[iexplorer running in the background]

 IE no longer runs in the background, to my knowledge everthin seems to be running smoothly now! Thank you for your dedication to my problem. I will keep this thread followed if there is any cleanup nescessary, I updated the software that needed updates when you had me run Security Checker earlier.

[iexplorer running in the background]

no restart required (did anyway)

 

fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014 02
Ran by Don at 2014-09-03 16:00:55 Run:4
Running from C:\Users\Don.Don-PC\Desktop\Farbar
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: 1CryptoProviderIcons -> {24808826-C2BF-4269-B3BA-89D1D5F431A4} => C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll (Microsoft)
C:\ProgramData\Microsoft\Crypto\RSA64
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
end
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1CryptoProviderIcons" => Key deleted successfully.
"HKCR\CLSID\{24808826-C2BF-4269-B3BA-89D1D5F431A4}" => Key deleted successfully.
C:\ProgramData\Microsoft\Crypto\RSA64 => Moved successfully.
gdrv => Service deleted successfully.

==== End of Fixlog ====

[iexplorer running in the background]

Hi, not a problem. Farbar file: again too large to put in the post.

Addition.txt

FRST.txt

[iexplorer running in the background]

Panda Scan:

Broken Link. FILE: File not found:C:\PROGRAM FILES (X86)\OVERWOLF\OVERWOLF.EXE -SILENT to be deleted.

Broken Link. REGKEY: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[Overwolf]. Value: Overwolf To be deleted.

Broken Link. REGKEY: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run[Overwolf]. Value: Overwolf To be deleted.

Malware. FILE: C:\USERS\DON.DON-PC\DESKTOP\SECURITYCHECK.EXE to be deleted.

Malware. FILE: C:\USERS\DON.DON-PC\DESKTOP\ASWMBR.EXE to be deleted.

Unknown. FILE: C:\WINDOWS\SYSTEM32\DRIVERS\DUALSHOCK3_X64.SYS to be deleted.

Unknown. REGKEY: HKLM\SYSTEM\CurrentControlSet\Services\dualshock3. Key to be deleted.

Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0

Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0

Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.

Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.

. FILE: C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEARCHNEWTAB\SEARCHNEWTAB.LNK to be deleted.

. FILE: (null) to be deleted.

. FILE: C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEARCHNEWTAB\UNINSTALL.LNK to be deleted.

. FILE: C:\ProgramData\SearchNewTab\uninstall.exe to be deleted.

. FOLDER: C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SEARCHNEWTAB to be deleted.

. FOLDER: C:\USERS\DON.DON-PC\APPDATA\LOCAL\CONDUIT to be deleted.
 

Security check:

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Panda Cloud Cleaner   
 Java 8 Update 11  
 Visual Studio Extensions for Windows Library for JavaScript
 JavaScript Tooling    
 Java version out of Date!
 Adobe Flash Player 14.0.0.179  
 Adobe Reader 10.1.11 Adobe Reader out of Date!  
 Mozilla Firefox (31.0)
 Google Chrome 37.0.2062.102  
 Google Chrome 37.0.2062.94  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 

[iexplorer running in the background]

NVM apparently that's how chrome works ( i use firefox normally) everything seems to be working fine now. will keep this thread followed if there is any clean up i need to do. 

[iexplorer running in the background]

Malwarebytes ran a scan no threats detected by AVG, nothing found in the scan. 

 

IE no longer running in the background but when i run chrome it runs 8 chrome processes now. dont think that should be happening. 

[iexplorer running in the background]

Removed successfully 

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03

Ran by Don at 2014-08-29 10:03:01 Run:2

Running from C:\Users\Don.Don-PC\Desktop\Farbar

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

start

RemoveDirectory: C:\Users\Don.Don-PC\AppData\Local\Orwgics

end

*****************

 

"C:\Users\Don.Don-PC\AppData\Local\Orwgics" => removed successfully.

 

==== End of Fixlog ====

[iexplorer running in the background]

while running malwarebytes scan: AVG Detected Crypt_s.HIJ trojan running with the Malwarebytes process, i clicked the "protect me" option, objects name was c:\Users\Don.Don-PC\AppData\Local\Orwgics\RFCom.dll (i haven't downloaded anything since i started this thread)

Malware bytes did not detect anything

 

restarted my comp ran another scan

Again Nothing

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 28/08/2014

Scan Time: 6:35:01 PM

Logfile: ScanLog.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.28.06

Rootkit Database: v2014.08.21.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Don

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 402690

Time Elapsed: 9 min, 45 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[iexplorer running in the background]

TDSSKiller.3.0.0.40_28.08.2014_09.08.43_log.txt

 

Worked fine, again the logfile is too long to post in the forum.

[iexplorer running in the background]

aswMBR crashes when it scans its always crashes at the file:

c:\Program Files (x86)\Microsoft SDKs\Windows\v8.1\ExtensionSDKs\CppUni(the window cuts off here)

i have restarted the computer, run offline and online. tried 5 times. 

 

went into the file location the directory is CppUnitTestFramework (did not touch anything further)

 

Farbar files Addition.txt and FRST.txt, the text files are too large for a forum post had to attach them.

 

Addition.txt

FRST.txt

[iexplorer running in the background]

Farbar worked no problems Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03

Ran by Don at 2014-08-26 10:56:07 Run:1

Running from C:\Users\Don.Don-PC\Desktop\Farbar

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

start

HKU\S-1-5-21-1059671473-2825028816-1146270915-1001\...\Run: [Orwgics] => regsvr32.exe C:\Users\Don.Don-PC\AppData\Local\Orwgics\RFCom.dll <===== ATTENTION

C:\Users\Don.Don-PC\AppData\Local\Orwgic

HKU\S-1-5-21-1059671473-2825028816-1146270915-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Orwgics] => regsvr32.exe C:\Users\Don.Don-PC\AppData\Local\Orwgics\RFCom.dll <===== ATTENTION

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File

C:\Users\Don.Don-PC\AppData\Roaming\Uzowfo

C:\Users\Don.Don-PC\AppData\Local\Ohdwics

EmptyTemp:

Hosts:

end

*****************

 

HKU\S-1-5-21-1059671473-2825028816-1146270915-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Orwgics => value deleted successfully.

"C:\Users\Don.Don-PC\AppData\Local\Orwgic" => File/Directory not found.

HKU\S-1-5-21-1059671473-2825028816-1146270915-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Orwgics => Value not found.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.

"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.

"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.

"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.

"HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner" => Key not found.

"HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.

C:\Users\Don.Don-PC\AppData\Roaming\Uzowfo => Moved successfully.

C:\Users\Don.Don-PC\AppData\Local\Ohdwics => Moved successfully.

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.

Hosts was reset successfully.

EmptyTemp: => Removed 635.9 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog ====

 

looks like JRT found some nasty junk:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Don on 26/08/2014 at 11:06:11.33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Don.Don-PC\AppData\Roaming\searchprotect"

Successfully deleted: [Folder] "C:\Users\Don.Don-PC\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 26/08/2014 at 11:10:08.26

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[iexplorer running in the background]

AdwCleaner[R0]:

# AdwCleaner v3.308 - Report created 24/08/2014 at 10:40:08

# Updated 20/08/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Don - DON-PC

# Running from : C:\Users\Don.Don-PC\Downloads\adwcleaner_3.308.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\Windows\System32\roboot64.exe

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\WinZip Registry Optimizer

Folder Found : C:\ProgramData\SoftSafe

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\APN PIP

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AVG Nation toolbar

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}

Key Found : HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\APN PIP

Key Found : [x64] HKCU\Software\AVG Nation toolbar

Key Found : [x64] HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\AVG Nation toolbar

Key Found : HKLM\SOFTWARE\AVG Secure Search

Key Found : HKLM\SOFTWARE\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Found : HKLM\SOFTWARE\Conduit

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS

Key Found : HKLM\SOFTWARE\PIP

Key Found : HKLM\SOFTWARE\SProtector

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17239

 

 

-\\ Mozilla Firefox v31.0 (x86 en-GB)

 

-\\ Google Chrome v36.0.1985.143

 

*************************

 

AdwCleaner[R0].txt - [3298 octets] - [24/08/2014 10:40:08]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3358 octets] ##########

 

AdwCleaner[R1]:

# AdwCleaner v3.308 - Report created 24/08/2014 at 10:57:20

# Updated 20/08/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Don - DON-PC

# Running from : C:\Users\Don.Don-PC\Downloads\adwcleaner_3.308.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17239

 

 

-\\ Mozilla Firefox v

 

-\\ Google Chrome v36.0.1985.143

 

*************************

 

AdwCleaner[R0].txt - [3462 octets] - [24/08/2014 10:40:08]

AdwCleaner[R1].txt - [665 octets] - [24/08/2014 10:57:20]

AdwCleaner[s0].txt - [3466 octets] - [24/08/2014 10:41:27]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [784 octets] ##########

 

AdwCleaner[s0]:

# AdwCleaner v3.308 - Report created 24/08/2014 at 10:41:27

# Updated 20/08/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Don - DON-PC

# Running from : C:\Users\Don.Don-PC\Downloads\adwcleaner_3.308.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\SoftSafe

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer

File Deleted : C:\END

File Deleted : C:\Windows\System32\roboot64.exe

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\AVG Nation toolbar

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\SOFTWARE\AVG Nation toolbar

Key Deleted : HKLM\SOFTWARE\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\PIP

Key Deleted : HKLM\SOFTWARE\SProtector

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17239

 

 

-\\ Mozilla Firefox v31.0 (x86 en-GB)

 

-\\ Google Chrome v36.0.1985.143

 

*************************

 

AdwCleaner[R0].txt - [3462 octets] - [24/08/2014 10:40:08]

AdwCleaner[s0].txt - [3314 octets] - [24/08/2014 10:41:27]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3374 octets] ##########

 

[iexplorer running in the background]

No malware detected. here is the scan log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 25/08/2014

Scan Time: 11:36:51 PM

Logfile: ScanLog.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.26.01

Rootkit Database: v2014.08.21.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Don

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 404564

Time Elapsed: 10 min, 43 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[iexplorer running in the background]

Internet explorer processes are running in the back ground, I do not use IE, I can not end the processes (they immediately restart). When using other browser they seem to use more memory then they should be, to the point fire fox is unusable. I have used Malwarebytes, adware cleaner, and AVG. Occasionaly at random malware is detected and removed(without having dounloaded anything), this makes me think my PC is infected.

Addition.txt

FRST.txt