4B93-8D80-682673450540}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{3C8DC84E-6340-4F4D-841F-B9B7A6A206BC}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{3F110247-EF84-4732-B1AC-3D4D17CC82F5}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{402DD03D-8226-46CB-BBD4-E14295213A14}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{4A0E0800-8015-418F-994A-FF93A99EAB65}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{4BFE0ED2-1833-4D20-8683-C23D9AB38DBE}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{4E205486-1CBC-457F-9074-FDD224F56FA0}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{4F3EC1B8-373D-4E95-BA83-AFA6BFAC3A6A}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{5B2AB920-8891-40DC-91C7-DA06FD991FE0}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{5D3E8D86-6F1E-4DC5-A85F-657C9CD16A68}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{609F7788-EC67-4B00-8D88-6C22CE8FA907}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{61757DAD-B23A-4680-8B2E-9CE4F1DF4925}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{6746ED35-94E7-4CCA-A0CB-98238F552772}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{6918CD94-DAF6-48F6-8E9B-0B7114978334}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{6E328926-FC86-48BE-8049-D5DAEE81CF45}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{6E67CAD7-F6E5-4783-8E3C-E9489DC9BE75}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{6F8F5B26-2EA7-4921-8433-5609643DB07E}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{728CA53B-CF53-4E3F-AE1C-9979D7E30706}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{7425A4AB-45AF-4377-96FC-B4BB341E919F}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{74CE2B4D-FAF2-4D25-9DF9-F00E8EC85B1C}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{74CF3186-2B12-44E9-8AAE-1CAF958D6F62}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{8392660E-33C2-4C82-98F8-6BDAFD1A1CB6}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{98302A5B-6C52-4EBB-8DD1-81B6B2867E14}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{98A6E842-B0EF-42BE-8CF1-8DB052E7983B}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{9C6AF363-27CA-44EF-BEFE-46361482C84F}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{9EB61643-C05D-44E7-B265-867C025ECEA3}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{A7DBE2F7-F30B-4F8C-B22A-65BF63C24B62}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{A99016C8-CD2F-4C55-A2BC-87AE1C1567E1}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{AC0F6C47-FF99-42EC-9C57-ABAC617F451F}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{B4CAEC48-B72A-4679-B44E-F4CA33FFDD70}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{B54CAC34-5372-4DA0-AF40-036664ED03C5}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{B55BC927-BA05-43CF-BAA0-343CAABE7485}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{B66AEC6D-33B4-4C89-B6F1-BDC45DF0A368}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{BEDC9BA1-D328-4583-B131-95BC576DA1E9}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{C017D3BC-BBF6-47DD-AE74-A5A6FEE31FE2}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{C5755CEA-F986-4E1E-8AD6-4C1C9BA07034}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{CB5D42B4-E077-47B9-BD95-BFFB52119294}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{CCC6F7ED-D3B0-4EFF-B0DA-2B5CBC78175B}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{D5276716-6A74-4A46-BDC5-6A76D27ACF0C}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{DEE46158-1F60-4BAD-A8CE-D1726DFF3E98}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{DEF4EDBF-38ED-481F-8B49-C9AE1F4EDEBB}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{E0F6A931-3444-4CB5-ABD1-57C186B11C3B}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{E5675B64-9057-426E-AF95-BABF3170F321}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{E873B674-3D36-4D9A-A3FA-C8202D31AC43}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{E98019F9-8F33-4B1F-9B40-F37789252EC0}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{ED4AA139-5C0F-4F46-AE29-6DB16C5D514E}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{EEFB904C-03E3-41F8-8125-6B4E7DE1BA1A}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{F4376968-536C-46B2-991B-151B84DF287B}Successfully deleted: [Empty Folder] C:\Users\Rich\appdata\local\{F63EA9C1-A752-441A-94EF-1C050C7A8849} ~~~ FireFox Emptied folder: C:\Users\Rich\AppData\Roaming\mozilla\firefox\profiles\m6tlhs93.default\minidumps [11 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 17/09/2013 at 20:56:24.48End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03Ran by Rich (administrator) on RICH-HP on 17-09-2013 20:59:27Running from C:\Users\Rich\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe(AMD) C:\Windows\system32\atieclxx.exe(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe( ) C:\Windows\system32\lxblcoms.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe(Spotify Ltd) C:\Users\Rich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)HKLM\...\Run: [setDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-31] (Hewlett-Packard Development Company, L.P.)HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1HKCU\...\Run: [Google Update] - C:\Users\Rich\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-25] (Google Inc.)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1631144 2013-03-29] (Valve Corporation)HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59240 2012-02-24] (Apple Inc.)HKCU\...\Run: [spotify Web Helper] - C:\Users\Rich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-30] (Spotify Ltd)HKCU\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKCU\...\Run: [spotify] - C:\Users\Rich\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-30] (Spotify Ltd)HKCU\...\Policies\system: [DisableLockWorkstation] 0HKCU\...\Policies\system: [DisableChangePassword] 0HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-05] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504 2011-06-28] (Hewlett-Packard Company)HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [336440 2011-06-14] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [198032 2011-10-21] (Lavasoft)HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run [x]HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com?type=994519&fr=spigot-yhp-ieHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBoxSearchScopes: HKLM - {85E2B7BF-7FAA-4DFD-816C-74431D5C58E8} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}SearchScopes: HKCU - {CC043459-4697-4979-811A-E91B4524A4DB} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-08-10] (EasyBits Software Corp.)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox:========FF ProfilePath: C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\m6tlhs93.defaultFF Homepage: about:homeFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Rich\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Rich\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 Chrome: =======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No FileCHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)CHR Plugin: (Downloader Detector) - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (Google Docs) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Google Calendar) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0CHR Extension: (Google Play Books) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0CHR Extension: (Gmail) - C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crxCHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crxCHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Rich\AppData\Local\Slick Savings\coupons.crxCHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crxCHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx ==================== Services (Whitelisted) ================= R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1161072 2012-03-29] (Lavasoft Limited)R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)R2 lxbl_device; C:\Windows\system32\lxblcoms.exe [566704 2007-04-20] ( )S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe [2804280 2011-05-17] (Sunbelt Software) ==================== Drivers (Whitelisted) ==================== S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [72280 2011-05-11] (Sunbelt Software)R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)S1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [55384 2011-04-29] (Sunbelt Software)R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-17 20:59 - 2013-09-17 20:59 - 00000000 ____D C:\FRST2013-09-17 20:58 - 2013-09-17 20:58 - 01950524 _____ (Farbar) C:\Users\Rich\Downloads\FRST64.exe2013-09-17 20:58 - 2013-09-17 20:58 - 01083437 _____ (Farbar) C:\Users\Rich\Downloads\FRST.exe2013-09-17 20:56 - 2013-09-17 20:56 - 00008312 _____ C:\Users\Rich\Desktop\JRT.txt2013-09-17 20:37 - 2013-09-17 20:37 - 00000000 ____D C:\Windows\ERUNT2013-09-17 20:35 - 2013-09-17 20:36 - 01029675 _____ (Thisisu) C:\Users\Rich\Downloads\JRT.exe2013-09-16 22:24 - 2013-09-16 22:24 - 00003701 _____ C:\Users\Rich\Desktop\AdwCleaner[s0].txt2013-09-16 22:02 - 2013-09-16 22:09 - 00000000 ____D C:\AdwCleaner2013-09-16 22:01 - 2013-09-16 22:01 - 01039554 _____ C:\Users\Rich\Downloads\AdwCleaner.exe2013-09-16 20:48 - 2013-09-16 21:11 - 00007234 _____ C:\Users\Rich\Desktop\attach.txt2013-09-16 20:48 - 2013-09-16 20:48 - 00018228 _____ C:\Users\Rich\Desktop\dds.txt2013-09-16 20:44 - 2013-09-16 20:44 - 00688992 ____R (Swearware) C:\Users\Rich\Downloads\dds.com2013-09-12 03:19 - 2013-08-10 06:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-09-12 03:19 - 2013-08-10 04:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-09-12 03:19 - 2013-08-10 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-09-12 03:19 - 2013-08-10 04:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-09-12 03:18 - 2013-08-10 06:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-09-12 03:18 - 2013-08-10 06:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-09-12 03:18 - 2013-08-10 06:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-09-12 03:18 - 2013-08-10 06:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-09-12 03:18 - 2013-08-10 06:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-09-12 03:18 - 2013-08-10 06:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-09-12 03:18 - 2013-08-10 06:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-09-12 03:18 - 2013-08-10 06:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-09-12 03:18 - 2013-08-10 06:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-09-12 03:18 - 2013-08-10 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-09-12 03:18 - 2013-08-10 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-09-12 03:18 - 2013-08-10 04:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-09-12 03:18 - 2013-08-10 04:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-09-12 03:18 - 2013-08-10 04:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-09-12 03:18 - 2013-08-10 04:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-09-12 03:18 - 2013-08-10 04:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-09-12 03:18 - 2013-08-10 04:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-09-12 03:18 - 2013-08-10 03:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-09-12 03:18 - 2013-08-10 03:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-09-12 03:17 - 2013-08-10 06:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-09-12 03:17 - 2013-08-10 06:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-09-12 03:17 - 2013-08-10 04:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-09-12 02:13 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys2013-09-12 02:13 - 2013-08-02 03:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-09-12 02:13 - 2013-08-02 03:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-09-12 02:13 - 2013-08-02 03:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-09-12 02:13 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2013-09-12 02:13 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2013-09-12 02:13 - 2013-08-02 02:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-09-12 02:13 - 2013-08-02 02:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-09-12 02:13 - 2013-08-02 02:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-09-12 02:13 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2013-09-12 02:13 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2013-09-12 02:13 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2013-09-12 02:12 - 2013-08-02 03:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2013-09-12 02:12 - 2013-08-02 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2013-09-12 02:12 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2013-09-12 02:12 - 2013-08-02 03:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2013-09-12 02:12 - 2013-08-02 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-09-12 02:12 - 2013-08-02 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-09-12 02:12 - 2013-08-02 01:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-09-12 02:12 - 2013-08-02 01:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-09-12 02:12 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2013-09-12 02:12 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2013-09-12 02:11 - 2013-08-08 02:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-09-12 02:11 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2013-09-12 02:11 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll2013-09-12 02:11 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2013-09-12 02:11 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll2013-09-11 20:47 - 2013-09-11 20:47 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-09-11 20:47 - 2013-09-11 20:47 - 00000000 ____D C:\Users\Rich\AppData\Roaming\Malwarebytes2013-09-11 20:47 - 2013-09-11 20:47 - 00000000 ____D C:\ProgramData\Malwarebytes2013-09-11 20:46 - 2013-09-11 20:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-11 20:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-09-11 20:45 - 2013-09-11 20:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rich\Downloads\mbam-setup-1.75.0.1300.exe2013-09-10 20:42 - 2013-09-11 00:28 - 00000000 ____D C:\Users\Rich\AppData\Roaming\Azureus2013-08-25 09:00 - 2013-09-12 03:16 - 00000000 ____D C:\Windows\system32\MRT2013-08-18 14:08 - 2013-08-18 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2013-09-17 21:00 - 2011-12-26 15:03 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-09-17 21:00 - 2011-12-25 11:48 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1906510967-1372018587-2623179206-1002UA.job2013-09-17 20:59 - 2013-09-17 20:59 - 00000000 ____D C:\FRST2013-09-17 20:58 - 2013-09-17 20:58 - 01950524 _____ (Farbar) C:\Users\Rich\Downloads\FRST64.exe2013-09-17 20:58 - 2013-09-17 20:58 - 01083437 _____ (Farbar) C:\Users\Rich\Downloads\FRST.exe2013-09-17 20:57 - 2011-12-25 11:39 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{380B93D1-9026-4B57-BCA4-390E6126ADC7}2013-09-17 20:56 - 2013-09-17 20:56 - 00008312 _____ C:\Users\Rich\Desktop\JRT.txt2013-09-17 20:38 - 2013-06-09 17:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-09-17 20:37 - 2013-09-17 20:37 - 00000000 ____D C:\Windows\ERUNT2013-09-17 20:36 - 2013-09-17 20:35 - 01029675 _____ (Thisisu) C:\Users\Rich\Downloads\JRT.exe2013-09-17 20:28 - 2011-12-26 15:03 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-09-17 20:28 - 2011-12-25 11:48 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1906510967-1372018587-2623179206-1002Core.job2013-09-17 20:28 - 2011-10-14 23:13 - 01607434 _____ C:\Windows\WindowsUpdate.log2013-09-17 01:03 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-09-17 01:03 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-09-17 01:01 - 2009-07-14 06:13 - 00727334 _____ C:\Windows\system32\PerfStringBackup.INI2013-09-17 00:57 - 2011-12-27 18:08 - 00000000 ____D C:\Program Files (x86)\Steam2013-09-17 00:57 - 2011-12-25 23:30 - 00000000 ____D C:\Users\Rich\AppData\Local\CrashDumps2013-09-17 00:55 - 2012-04-09 13:46 - 00001868 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk2013-09-17 00:55 - 2011-12-26 00:03 - 00000000 ____D C:\Users\Rich\AppData\Roaming\Spotify2013-09-17 00:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-09-17 00:52 - 2009-07-14 05:51 - 00077044 _____ C:\Windows\setupact.log2013-09-16 23:13 - 2010-11-21 04:47 - 00608008 _____ C:\Windows\PFRO.log2013-09-16 22:24 - 2013-09-16 22:24 - 00003701 _____ C:\Users\Rich\Desktop\AdwCleaner[s0].txt2013-09-16 22:09 - 2013-09-16 22:02 - 00000000 ____D C:\AdwCleaner2013-09-16 22:01 - 2013-09-16 22:01 - 01039554 _____ C:\Users\Rich\Downloads\AdwCleaner.exe2013-09-16 21:11 - 2013-09-16 20:48 - 00007234 _____ C:\Users\Rich\Desktop\attach.txt2013-09-16 20:48 - 2013-09-16 20:48 - 00018228 _____ C:\Users\Rich\Desktop\dds.txt2013-09-16 20:44 - 2013-09-16 20:44 - 00688992 ____R (Swearware) C:\Users\Rich\Downloads\dds.com2013-09-12 07:24 - 2011-12-25 11:39 - 00000000 ___RD C:\Users\Rich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-09-12 07:24 - 2011-12-25 11:39 - 00000000 ___RD C:\Users\Rich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-09-12 04:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache2013-09-12 03:42 - 2009-07-14 05:45 - 00275712 _____ C:\Windows\system32\FNTCACHE.DAT2013-09-12 03:17 - 2011-12-25 12:18 - 00735726 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-09-12 03:17 - 2011-12-25 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client2013-09-12 03:16 - 2013-08-25 09:00 - 00000000 ____D C:\Windows\system32\MRT2013-09-12 03:11 - 2012-06-22 01:10 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-09-11 20:47 - 2013-09-11 20:47 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-09-11 20:47 - 2013-09-11 20:47 - 00000000 ____D C:\Users\Rich\AppData\Roaming\Malwarebytes2013-09-11 20:47 - 2013-09-11 20:47 - 00000000 ____D C:\ProgramData\Malwarebytes2013-09-11 20:47 - 2013-09-11 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-11 20:45 - 2013-09-11 20:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rich\Downloads\mbam-setup-1.75.0.1300.exe2013-09-11 20:07 - 2011-12-25 11:33 - 00000000 ____D C:\Users\Rich2013-09-11 19:06 - 2013-06-13 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2013-09-11 00:28 - 2013-09-10 20:42 - 00000000 ____D C:\Users\Rich\AppData\Roaming\Azureus2013-09-08 18:16 - 2013-07-31 13:46 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-09-08 13:13 - 2011-12-26 00:04 - 00000000 ____D C:\Users\Rich\AppData\Local\Spotify2013-09-08 13:02 - 2012-04-09 14:16 - 00000942 _____ C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job2013-08-27 00:16 - 2012-01-23 20:12 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRich2013-08-27 00:16 - 2012-01-23 20:12 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForRich.job2013-08-18 14:09 - 2013-08-18 14:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox Some content of TEMP:====================C:\Users\Rich\AppData\Local\Temp\0087479e-8af8-4a33-b0b3-a0e272727e99.dllC:\Users\Rich\AppData\Local\Temp\01cabf1b-0dc4-4144-bd0b-f1f1254f1e4c.dllC:\Users\Rich\AppData\Local\Temp\0977a2c6-17c6-4b34-b84c-a708e0e8f9af.dllC:\Users\Rich\AppData\Local\Temp\0a6d6a91-6a2b-4fdc-9387-af3f20d66faa.dllC:\Users\Rich\AppData\Local\Temp\0afab3f5-57f8-44ae-b780-69720c578e8f.dllC:\Users\Rich\AppData\Local\Temp\0d5f85e5-dc13-408c-9c90-3ea923637fd5.dllC:\Users\Rich\AppData\Local\Temp\0e8df721-b8b7-4b0e-a696-5e39bf2de3d4.dllC:\Users\Rich\AppData\Local\Temp\0fe7ad4c-d227-4bd0-95ab-eee2c32e886c.dllC:\Users\Rich\AppData\Local\Temp\139964ef-07ea-4f6a-a61c-eab90e3854cc.dllC:\Users\Rich\AppData\Local\Temp\14ddaf94-084f-46ec-be51-6ad7e1182658.dllC:\Users\Rich\AppData\Local\Temp\14efddd8-9bc3-4061-ac25-d3a07612082f.dllC:\Users\Rich\AppData\Local\Temp\1f24c792-bbc7-4d13-a327-a4dbd032453d.dllC:\Users\Rich\AppData\Local\Temp\210ef00f-358e-449c-afc7-4a2c4d8ad646.dllC:\Users\Rich\AppData\Local\Temp\299c36cc-0e9a-4ad6-bcea-879fa8cf85f9.dllC:\Users\Rich\AppData\Local\Temp\2be2a2f2-008e-464d-831b-37338eebd07e.dllC:\Users\Rich\AppData\Local\Temp\2f6c47f6-b524-48c7-8f3d-02bdc60e7146.dllC:\Users\Rich\AppData\Local\Temp\31c7062c-77ad-4496-8904-7c1b1c369d71.dllC:\Users\Rich\AppData\Local\Temp\32d346f0-a11d-4b36-83b6-7f39e7320b97.dllC:\Users\Rich\AppData\Local\Temp\3688bf2d-7c90-4de3-afd1-2c52352ba501.dllC:\Users\Rich\AppData\Local\Temp\388837dd-6fc3-4d06-a042-17ba87dbe965.dllC:\Users\Rich\AppData\Local\Temp\415f32f2-8621-4469-a85e-72f55356e41e.dllC:\Users\Rich\AppData\Local\Temp\47720de4-cbf3-4cc1-a042-41ad2a7cdfd1.dllC:\Users\Rich\AppData\Local\Temp\4c140a68-89b0-40ef-bd43-14050c56d5a3.dllC:\Users\Rich\AppData\Local\Temp\4c178caf-4ea2-48a7-8bd6-5421bae61d81.dllC:\Users\Rich\AppData\Local\Temp\5c11f94e-6173-4cbc-a35e-b06a0f1d1b6a.dllC:\Users\Rich\AppData\Local\Temp\62d1d068-5c0a-44ed-87e8-d0b012615bba.dllC:\Users\Rich\AppData\Local\Temp\65f0e3ca-3fcb-4ff3-ba62-2f7e9d599ccb.dllC:\Users\Rich\AppData\Local\Temp\6a5050b4-38fd-4c03-ae23-b49a72d9b394.dllC:\Users\Rich\AppData\Local\Temp\6a9acb4b-2985-4241-be59-ac76cd8d66cc.dllC:\Users\Rich\AppData\Local\Temp\6c21f13f-9689-459f-a313-fc6218636bc0.dllC:\Users\Rich\AppData\Local\Temp\71d7ca55-d0c2-42f3-9307-3e9422fba942.dllC:\Users\Rich\AppData\Local\Temp\770d196e-4aa7-42c8-8115-403fb3adebcc.dllC:\Users\Rich\AppData\Local\Temp\78092f9a-d49b-4ad1-81ba-fc37b5298617.dllC:\Users\Rich\AppData\Local\Temp\7ed5af97-5500-4080-b551-e2bc430f8ecb.dllC:\Users\Rich\AppData\Local\Temp\82170a70-9959-4d4b-80d7-3ddb19329bf1.dllC:\Users\Rich\AppData\Local\Temp\888574ff-e3ec-4a0f-9e86-636b8fed138f.dllC:\Users\Rich\AppData\Local\Temp\8a4815eb-a7c8-4377-8bf2-c833f976bdd4.dllC:\Users\Rich\AppData\Local\Temp\8c2e8a77-37a8-4e3f-bdeb-a6eef6d29fcf.dllC:\Users\Rich\AppData\Local\Temp\8eb778bf-9452-4358-af40-9346fe030225.dllC:\Users\Rich\AppData\Local\Temp\918b5cb4-6582-4982-a0ed-17c46b917197.dllC:\Users\Rich\AppData\Local\Temp\92b21671-91d6-4529-b795-2196e190ee0d.dllC:\Users\Rich\AppData\Local\Temp\92b23c07-b76a-4a00-be19-1f6d7f5c4591.dllC:\Users\Rich\AppData\Local\Temp\96189548-f15b-4c55-bc59-f454cfc4ec54.dllC:\Users\Rich\AppData\Local\Temp\ac33bde4-73b2-45da-8f3b-85dbf42ee900.dllC:\Users\Rich\AppData\Local\Temp\ada8456c-5b0c-40e5-aa2d-ba94f669f07e.dllC:\Users\Rich\AppData\Local\Temp\AutoRun.exeC:\Users\Rich\AppData\Local\Temp\AutoRunGUI.dllC:\Users\Rich\AppData\Local\Temp\b135c352-f3bb-4131-a0fa-6298bfc97c22.dllC:\Users\Rich\AppData\Local\Temp\b14cb926-277d-4d28-a977-1e9e4a93c0a3.dllC:\Users\Rich\AppData\Local\Temp\b22c4574-6f9d-4353-ac61-e799070ae4a9.dllC:\Users\Rich\AppData\Local\Temp\b2e4e5b4-49d3-45fb-b359-34079fa007b1.dllC:\Users\Rich\AppData\Local\Temp\b433ad80-f9f7-4c88-b5bf-334ab4b7321c.dllC:\Users\Rich\AppData\Local\Temp\b943653c-1b2f-429e-b5ab-7d493cd14932.dllC:\Users\Rich\AppData\Local\Temp\bc5d5a6a-6dbc-423b-8a10-2b6fdc1ca3e2.dllC:\Users\Rich\AppData\Local\Temp\bc5fed7b-21fc-41a6-8256-6d3fb825f9d2.dllC:\Users\Rich\AppData\Local\Temp\c4734da3-a699-43e7-8648-df90fbb1ce60.dllC:\Users\Rich\AppData\Local\Temp\cd5284f7-1838-49bb-bf00-a3537b620286.dllC:\Users\Rich\AppData\Local\Temp\contentDATs.exeC:\Users\Rich\AppData\Local\Temp\d8ba0f07-0d8e-4db8-b4e4-30d92eac82d2.dllC:\Users\Rich\AppData\Local\Temp\d9544fd3-bcf6-4810-859c-88754b8e0a24.dllC:\Users\Rich\AppData\Local\Temp\df4f1eb1-ce86-47b5-a29a-f0b1c46e8f1a.dllC:\Users\Rich\AppData\Local\Temp\df87f017-7f8b-41c7-8a64-27869fdb6907.dllC:\Users\Rich\AppData\Local\Temp\DivXWebPlayerInstaller.exeC:\Users\Rich\AppData\Local\Temp\e2d3f28a-621a-4151-bc0f-11640cd8553d.dllC:\Users\Rich\AppData\Local\Temp\e64432dd-8ab1-4619-8785-55b53b40b16c.dllC:\Users\Rich\AppData\Local\Temp\e6592065-0dc4-421b-aa4b-da3b651c3ad0.dllC:\Users\Rich\AppData\Local\Temp\e978a29b-9483-4b3e-b888-90e8322f140e.dllC:\Users\Rich\AppData\Local\Temp\ea0a42a7-1b58-4091-8064-e6aecbae9387.dllC:\Users\Rich\AppData\Local\Temp\ebfb8d10-93e9-4a91-a7fc-7ac339893f45.dllC:\Users\Rich\AppData\Local\Temp\eca49c3a-7625-4728-9d20-e17efc3e871b.dllC:\Users\Rich\AppData\Local\Temp\ef7e977c-24c5-49db-9f71-ecfbca253d3f.dllC:\Users\Rich\AppData\Local\Temp\Extract.exeC:\Users\Rich\AppData\Local\Temp\f118e631-16b6-4071-a2d9-3f4469ced29e.dllC:\Users\Rich\AppData\Local\Temp\f1d7021b-c227-49d8-a3ad-a88683cc4a65.dllC:\Users\Rich\AppData\Local\Temp\f7409a45-15d1-41cb-bcdb-ba9a3deade34.dllC:\Users\Rich\AppData\Local\Temp\MixiDJToolbar_yh.exeC:\Users\Rich\AppData\Local\Temp\Quarantine.exeC:\Users\Rich\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Rich\AppData\Local\Temp\SkypeSetup.exeC:\Users\Rich\AppData\Local\Temp\sp54620.exeC:\Users\Rich\AppData\Local\Temp\SP54714.exeC:\Users\Rich\AppData\Local\Temp\SP55086.exeC:\Users\Rich\AppData\Local\Temp\SP55151.exeC:\Users\Rich\AppData\Local\Temp\SP55549.exeC:\Users\Rich\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\Rich\AppData\Local\Temp\UninstallHPSA.exeC:\Users\Rich\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-12 04:24 ==================== End Of Log ============================ Addition.txt is attached. The final log, checkup, comes back simply with the message "UNSUPPORTED OPERATING SYSTEM! ABORTED!" I assume that's not was expected of the checkup log, but as I say, on the face of it the problem seems to have disappeared. Thanks for your help! Addition.txt
  5. Thanks again Kevin. Yes, it looks like for Firefox I'm now able to simply change it back to how it was. I wasn't being allowed to change it initially but maybe I overlooked that earlier. Unfortunately the above didn't seem to rid Chrome of the "Slick Savings" extension though. Any advice on how to proceed from here? Many thanks Bullseye1863
  6. Thanks so much for your help so far Kevin. Have done all of the above, unfortunately the extension "Slick Savings" persists in Chrome, and so does the Yahoo homepage in Firefox. Perhaps the two logs below will give you more information. Thanks again in advance! Bullseye1863 # AdwCleaner v3.004 - Report created 16/09/2013 at 22:08:51# Updated 15/09/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Rich - RICH-HP# Running from : C:\Users\Rich\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\Program Files (x86)\adawaretbFolder Deleted : C:\Program Files (x86)\Common Files\spigotFolder Deleted : C:\Users\Rich\AppData\LocalLow\adawaretbFolder Deleted : C:\Users\Rich\AppData\LocalLow\boost_interprocess ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCSKey Deleted : HKCU\Software\5c5588d1bc38e917Key Deleted : HKLM\SOFTWARE\5c5588d1bc38e917Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\AppDataLow\Software\Search SettingsKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\IminentKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\m6tlhs93.default\prefs.js ] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Rich\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4061 octets] - [16/09/2013 22:02:51]AdwCleaner[s0].txt - [3549 octets] - [16/09/2013 22:08:51] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3609 octets] ########## Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.09.16.08 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16686Rich :: RICH-HP [administrator] Protection: Enabled 16/09/2013 22:23:47mbam-log-2013-09-16 (22-23-47).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 235148Time elapsed: 43 minute(s), 14 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Users\Rich\AppData\Local\Temp\A90CE506-BAB0-7891-87D8-A5BE2ADEBD92\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. (end)
  7. Hi There, After installing Vuze a number of Extensions now appear in my Chrome: "Amazon Shopping Assistant by Spigot", "Domain Error Assistant", "Ebay Shopping Assistant by Spigot" and "Slick Savings". I remove these from Chrome but what do you know, every time I re-open a window, they're back. Also my Firefox homepage has been set to Yahoo with apparently no ability to change it. I have removed Vuze, as well as any program that looks to be run by Spigot, from my computer, to no avail. I've also run Malwarebytes Anti Malware, which removed a few threats but unfortunately didn't help the main issue. These complaints are minor and not too inconvenient but it does make me wonder if my system is infected more dangerously elsewhere. Below are my DDS.txt and Attach.txt files. Any help would be very greatly appreciated. Thanks Bullseye1863 DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16686Run by Rich at 20:45:34 on 2013-09-16Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3691.2224 [GMT 1:00].AV: Lavasoft Ad-Aware *Enabled/Outdated* {BE5DD172-7F42-7948-1A60-E6A720288F81}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Lavasoft Ad-Aware *Enabled/Outdated* {053C3096-5978-76C6-20D0-DDD55BAFC53C}FW: Lavasoft Ad-Aware *Disabled* {86665057-352D-7810-313F-4F92DEFBC8FA}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Windows\system32\lxblcoms.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\SysWOW64\schtasks.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\atieclxx.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exeC:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeC:\Users\Rich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exeC:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exeC:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exeC:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\PROGRA~2\AD-AWA~1\AdAware.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Program Files (x86)\iTunes\iTunes.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dllTB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [Google Update] "C:\Users\Rich\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silentuRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeuRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeuRun: [spotify Web Helper] "C:\Users\Rich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BL187HN05ST:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1uRun: [spotify] "C:\Users\Rich\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostartuRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -update pluginmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOWmRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-runmRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: HideFastUserSwitching = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exeIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204TCP: NameServer = 192.168.0.1TCP: Interfaces\{9F3B1181-2650-44B6-BDFF-4FD002DDB55D} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{9F3B1181-2650-44B6-BDFF-4FD002DDB55D}\4514C4B44514C4B4D2732454736483 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{9F3B1181-2650-44B6-BDFF-4FD002DDB55D}\E4544574541425 : DHCPNameServer = 192.168.1.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exex64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\m6tlhs93.default\FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dllFF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllFF - plugin: C:\Program Files (x86)\Downloader\npdd.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Rich\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-14 46136]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-11 25928]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-10-14 1582144].=============== Created Last 30 ================.2013-09-12 02:19:11 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-12 02:19:11 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-12 02:19:06 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll2013-09-12 02:19:04 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll2013-09-12 02:19:02 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll2013-09-12 02:19:01 217600 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll2013-09-12 02:19:00 278528 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll2013-09-12 01:13:53 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-09-12 01:13:24 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-09-12 01:13:23 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-09-12 01:13:22 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-09-12 01:13:21 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-09-12 01:13:17 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-09-12 01:13:17 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-09-12 01:13:15 243712 ----a-w- C:\Windows\System32\wow64.dll2013-09-12 01:13:09 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-09-12 01:13:01 112640 ----a-w- C:\Windows\System32\smss.exe2013-09-12 01:11:47 3155456 ----a-w- C:\Windows\System32\win32k.sys2013-09-11 19:47:37 -------- d-----w- C:\Users\Rich\AppData\Roaming\Malwarebytes2013-09-11 19:47:02 -------- d-----w- C:\ProgramData\Malwarebytes2013-09-11 19:46:44 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-09-11 19:46:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-09-11 19:46:26 -------- d-----w- C:\Users\Rich\AppData\Local\Programs2013-09-10 19:44:18 -------- d-----w- C:\Users\Rich\AppData\Local\Slick Savings2013-09-10 19:44:03 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot2013-09-10 19:42:21 -------- d-----w- C:\Users\Rich\AppData\Roaming\Azureus2013-08-25 08:00:34 -------- d-----w- C:\Windows\System32\MRT.==================== Find3M ====================.2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-07-28 12:10:16 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-07-28 12:10:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-26 18:21:50 23208 ----a-w- C:\Windows\System32\drivers\Sftvollh.sys2013-06-26 18:21:48 28840 ----a-w- C:\Windows\System32\drivers\Sftredirlh.sys2013-06-26 18:21:46 273576 ----a-w- C:\Windows\System32\drivers\Sftplaylh.sys2013-06-26 18:21:46 1777320 ----a-w- C:\Windows\System32\sftldr.dll2013-06-26 18:21:46 1130664 ----a-w- C:\Windows\SysWow64\sftldr_wow64.dll2013-06-26 18:21:44 767144 ----a-w- C:\Windows\System32\drivers\Sftfslh.sys.============= FINISH: 20:48:20.16 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 25/12/2011 10:33:25System Uptime: 16/09/2013 09:06:55 (11 hours ago).Motherboard: Hewlett-Packard | | 3577Processor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 280 GiB total, 201.909 GiB free.D: is FIXED (NTFS) - 14 GiB total, 1.601 GiB free.E: is FIXED (FAT32) - 4 GiB total, 1.084 GiB free.F: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP92: 31/07/2013 13:51:08 - Removed MixiDJ Chrome ToolbarRP93: 11/08/2013 23:09:38 - Scheduled CheckpointRP94: 25/08/2013 03:00:27 - Windows UpdateRP95: 11/09/2013 20:18:16 - Removed Vuze Remote Toolbar v7.6.RP96: 12/09/2013 03:00:36 - Windows Update.==== Installed Programs ======================.Ad-Aware AntivirusAd-Aware Browsing ProtectionAd-Aware Security ToolbarAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)Adobe Shockwave Player 12.0Agatha Christie - Peril at End HouseAMD APP SDK RuntimeAMD FuelAMD Media Foundation DecodersAMD VISION Engine Control CenterApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAudible Download ManagerBejeweled 3Bing BarBlackhawk Striker 2Blasterball 3BonjourBounce SymphonyCake ManiaCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishChronicles of AlbianChuzzle DeluxeCompaq Setup ManagerCradle of Rome 2CyberLink YouCamD3DX10DivX SetupDownloaderESU for Microsoft Windows 7 SP1Evernote v. 4.2.3Farm FrenzyFATEFinal Drive: NitroFootball Manager 2012Football Manager 2012 EditorFootball Manager 2012 Resource ArchiverGoogle ChromeGoogle EarthGoogle Update HelperGovernor of Poker 2 Premium EditionHP AutoHP Client ServicesHP Customer Experience EnhancementsHP DocumentationHP GamesHP Launch BoxHP On Screen DisplayHP Photo CreationsHP Photosmart 5520 series Basic Device SoftwareHP Photosmart 5520 series HelpHP Photosmart 5520 series Product Improvement StudyHP Power ManagerHP Quick LaunchHP QuickWebHP SetupHP Software FrameworkHP Support AssistantHP UpdateiCloudiTunesJewel Quest: The Sleepless Star - Collector's EditionJunk Mail filter updateLexmark Z700-P700 SeriesMagic DesktopMah Jong MedleyMalwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319MiShell*OFXViewer (remove only)Mozilla Firefox 23.0.1 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Mystery of Mortlake MansionNamco All-Stars: PAC-MANPenguins!Plants vs. Zombies - Game of the YearPoker Superstars IIIPolar BowlerPolar GolferRalink RT5390 802.11b/g/n WiFi AdapterRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRealtek PCIE Card ReaderRecovery ManagerSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)SimCity 4 DeluxeSkype™ 5.10Slingo SupremeSpotifySteamswMSMSynaptics TouchPad DriverTEW2005Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update Installer for WildTangent Games AppVacation Quest - The Hawaiian IslandsVC80CRTRedist - 8.0.50727.6195Virtual Villagers 5 - New BelieversVLC media player 1.1.11WildTangent Games App (HP Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 4.10 (32-bit)Zuma Deluxe.==== Event Viewer Messages From Past Week ========.15/09/2013 19:30:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.