Jump to content

KilleN

Honorary Members
 View Profile  See their activity

  • Posts

    28

  • Joined

  • Last visited

Reputation

0 Neutral
  1. KilleN
    it did not find anything else .. he is what u asked for .. thank u soo much for your help it is runnig much better ty Addition.txt FRST.txt
  2. KilleN
    he is part 2 AdwCleaner[C00].txt
  3. KilleN
    ok this is what u asked for from step 1.. going to start step 2 now Fixlog.txt
  4. KilleN
    he is what u asked for.. mbst-grab-results.zip
  5. KilleN
    So I believe during the course of my brother in-law using his new PC he downloaded a game or movie or something that deeply infected him. I can't remove the root issues with either Malwarebytes or Bitdefender but over time as the virus/malware repopulates some of its stuff in appdata and temp folders it will pick it up again. So I think the root issue is something I will definitely need help identifying and removing (Baring this im going to reformat his PC but if I can avoid that it would becool. Thanks so much) Below are the logs requested in the stickied thread explaining how to best get assistance. If there is anything else needed please let me know and I will provide it ASAP. I appreciate your time and help. FRST.txt Addition.txt MWbyteslog.txt
  6. KilleN
    Here is the last logfile. So far seems to be running better... ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=53ee1b3066c1454e8bc5a4c9a4c0aceb# end=init# utc_time=2015-08-01 04:51:32# local_time=2015-08-01 12:51:32 (-0500, Eastern Daylight Time)# country="United States"# osver=6.1.7601 NT Service Pack 1Update InitUpdate DownloadUpdate FinalizeUpdated modules version: 25076# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=53ee1b3066c1454e8bc5a4c9a4c0aceb# end=updated# utc_time=2015-08-01 04:55:43# local_time=2015-08-01 12:55:43 (-0500, Eastern Daylight Time)# country="United States"# osver=6.1.7601 NT Service Pack 1# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7777# api_version=3.1.1# EOSSerial=53ee1b3066c1454e8bc5a4c9a4c0aceb# engine=25076# end=finished# remove_checked=true# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2015-08-01 06:55:39# local_time=2015-08-01 02:55:39 (-0500, Eastern Daylight Time)# country="United States"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1='AVG AntiVirus Free Edition 2014'# compatibility_mode=1051 16777213 100 100 28774 124602923 0 0# compatibility_mode_1=''# compatibility_mode=5893 16776574 66 85 62886893 189955589 0 0# scanned=217922# found=0# cleaned=0# scan_time=7196
  7. KilleN
    Oh so sorry I must have missed that step somehow. Here is the fixlog and currently going to run the eset scanner now. Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015Ran by Owner (2015-08-01 00:35:31) Run:1Running from C:\Users\Owner\DesktopLoaded Profiles: Owner (Available Profiles: Owner)Boot Mode: Normal============================================== fixlist content:*****************StartHKU\S-1-5-21-2506510586-2041945763-302385794-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!FF DefaultSearchEngine: My Web SearchFF SelectedSearchEngine: My Web SearchFF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F8742972-7A4A-437E-B783-F299F87B2E1E&n=780b89e3&ind=2014022115&id=CDxdm003YYus&ptnrS=CDxdm003YYus&si=CMTZ-qf4wa0CFcZM4AodIWXsBA&searchfor=FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\user.js [2015-06-21]FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\searchplugins\askcom.xml [2013-07-21]S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32464 2014-07-16] () <==== ATTENTIONC:\Windows\System32\DRIVERS\fileHiders.sys2015-02-10 19:30 - 2015-02-10 19:30 - 6103040 _____ () C:\Program Files (x86)\GUT3ABF.tmp2015-07-19 21:08 - 2015-07-19 21:08 - 6420480 _____ () C:\Program Files (x86)\GUTC217.tmp2014-02-16 20:08 - 2014-02-16 20:08 - 0000000 _____ () C:\ProgramData\273e3d313d5f292b_cCustomCLSID: HKU\S-1-5-21-2506510586-2041945763-302385794-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> No FilepathEmptytemp:End***************** HKU\S-1-5-21-2506510586-2041945763-302385794-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 => key not found. HKU\S-1-5-21-2506510586-2041945763-302385794-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => key not found. Firefox DefaultSearchEngine removed successfullyFirefox SelectedSearchEngine removed successfullyFirefox Keyword.URL removed successfully"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfullyC:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\user.js not found."C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\searchplugins\askcom.xml" => not found.fileHiders => service not found."C:\Windows\System32\DRIVERS\fileHiders.sys" => File/Folder not found."C:\Program Files (x86)\GUT3ABF.tmp" => File/Folder not found."C:\Program Files (x86)\GUTC217.tmp" => File/Folder not found.C:\ProgramData\273e3d313d5f292b_c => moved successfully.HKU\S-1-5-21-2506510586-2041945763-302385794-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => key not found. EmptyTemp: => 266.5 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 00:40:15 ====
  8. KilleN
    EDIT*** (This is the updated Malwarebytes log. Hope this is everything, thanks for helping me out.) Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/31/2015Scan Time: 12:02 AMLogfile: Administrator: Yes Version: 2.1.8.1057Malware Database: v2015.07.31.01Rootkit Database: v2015.07.30.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Owner Scan Type: Threat ScanResult: CancelledObjects Scanned: 875Time Elapsed: 2 min, 32 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/31/2015Scan Time: 1:05 AMLogfile: Administrator: Yes Version: 2.1.8.1057Malware Database: v2015.07.31.01Rootkit Database: v2015.07.30.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Owner Scan Type: Threat ScanResult: CompletedObjects Scanned: 359743Time Elapsed: 31 min, 31 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 2Trojan.Poweliks.B, HKU\S-1-5-21-2506510586-2041945763-302385794-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}, Delete-on-Reboot, [81ccb43446447abc661dde24a15fc53b], Trojan.Poweliks, HKU\S-1-5-21-2506510586-2041945763-302385794-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LOCALSERVER32\ ^ , Quarantined, [b7966187fc8e52e41175a85a5da3cf31], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
  9. KilleN
    Last log requested. (I will run Malwarebytes once more just incase I have to. Log coming soon as its done) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.13, November 2010Started On Wed Nov 24 21:49:33 2010 Engine internal result code = 80508015 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 24 21:50:43 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.14, December 2010Started On Wed Dec 15 21:47:19 2010->Scan ERROR: resource process://pid:2900 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:1084 (code 0x00000005 (5)) Engine internal result code = 80508015 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 15 21:49:02 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.15, January 2011Started On Tue Jan 11 23:33:45 2011->Scan ERROR: resource process://pid:3600 (code 0x00000005 (5)) Engine internal result code = 80508015 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Tue Jan 11 23:35:26 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.16, February 2011Started On Wed Feb 09 21:09:59 2011->Scan ERROR: resource process://pid:852 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4280 (code 0x00000005 (5))->Scan ERROR: resource process://pid:508 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2196 (code 0x00000490 (1168)) Engine internal result code = 80508015 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 09 21:12:32 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.17, March 2011Started On Thu Mar 10 14:09:09 2011->Scan ERROR: resource process://pid:624 (code 0x00000005 (5))->Scan ERROR: resource process://pid:4832 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Mar 10 14:12:29 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.18, April 2011Started On Thu Apr 14 21:09:21 2011 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 14 21:11:50 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.18, April 2011Started On Sun May 01 22:26:35 2011->Scan ERROR: resource process://pid:960 (code 0x00000005 (5))->Scan ERROR: resource process://pid:2836 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4112 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4572 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun May 01 22:30:33 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.19, May 2011Started On Fri May 20 15:49:19 2011->Scan ERROR: resource process://pid:4548 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri May 20 15:50:55 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.20, June 2011Started On Wed Jun 29 14:59:30 2011->Scan ERROR: resource process://pid:4064 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3924 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 29 15:03:05 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.21, July 2011Started On Fri Jul 15 02:02:03 2011->Scan ERROR: resource process://pid:1864 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4328 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Jul 15 02:05:05 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.22, August 2011Started On Mon Aug 22 10:20:53 2011->Scan ERROR: resource process://pid:908 (code 0x00000005 (5))->Scan ERROR: resource process://pid:2328 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3104 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3804 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4664 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:1348 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4660 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3868 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2604 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4224 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4252 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Mon Aug 22 10:25:47 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.0, September 2011Started On Thu Sep 15 21:46:22 2011->Scan ERROR: resource process://pid:3536 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4236 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3008 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3152 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2740 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 15 21:58:22 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.0, September 2011Started On Wed Sep 28 12:15:45 2011->Scan ERROR: resource process://pid:2988 (code 0x00000005 (5))->Scan ERROR: resource process://pid:4544 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4328 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 28 12:17:47 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.1, October 2011Started On Fri Oct 14 12:00:00 2011->Scan ERROR: resource process://pid:3332 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2352 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 14 12:04:41 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.2, November 2011Started On Sat Nov 12 09:57:07 2011->Scan ERROR: resource process://pid:4628 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5052 (code 0x0000012B (299))->Scan ERROR: resource process://pid:1736 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:692 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5600 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:1808 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3000 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5288 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3112 (code 0x0000012B (299))->Scan ERROR: resource process://pid:5840 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sat Nov 12 10:00:48 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.3, December 2011Started On Thu Dec 15 20:31:44 2011 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Dec 15 20:40:40 2011 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.4, January 2012Started On Wed Jan 11 18:12:13 2012->Scan ERROR: resource process://pid:2212 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Jan 11 18:16:34 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.5, February 2012Started On Thu Feb 16 22:37:40 2012->Scan ERROR: resource process://pid:5632 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 16 22:41:41 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.6, March 2012Started On Wed Mar 14 14:17:00 2012->Scan ERROR: resource process://pid:1948 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 14 14:19:41 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.7, April 2012Started On Sun Apr 15 19:28:36 2012->Scan ERROR: resource process://pid:1944 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4228 (code 0x0000012B (299)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 15 19:31:45 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.8, May 2012Started On Wed May 09 17:39:22 2012->Scan ERROR: resource process://pid:5464 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2260 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed May 09 17:44:44 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.9, June 2012Started On Mon Jul 16 23:12:34 2012 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Mon Jul 16 23:16:55 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.10, July 2012Started On Mon Jul 23 21:04:37 2012->Scan ERROR: resource process://pid:2764 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4192 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4552 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5672 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:6096 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:1144 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3660 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3368 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5460 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5068 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Mon Jul 23 21:22:43 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.11, August 2012Started On Fri Aug 17 12:52:37 2012->Scan ERROR: resource process://pid:1116 (code 0x00000005 (5))->Scan ERROR: resource process://pid:2024 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:6136 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3112 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Aug 17 12:56:51 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.12, September 2012Started On Mon Sep 17 23:55:08 2012->Scan ERROR: resource process://pid:1140 (code 0x00000005 (5))->Scan ERROR: resource process://pid:3168 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Mon Sep 17 23:58:04 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.13, October 2012Started On Wed Oct 10 13:14:35 2012->Scan ERROR: resource process://pid:6068 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 10 13:23:59 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.14, November 2012Started On Wed Nov 14 21:16:07 2012->Scan ERROR: resource process://pid:3716 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 14 21:18:27 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.15, December 2012Started On Wed Dec 12 16:17:09 2012 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 12 16:21:36 2012 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.16, January 2013Started On Fri Jan 25 14:46:15 2013->Scan ERROR: resource process://pid:3956 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Jan 25 14:54:50 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.17, February 2013Started On Wed Feb 20 13:39:55 2013 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 20 13:47:45 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.18, March 2013Started On Fri Mar 15 10:59:28 2013->Scan ERROR: resource process://pid:1664 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:3720 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2936 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2480 (code 0x00000005 (5))->Scan ERROR: resource process://pid:5252 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:2428 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Mar 15 11:07:16 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.19, April 2013Started On Wed Apr 10 14:45:27 2013->Scan ERROR: resource process://pid:5128 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Apr 10 14:50:12 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.20, May 2013Started On Wed May 22 10:08:17 2013->Scan ERROR: resource process://pid:1760 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed May 22 10:16:34 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.21, June 2013Started On Sun Jun 30 20:30:15 2013->Scan ERROR: resource process://pid:3708 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:4444 (code 0x00000005 (5)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Jun 30 20:34:10 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.22, July 2013Started On Sun Jul 21 15:04:28 2013->Scan ERROR: resource process://pid:3188 (code 0x00000490 (1168))->Scan ERROR: resource process://pid:5900 (code 0x00000490 (1168)) Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Jul 21 15:11:25 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.3, August 2013 (build 5.3.9301.0)Started On Sun Aug 25 13:19:12 2013 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Aug 25 13:23:52 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.4, September 2013 (build 5.4.9400.0)Started On Sat Sep 14 20:02:28 2013 Engine: 1.1.9800.0Signatures: 1.157.932.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 14 20:07:10 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.5, October 2013 (build 5.5.9502.0)Started On Sun Oct 13 18:05:40 2013 Engine: 1.1.9901.0Signatures: 1.159.530.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Oct 13 18:15:17 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.6, November 2013 (build 5.6.9603.0)Started On Fri Nov 15 16:29:38 2013 Engine: 1.1.10003.0Signatures: 1.161.1618.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Nov 15 16:32:34 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.7, December 2013 (build 5.7.9701.0)Started On Tue Dec 17 13:44:32 2013 Engine: 1.1.10100.0Signatures: 1.163.1013.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Tue Dec 17 13:51:04 2013 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.8, January 2014 (build 5.8.9803.0)Started On Sun Jan 26 17:06:27 2014 Engine: 1.1.10201.0Signatures: 1.165.1273.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Jan 26 17:11:03 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.9, February 2014 (build 5.9.9902.0)Started On Sun Feb 16 15:52:42 2014 Engine: 1.1.10201.0Signatures: 1.165.3163.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 16 16:03:21 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.10, March 2014 (build 5.10.10001.0)Started On Mon Mar 31 21:06:33 2014 Engine: 1.1.10302.0Signatures: 1.167.1001.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Mon Mar 31 21:11:49 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.12, May 2014 (build 5.12.10200.0)Started On Wed Aug 20 22:03:21 2014 Engine: 1.1.10502.0Signatures: 1.173.1305.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed Aug 20 22:10:51 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)Started On Fri Sep 05 08:42:15 2014 Engine: 1.1.10802.0Signatures: 1.179.1796.0 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0)Started On Thu Sep 11 01:30:11 2014 Engine: 1.1.10904.0Signatures: 1.183.882.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 11 01:38:50 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.17, October 2014 (build 5.17.10700.0)Started On Sat Nov 01 21:34:58 2014 Engine: 1.1.11005.0Signatures: 1.185.2035.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sat Nov 01 22:05:04 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.18, November 2014 (build 5.18.10802.0)Started On Tue Nov 11 17:03:11 2014 Engine: 1.1.11104.0Signatures: 1.187.1116.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Tue Nov 11 17:10:02 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.19, December 2014 (build 5.19.10902.0)Started On Sat Dec 13 22:19:45 2014 Engine: 1.1.11202.0Signatures: 1.189.872.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sat Dec 13 22:30:21 2014 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Mar 03 14:52:37 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Tue Mar 03 16:00:11 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.22, March 2015 (build 5.22.11202.0)Started On Fri Apr 10 14:03:17 2015 Engine: 1.1.11400.0Signatures: 1.193.1181.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Apr 10 14:33:33 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)Started On Wed May 13 17:58:50 2015 Engine: 1.1.11502.0Signatures: 1.195.1215.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Wed May 13 18:43:18 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.24, May 2015 (build 5.24.11401.0)Started On Sat May 16 17:05:16 2015 Engine: 1.1.11602.0Signatures: 1.197.1100.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Sat May 16 17:30:27 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.25, June 2015 (build 5.25.11502.0)Started On Fri Jun 12 11:03:52 2015 Engine: 1.1.11701.0Signatures: 1.199.892.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Fri Jun 12 11:14:33 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.26, July 2015 (build 5.26.11604.0)Started On Thu Jul 30 16:13:20 2015 Engine: 1.1.11804.0Signatures: 1.201.883.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Thu Jul 30 18:12:19 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.26, July 2015 (build 5.26.11604.0)Started On Fri Jul 31 00:53:35 2015 Engine: 1.1.11804.0Signatures: 1.201.883.0 Results Summary:----------------No infection found.
  10. KilleN
    Next on the list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by MalwarebytesVersion: 7.5.4 (07.27.2015:1)OS: Windows 7 Home Premium x64Ran by Owner on Fri 07/31/2015 at 0:29:47.00~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp UndeleteSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update FindRight ~~~ Files Successfully deleted: [File] C:\Program Files (x86)\GUT3ABF.tmpSuccessfully deleted: [File] C:\Program Files (x86)\GUTC217.tmpSuccessfully deleted: [File] C:\Users\Owner\Appdata\Local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorageSuccessfully deleted: [File] C:\Users\Owner\Appdata\Local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorage-journal ~~~ Folders Failed to delete: [Folder] C:\Windows\SysWOW64\ai_recyclebinSuccessfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{3CFBBC16-7FDF-407A-95F0-1BF346BCD3DE}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{3E34330E-BEC1-4176-B418-0AE04F32DEA3}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{46B67EAA-FFA7-43D6-9E2D-6C335DB25148}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{698F6828-83FF-45C4-9991-2F23F4430CF9}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{6AB3887F-D9F7-4F7F-82D0-9893EDD493CC}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{72FA2217-B6C5-4848-BE84-E4C5EC80FC05}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{7ED4247E-6E75-4028-929D-6BDBEE4837A7}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{89CF4921-89CC-4270-8C91-890799C74DA4}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{95768298-2674-400E-9790-814A57552205}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{B730A859-DFAE-4EC9-8489-38C627E130CA}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{CA8A24BC-67F1-4E94-B83F-CBF60805B690}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{EC0009AC-AD9D-4D80-9C78-A673B1B36DB4}Successfully deleted: [Empty Folder] C:\Users\Owner\Appdata\Local\{F92100F0-DF19-47A5-BEBD-D0BC8483C9C4}Successfully deleted: [Folder] C:\Program Files\kromtechSuccessfully deleted: [Folder] C:\ProgramData\kromtechSuccessfully deleted: [Folder] C:\Users\Owner\Appdata\Local\couponalert_2p ~~~ Chrome [C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Owner\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:[] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Fri 07/31/2015 at 0:42:17.18End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  11. KilleN
    The log from AdwCleaner. # AdwCleaner v4.208 - Logfile created 31/07/2015 at 00:12:52# Updated 09/07/2015 by Xplode# Database : 2015-07-26.2 [server]# Operating system : Windows 7 Home Premium Service Pack 1 (x64)# Username : Owner - OWNER-PC# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe# Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : AVG Security Toolbar Service[#] Service Deleted : Partner ServiceService Deleted : PCKeeper2Service[#] Service Deleted : PCKeeperOcfService[#] Service Deleted : fileHiders[#] Service Deleted : vToolbarUpdater18.7.0 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AskFolder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\ProgramData\AVG Security ToolbarFolder Deleted : C:\ProgramData\PartnerFolder Deleted : C:\ProgramData\KromtechFolder Deleted : C:\ProgramData\Avg_Update_0814tbFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KromtechFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CouponsFolder Deleted : C:\Program Files (x86)\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\AVG Security ToolbarFolder Deleted : C:\Program Files (x86)\AVG\AVG10\ToolbarFolder Deleted : C:\Program Files (x86)\CouponsFolder Deleted : C:\Program Files (x86)\Optimizer ProFolder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Windows\SysWOW64\SearchProtectFolder Deleted : C:\Program Files\KromtechFolder Deleted : C:\Users\Owner\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Security ToolbarFolder Deleted : C:\Users\Owner\AppData\Roaming\SystweakFolder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFile Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorageFile Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journalFile Deleted : C:\Windows\System32\drivers\fileHiders.sysFile Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\searchplugins\Askcom.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xmlFile Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ibt5p7qx.default\user.jsFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xmlFile Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorageFile Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorage-journal ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.comKey Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.comKey Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.comKey Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.comKey Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dllKey Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBhoKey Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdaterKey Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311941162}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322942262}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355945562}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366946662}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355945562}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366946662}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\powerpackKey Deleted : HKCU\Software\SocialBitKey Deleted : HKCU\Software\systweakKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\Avg Secure UpdateKey Deleted : HKCU\Software\KromtechKey Deleted : HKCU\Software\AppDataLow\Software\AVG Security ToolbarKey Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\SOFTWARE\AVG Secure SearchKey Deleted : HKLM\SOFTWARE\AVG Security ToolbarKey Deleted : HKLM\SOFTWARE\ConduitKey Deleted : HKLM\SOFTWARE\systweakKey Deleted : HKLM\SOFTWARE\Avg Secure UpdateKey Deleted : HKU\.DEFAULT\Software\AVG Secure SearchKey Deleted : HKU\.DEFAULT\Software\Avg Secure UpdateKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WT079149Key Deleted : [x64] HKLM\SOFTWARE\KromtechKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFDKey Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.comKey Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17909 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v5.0 (en-US) [ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.5.0.2");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "My Web Search");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "My Web Search");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "irmsd0202ie");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "1734463261");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.AL", 2);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.aflt", "irmsd0202ie");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.cr", "1734463261");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ie&cd=2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czu[...][ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.id", "78E4002E7CC00693");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16117");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd0202ie&cd=2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1C[...][ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd0202ie&cd=2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L[...][ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.019:20:38");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mysysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/EyEtDtDtB0EyB0C0CtDtDyCzytAtN0D0AtDtC1N1R&cr=1734463261&ir=");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F8742972-7A4A-437E-B783-F299F87B2E1E&n=780b89e3&ind=2014022115&id=CDxdm003YYus&ptnrS=C[...][ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=F8742972-7A4A-437E-B783-F299F87B2E1E&n=780b89e3&ptnrS=CDxdm003YYus&si=CMTZ-qf4wa0CFcZM4AodIW[...][ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.initialized", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.contextKey", "");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.installDate", "2014022115");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerId", "CDxdm003YYus");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.partnerSubId", "CMTZ-qf4wa0CFcZM4AodIWXsBA");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.success", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.installation.toolbarId", "F8742972-7A4A-437E-B783-F299F87B2E1E");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.lastActivePing", "1434845179723");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.defaultSearch", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.homePageEnabled", false);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.keywordEnabled", true);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.options.tabEnabled", false);[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.searchHistory", "hxxp://www.ilr.cornell.edu/library/workplace-issuses today");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._2pMembers_.weather.location", "10001");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "couponalert@mindspark.com");[ibt5p7qx.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F8742972-7A4A-437E-B783-F299F87B2E1E&n=780b89e3&ind=2014022115&id=CDxdm003YYus&ptnrS=CDxdm003YYus&si=CMTZ-qf[...] -\\ Google Chrome v44.0.2403.125 [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : 22D9B842ADA640D585A059DCC87E79B7224BF0B801CE7C7E690AC591A3C9A158"},"software_reporter":{"prompt_reason":"ADBB022EC2A747E17452AA7DFAB56A9379F4BE19357107AB806AB9F4AF3AC141","prompt_seed":"0F225D9E8EE6F880ABC41366D3A715C120067E625408F7D7E3E4137C9261B2BE","prompt_version":"A6DC1E15D67BBF69D69B2B18EC9B9692D781098B0C3520E736A82905E418098C"},"sync":{"remaining_rollback_tries":"3C2934CB8AFAE833D819332B328112EE9DBADE799F13729FA38F3A94EE9D30F4"}},"super_mac":"B3E151D3993E1FD89FA374D4334C4899DAE7576DD6904A4E25E44EBCFBE6FF5E"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://isearch.avg.com/?cid={EBC48637-A81B-4CF9-8ACD-5BD0E456DF6C}&mid=07321e202fa147d6a904a113f00c13b0-9c1a078b55150396320297967dc3154cdf4b0e0a〈=en&ds=AVG&pr=fr&d=2012-10-06 12:41:14&v=14.0.2.14&pid=avg&sg=&sap=hp ************************* AdwCleaner[R0].txt - [27852 bytes] - [31/07/2015 00:07:07]AdwCleaner[s0].txt - [22919 bytes] - [31/07/2015 00:12:52] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22979 bytes] ##########
  12. KilleN
    The computer shut off when I came back not sure if it ran through fully. Here is the log maybe you can tell me? Malwarebytes Anti-Malwarewww.malwarebytes.org Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, IP Database, 2015.6.12.1, 2015.7.24.3, Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, Domain Database, 2015.6.12.1, 2015.7.24.2, Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, Remediation Database, 2015.6.15.1, 2015.7.28.1, Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, Rootkit Database, 2015.6.15.1, 2015.7.29.2, Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, program, 2.1.6.1022, 2.1.8.0, Update, 7/30/2015 4:10 PM, SYSTEM, OWNER-PC, Manual, Malware Database, 2015.6.21.4, 2015.7.30.5, Error, 7/30/2015 7:02 PM, SYSTEM, OWNER-PC, Protection, IsLicensed, 13, Protection, 7/30/2015 7:02 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopping, Protection, 7/30/2015 7:02 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopped, Error, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Update, Bad md5 or size: akadomains, 11, Error, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Update, Bad md5 or size: akaips, 11, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, Domain Database, 0.0.0.0, 2015.7.24.2, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, Remediation Database, 2015.5.13.1, 2015.7.28.1, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, IP Database, 0.0.0.0, 2015.7.24.3, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, Rootkit Database, 2015.6.2.1, 2015.7.30.1, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, AKA IP Database, 0.0.0.0, 2015.7.29.1, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, AKA Domain Database, 0.0.0.0, 2015.7.29.3, Update, 7/30/2015 11:56 PM, SYSTEM, OWNER-PC, Manual, Malware Database, 2015.6.3.3, 2015.7.31.1, (end)
  13. KilleN
    Sooo my mom's laptop is, for lack of a better term, uhg. It takes everything in me to not throw it across the room while trying to accomplish anything on it that is how slow and bogged down it is. Hopefully you can help, I did run a MB scan removed a ton of stuff but it did not help for long. I will attach the logs needed to begin the process.FRST.txtAddition.txt
  14. KilleN
    Will do, thanks a ton
  15. KilleN
    I noticed svchost was getting to really high memory usage levels and this does not seem to be happening. Hopefully it doesnt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.