Jump to content

Jenno

Members
  • Posts

    9
  • Joined

  • Last visited

Everything posted by Jenno

  1. Results of screen317's Security Check version 0.99.80 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 51 Adobe Flash Player 12.0.0.77 Adobe Reader 10.1.9 Adobe Reader out of Date! Mozilla Firefox 24.0 Firefox out of Date! Google Chrome 33.0.1750.146 Google Chrome 33.0.1750.154 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4% ````````````````````End of Log``````````````````````
  2. You my friend, are an absolute legend! I think it has finally disappeared! I shall keep testing it but it seems as if it has finally gone
  3. Hello MrC, Im 90% sure I have Google set as my homepage for Chrome but i will double check when i get home and carry out the fix also. Thank you
  4. such a fool for posting them all twice............ Chrome crashed on me and I restored it - must have restored the upload but did not show me so I attached again
  5. Hey, Thanks for your patience again! Please find attached my files I hope this is everything you need! AdwCleanerS0.txt AdwCleanerS0.txt FRST.txt Addition.txt AdwCleanerS0.txt Addition.txt FRST.txt JRT.txt
  6. Here is my Roguekiller File also: RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Adam Jennings [Admin rights]Mode : Scan -- Date : 03/13/2014 22:19:41| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545050A7E380 SATA Disk Device +++++--- User ---[MBR] 8e0564afd3fce2d9e6f55993a225ea75[bSP] 5a9dc81069b736c6ab27b3015b1cc071 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 457131 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 936613888 | Size: 19505 Mo3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_03132014_221941.txt >>
  7. Hi Again MrC, thank you for your patience. I cannot figure out how to attach the log so I will copy and paste it within here First is my DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2Run by Adam Jennings at 21:58:42 on 2014-03-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5600.2456 [GMT 0:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\Hpservice.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\System32\alg.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Windows\system32\atiesrxx.exeC:\Windows\system32\atieclxx.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\servicing\TrustedInstaller.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\World of Warcraft\Wow-64.exeC:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dlluRun: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -StartupmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkeymRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRunmRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\Adam Jennings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccipuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: HideFastUserSwitching = dword:0IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeTCP: NameServer = 192.168.1.254TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\1435553502D2024435C4D2E4535355 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\14E2A4 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\244584572643D284648415 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\2456C6B696E6F5933403933443 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{132BD046-06B3-48CE-9CA9-8952C3FACADB}\35B4951333730333 : DHCPNameServer = 192.168.0.1Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllFilter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dllx64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dllx64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exex64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Adam Jennings\AppData\Roaming\Mozilla\Firefox\Profiles\ls18bu35.default\FF - prefs.js: browser.search.selectedEngine - Yahoo!.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-2-2 31872]R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2014-1-24 72216]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 134944]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-7-10 134696]R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-7-10 615976]R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-7-10 89640]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-7-10 39976]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-2-7 66328]R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\drivers\RtsBaStor.sys [2012-7-10 293480]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-10 685160]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-7-10 56448]R4 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]S2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-7-10 46136]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]S3 SmbDrvAMDASF;SmbDrvAMDASF;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2012-3-27 26384]S3 SmbDrvIntel;SmbDrvIntel;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2012-3-27 27408]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-25 1255736].=============== Created Last 30 ================.2014-03-13 21:33:15 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6D33BC54-F8A3-4F28-A142-D6624434DF90}\mpengine.dll2014-03-13 21:15:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-03-13 21:15:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-03-11 20:53:06 -------- d-----w- C:\Program Files (x86)\AMD AVT2014-03-11 20:50:38 -------- d-----w- C:\Program Files\ATI Technologies2014-03-11 19:01:05 -------- d-----w- C:\_OTL2014-03-10 20:32:17 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-03-08 10:23:07 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A6F6C960-DC66-4AF8-B5A7-D3231953B4AD}\gapaengine.dll2014-03-07 11:35:01 -------- d-----w- C:\Users\Adam Jennings\AppData\Local\Skype2014-03-07 11:34:40 -------- d-----r- C:\Program Files (x86)\Skype2014-03-06 23:57:54 -------- d-sh--w- C:\$RECYCLE.BIN2014-03-06 23:42:51 98816 ----a-w- C:\Windows\sed.exe2014-03-06 23:42:51 256000 ----a-w- C:\Windows\PEV.exe2014-03-06 23:42:51 208896 ----a-w- C:\Windows\MBR.exe2014-02-28 19:50:29 -------- d-----w- C:\Windows\Migration2014-02-13 19:49:22 548864 ----a-w- C:\Windows\System32\vbscript.dll2014-02-13 19:49:22 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll2014-02-13 19:48:01 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2014-02-13 19:48:01 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2014-02-13 19:48:00 353280 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll2014-02-13 19:48:00 293080 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll2014-02-13 19:48:00 251392 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll2014-02-13 19:48:00 235224 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll2014-02-12 21:16:06 1882112 ----a-w- C:\Windows\System32\msxml3.dll2014-02-12 21:16:04 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll2014-02-12 21:16:04 2048 ----a-w- C:\Windows\System32\msxml3r.dll2014-02-12 21:16:04 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll.==================== Find3M ====================.2014-03-13 21:10:34 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-03-13 21:10:34 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2014-01-20 13:35:10 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll2014-01-20 13:35:06 35656 ----a-w- C:\Windows\System32\LMIport.dll2014-01-20 13:35:04 92488 ----a-w- C:\Windows\System32\LMIinit.dll2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll2013-12-18 21:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll.============= FINISH: 22:00:58.24 =============== Second is my Attach: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 22/09/2012 20:24:38System Uptime: 13/03/2014 19:45:50 (3 hours ago).Motherboard: Hewlett-Packard | | 18DEProcessor: AMD A6-4455M APU with Radeon HD Graphics | Socket FT1 | 2100/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 446 GiB total, 308.097 GiB free.D: is FIXED (NTFS) - 19 GiB total, 2.07 GiB free..==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: LogMeIn Kernel Information ProviderDevice ID: ROOT\LEGACY_LMIINFO\0000Manufacturer: Name: LogMeIn Kernel Information ProviderPNP Device ID: ROOT\LEGACY_LMIINFO\0000Service: LMIInfo.==== System Restore Points ===================.RP198: 13/02/2014 19:47:17 - Windows Modules InstallerRP199: 14/02/2014 22:04:18 - Windows UpdateRP200: 15/02/2014 13:02:45 - Removed LogMeInRP201: 15/02/2014 13:05:54 - Removed TortoiseSVN 1.8.4.24972 (64 bit)RP202: 15/02/2014 13:10:03 - Removed Apple Application SupportRP203: 15/02/2014 13:18:33 - Removed iTunesRP204: 16/02/2014 01:07:40 - Windows UpdateRP205: 19/02/2014 21:05:15 - Windows UpdateRP206: 23/02/2014 19:23:32 - Windows UpdateRP207: 26/02/2014 20:19:51 - Windows UpdateRP210: 02/03/2014 10:30:00 - Windows UpdateRP211: 05/03/2014 21:39:01 - Windows UpdateRP213: 09/03/2014 14:29:11 - Windows UpdateRP214: 11/03/2014 20:33:10 - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727RP215: 11/03/2014 20:35:04 - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727RP217: 13/03/2014 21:09:53 - Windows Modules InstallerRP218: 13/03/2014 21:31:37 - Windows Update.==== Installed Programs ======================.Adobe Flash Player 12 ActiveXAdobe Flash Player 12 PluginAdobe Reader X (10.1.9) MUIAdobe Shockwave Player 11.6AMD Accelerated Video TranscodingAMD APP SDK RuntimeAMD Catalyst Control CenterAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD FuelAMD Media Foundation DecodersAMD Steady Video Plug-In AMD Wireless Display v3.0Apple Software UpdateBonjourBroadcom 802.11 Wireless LAN AdapterBroadcom Bluetooth SoftwareCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCounter-Strike: Global OffensiveCounter-Strike: SourceCurse ClientCyberLink YouCamDota 2ESU for Microsoft Windows 7 SP1Google ChromeGoogle Update HelperHewlett-Packard ACLM.NET v1.2.2.3HP 3D DriveGuardHP AutoHP CoolSenseHP Customer Experience EnhancementsHP DocumentationHP Launch BoxHP On Screen DisplayHP Power ManagerHP Quick LaunchHP Recovery ManagerHP Security AssistantHP SetupHP Software FrameworkHP Support AssistantIDT AudioJava 7 Update 51Java Auto UpdaterLogitech Gaming SoftwareLogitech Gaming Software 8.35Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4.5.1Microsoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Mozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)opensourcePlayReady PC Runtime x86QuickTimeRealtek Ethernet Controller DriverRealtek PCIE Card ReaderSecurity Update for Microsoft .NET Framework 4.5.1 (KB2898869)Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)Skype™ 6.14SteamswMSMSynaptics Pointing Device DriverTeamSpeak 3 ClientVentrilo Client for Windows x64Windows Live Mesh ActiveX Control for Remote ConnectionsWorld of WarcraftWorld of Warcraft Public Test.==== Event Viewer Messages From Past Week ========.13/03/2014 21:14:56, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.11/03/2014 20:50:42, Error: Service Control Manager [7000] - The AODDriver4.2.0 service failed to start due to the following error: The system cannot find the file specified.11/03/2014 19:42:13, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: NetworkX11/03/2014 19:42:09, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.11/03/2014 19:42:03, Error: Service Control Manager [7000] - The Crypkey License service failed to start due to the following error: The system cannot find the file specified.11/03/2014 19:40:57, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================
  8. Hi MrC, currently at work and I have seen your response thank you - I shall attempt this tonight when I get home from work and have a spare few hours . Just ensuring you know that I am not ignoring you
  9. Hi there, I recently downloaded an application and managed to obtain this annoying infection! Now I have followed the steps on a previous post earlier this year from MrC, using OTL... Now, according to his steps and using OTL it should have been removed, unfortunately though it seems that it hasn't when I open up another Google chrome browser, please help! unsure of what to do next! Please see attached my log: All processes killed========== OTL ==========Prefs.js: "Yahoo" removed from browser.search.defaultenginenamePrefs.js: "chr-greentree_ff&ilc=12&type=800236" removed from browser.search.param.yahoo-frPrefs.js: "Yahoo" removed from browser.search.selectedEnginePrefs.js: "http://search.yahoo....=spigot-yhp-ff" removed from browser.startup.homepagePrefs.js: "http://search.yahoo....type=800236&p=" removed from keyword.URL========== COMMANDS ========== [EMPTYJAVA] User: Adam Jennings->Java cache emptied: 0 bytes User: All Users User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYTEMP] User: Adam Jennings->Temp folder emptied: 36335 bytes->Temporary Internet Files folder emptied: 677188 bytes->Java cache emptied: 0 bytes->FireFox cache emptied: 0 bytes->Google Chrome cache emptied: 6833650 bytes->Flash cache emptied: 0 bytes User: All Users User: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Public->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 2356 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytesRecycleBin emptied: 0 bytes Total Files Cleaned = 7.00 mb [EMPTYFLASH] User: Adam Jennings->Flash cache emptied: 0 bytes User: All Users User: Default User: Default User User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03112014_194057 Files\Folders moved on Reboot...C:\Users\Adam Jennings\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.C:\Users\Adam Jennings\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.