Jump to content

lmhicks101

Members
  • Posts

    26
  • Joined

  • Last visited

Everything posted by lmhicks101

  1. It's running smooth again except for the whole Bluetooth not working.
  2. ESET isn't running properly for me. I didn't give me the option to not delete all suspicious objects, and it won't export files or let copy and paste. Also I'm now having alot of ad pop ups from something called BuyNsave. JavaRa.log JRT.txt AdwCleanerR0.txt Addition.txt FRST.txt
  3. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 12/19/2014 Scan Time: 1:03:50 AM Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2014.12.19.02 Rootkit Database: v2014.12.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Josh Scan Type: Threat Scan Result: Completed Objects Scanned: 404807 Time Elapsed: 24 min, 44 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.Softonic.A, HKU\S-1-5-21-3010593701-1092294546-1011354981-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [869776ed5923a98d57cd7ed8eb18ee12], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.Unizeto, C:\Users\Josh\AppData\Local\Temp\4B40.tmp, Quarantined, [33ea86dd1f5da492d49b45b336cb19e7], PUP.Optional.EZDownloader.A, C:\Users\Josh\AppData\Local\Temp\69Df5BB16Ffe\temp\EzDownloader_setup.exe, Quarantined, [36e797cc1c601422c332ac731fe1fd03], Physical Sectors: 0 (No malicious items detected) (end)
  4. Hello I've been having some issues with my laptop lately begging with it slowing down and now I'm unable to use Bluetooth. Here are some scans I've already done. My laptop is a Dell Inspiron 17r 5737, Windows 8.1 64bit with AVG 2015 FRST.txt Addition.txt CheckResults.txt
  5. These are the results of FRST64.exe and mbam-check.exe. FRST.txt Addition.txt CheckResults.txt
  6. Lately my Bluetooth LWFLT Devise and Virtual Bluetooth Support (Include Audio) have been giving me error code 31. I'm not sure how to fix it. My laptop is a Dell, Windows 8.1, 64 bit, The Bluetooth LWFLT Devise is a Qualcomm Atheros Communications Version: 8.0.0.216 The Virtual Bluetooth Support (Include Audio) is Qualcomm Atheros Communications Version: 8.0.0.222 Any help will be appreciated.
  7. FRST Log Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 Ran by r (administrator) on R-PC on 08-10-2014 12:32:38 Running from C:\Users\r\Downloads Loaded Profile: r (Available profiles: r) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.co...ng}&rlz=1I7TSNO SearchScopes: HKCU - {1180B0F9-3A46-47D8-BE5A-ACD69E72FF60} URL = http://www.google.co...ng}&rlz=1I7TSNO SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Toolbar: HKLM-x32 - No Name - {0307351f-b2d7-41f2-b44a-8af7d9d90a18} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.99.1 Tcpip\Parameters: [NameServer] 75.126.206.18,184.173.169.186 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 75.126.206.18,184.173.169.186 Tcpip\..\Interfaces\{CF9E2BA5-5AA3-4360-8A7E-74A06830D9FC}: [NameServer] 75.126.206.18,184.173.169.186 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\r\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\r\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: iMeshPlugin -> C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll No File Chrome: ======= CHR HomePage: Default -> CHR StartupUrls: Default -> "hxxp://google.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Norton Confidential) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () CHR Profile: C:\Users\r\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-03] CHR Extension: (Google Wallet) - C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [123320 2011-07-19] (Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-08] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation ) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 12:32 - 2014-10-08 12:32 - 00014594 _____ () C:\Users\r\Downloads\FRST.txt 2014-10-08 12:30 - 2014-10-08 12:30 - 02109952 _____ (Farbar) C:\Users\r\Downloads\FRST64.exe 2014-10-08 12:29 - 2014-10-08 12:29 - 00002520 _____ () C:\Users\r\Desktop\ESET.txt 2014-10-08 08:59 - 2014-10-08 09:00 - 00000000 ____D () C:\Users\r\Downloads\Download Setups 2014-10-07 23:25 - 2014-10-07 23:25 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-07 23:20 - 2014-10-07 23:22 - 02347384 _____ (ESET) C:\Users\r\Desktop\esetsmartinstaller_enu.exe 2014-10-07 23:02 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2014-10-07 23:02 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll 2014-10-07 23:01 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2014-10-07 23:01 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2014-10-07 22:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll 2014-10-07 22:34 - 2014-10-07 22:47 - 00000000 ____D () C:\AdwCleaner 2014-10-07 22:33 - 2014-10-07 22:34 - 01375089 _____ () C:\Users\r\Desktop\AdwCleaner.exe 2014-10-07 22:26 - 2014-10-07 22:26 - 00007700 _____ () C:\Users\r\Desktop\JRT.txt 2014-10-07 22:22 - 2014-10-07 22:22 - 00000000 ____D () C:\windows\ERUNT 2014-10-07 22:20 - 2014-10-07 22:20 - 01705141 _____ (Thisisu) C:\Users\r\Desktop\JRT.exe 2014-10-07 09:25 - 2014-10-07 09:25 - 00000320 _____ () C:\windows\Tasks\0914avUpdateInfo.job 2014-10-07 09:25 - 2014-10-07 09:25 - 00000000 ____D () C:\ProgramData\Avg_Update_0914av 2014-10-07 09:11 - 2014-10-07 09:11 - 00037624 _____ () C:\windows\system32\Drivers\TrueSight.sys 2014-10-07 09:11 - 2014-10-07 09:11 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-10-07 08:46 - 2014-10-07 08:46 - 05491800 _____ () C:\Users\r\Desktop\RogueKillerX64.exe 2014-10-07 08:41 - 2014-10-07 08:41 - 00000000 ____D () C:\windows\ERDNT 2014-10-07 08:40 - 2014-10-07 08:40 - 00000939 _____ () C:\Users\r\Desktop\NTREGOPT.lnk 2014-10-07 08:40 - 2014-10-07 08:40 - 00000920 _____ () C:\Users\r\Desktop\ERUNT.lnk 2014-10-07 08:40 - 2014-10-07 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-10-07 08:40 - 2014-10-07 08:40 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-10-07 08:37 - 2014-10-07 08:37 - 00791393 _____ (Lars Hederer ) C:\Users\r\Desktop\erunt-setup.exe 2014-10-07 08:34 - 2014-10-07 08:35 - 00002860 _____ () C:\Users\r\Desktop\Rkill.txt 2014-10-07 08:34 - 2014-10-07 08:34 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\r\Desktop\iExplore.exe 2014-10-03 10:11 - 2014-10-03 10:14 - 00041402 _____ () C:\Users\r\Downloads\Addition.txt 2014-10-03 10:07 - 2014-10-08 12:32 - 00000000 ____D () C:\FRST 2014-10-03 09:37 - 2014-10-03 09:37 - 00000000 ____D () C:\Users\r\AppData\Roaming\TuneUp Software 2014-10-03 09:37 - 2014-10-03 09:37 - 00000000 ____D () C:\Users\r\AppData\Roaming\AVG2015 2014-10-03 09:37 - 2014-10-03 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-10-03 09:36 - 2014-10-03 09:37 - 00000000 ____D () C:\ProgramData\AVG2015 2014-10-03 09:36 - 2014-10-03 09:36 - 00000000 ___HD () C:\$AVG 2014-10-03 09:33 - 2014-10-08 08:17 - 00000000 ____D () C:\ProgramData\MFAData 2014-10-03 09:33 - 2014-10-03 09:40 - 00000000 ____D () C:\Users\r\AppData\Local\Avg2015 2014-10-03 09:33 - 2014-10-03 09:33 - 00000000 ____D () C:\Users\r\AppData\Local\MFAData 2014-10-03 09:27 - 2014-10-07 08:24 - 00000000 ____D () C:\Program Files (x86)\AVG 2014-10-03 09:27 - 2014-10-07 08:23 - 00000000 ____D () C:\ProgramData\Avg 2014-10-03 09:26 - 2014-10-07 08:23 - 00000000 ____D () C:\Users\r\AppData\Local\AvgSetupLog 2014-10-03 09:26 - 2014-10-03 09:26 - 00000000 ____D () C:\Users\r\AppData\Local\Avg 2014-10-03 09:05 - 2014-10-03 09:05 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-03 09:05 - 2014-10-03 09:05 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-10-03 09:04 - 2014-10-03 09:05 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-10-03 09:04 - 2014-10-03 09:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2014-10-03 09:04 - 2014-10-03 09:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2014-10-03 09:00 - 2014-10-03 09:00 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-03 09:00 - 2014-10-03 09:00 - 00000884 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfdf09f2fa8a24.job 2014-10-03 09:00 - 2014-10-03 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-03 08:59 - 2014-10-08 12:28 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-10-03 08:59 - 2014-10-03 08:59 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-10-03 08:59 - 2014-10-03 08:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-03 08:50 - 2014-10-03 08:49 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe 2014-10-03 08:49 - 2014-10-03 08:49 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe 2014-10-03 08:49 - 2014-10-03 08:49 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe 2014-10-03 08:49 - 2014-10-03 08:49 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-10-02 10:59 - 2014-10-08 11:54 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-02 10:58 - 2014-10-02 10:58 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-02 10:58 - 2014-10-02 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-02 10:58 - 2014-10-02 10:58 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-02 10:58 - 2014-10-02 10:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-02 10:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-10-02 10:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-10-02 10:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-10-02 10:31 - 2014-10-08 09:47 - 00279220 _____ () C:\windows\WindowsUpdate.log 2014-10-02 10:28 - 2014-10-08 08:12 - 00001232 _____ () C:\windows\setupact.log 2014-10-02 10:28 - 2014-10-07 22:50 - 01045134 _____ () C:\windows\PFRO.log 2014-10-02 10:28 - 2014-10-02 10:28 - 00000000 _____ () C:\windows\setuperr.log 2014-10-02 10:08 - 2014-10-02 10:26 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-02 10:08 - 2014-10-02 10:26 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-02 10:08 - 2014-10-02 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-10-02 08:47 - 2014-10-02 08:48 - 00000000 ____D () C:\Users\r\Desktop\DCIC_Disk 2014-10-02 08:47 - 2002-01-21 19:30 - 02060895 _____ (Macromedia, Inc.) C:\Users\r\Desktop\DCTBCD.exe 2014-10-02 08:26 - 2014-10-02 08:29 - 00000000 ____D () C:\windows\pss 2014-10-02 08:12 - 2014-10-02 08:12 - 00000000 ____D () C:\ProgramData\27133 2014-10-02 00:09 - 2014-10-02 00:09 - 00002896 _____ () C:\{D51F4907-7D56-4EF3-BAD8-C64882225970} 2014-09-12 18:13 - 2014-09-12 18:13 - 00003792 _____ () C:\{9D242C50-3496-4B7C-900D-18425D5042CF} 2014-09-12 16:53 - 2014-10-02 08:17 - 00000358 _____ () C:\TMachInfo.log 2014-09-10 23:21 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2014-09-10 23:21 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2014-09-10 23:21 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-09-10 23:21 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-09-10 23:21 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-09-10 23:21 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-09-10 23:21 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-09-10 23:21 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-09-10 23:21 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-09-10 23:21 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-09-10 23:21 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2014-09-10 23:21 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-09-10 23:21 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-09-10 23:21 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-09-10 23:21 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-09-10 23:21 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-09-10 23:21 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-09-10 23:21 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-09-10 23:21 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-09-10 23:21 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-09-10 23:21 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-09-10 23:21 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-09-10 23:21 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-09-10 23:21 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-09-10 23:21 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-09-10 23:21 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2014-09-10 23:21 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-09-10 23:21 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-09-10 23:21 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-09-10 23:21 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-09-10 23:21 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-09-10 23:21 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-09-10 23:21 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-09-10 23:21 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-09-10 23:21 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-09-10 23:21 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-09-10 23:21 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-09-10 23:21 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-09-10 23:21 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-09-10 23:21 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-09-10 23:21 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-09-10 23:21 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-10 23:21 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-09-10 23:21 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-09-10 23:21 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-09-10 23:21 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-09-10 23:21 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-09-10 23:21 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-09-10 23:21 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-09-10 23:21 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-09-10 23:21 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-09-10 23:21 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-09-10 23:21 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-09-10 23:21 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-09-10 23:21 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-09-10 23:21 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-09-10 23:03 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2014-09-10 23:03 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:00 - 2014-09-10 23:00 - 00003062 _____ () C:\windows\System32\Tasks\{E5EB66C9-1BD6-4891-A659-DA5BD4343873} 2014-09-10 22:14 - 2014-09-10 22:14 - 00000000 ____D () C:\Program Files (x86)\BettterPriCEChec 2014-09-10 22:11 - 2014-09-10 22:11 - 00003504 _____ () C:\windows\System32\Tasks\iolo System Checkup 2014-09-10 22:10 - 2014-10-02 10:41 - 00000000 ____D () C:\ProgramData\iolo 2014-09-10 22:10 - 2014-09-10 22:10 - 00074703 _____ () C:\windows\SysWOW64\mfc45.dat 2014-09-10 22:10 - 2014-09-10 22:10 - 00000000 ____D () C:\Program Files (x86)\iolo 2014-09-10 17:39 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-09-10 17:39 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2014-09-10 17:39 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2014-09-10 17:39 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll 2014-09-10 17:36 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-09-10 17:36 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-09-10 17:36 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-09-10 17:36 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-09-10 17:36 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-09-10 17:35 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-09-10 17:35 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-09-10 14:18 - 2014-09-10 14:18 - 00000000 ____D () C:\Users\r\AppData\Roaming\RHEng 2014-09-08 20:34 - 2014-09-10 14:08 - 00000000 ____D () C:\Users\r\Documents\ProPCCleaner 2014-09-08 20:34 - 2014-09-10 14:04 - 00003444 _____ () C:\windows\System32\Tasks\ProPCCleaner_Popup 2014-09-08 20:34 - 2014-09-08 20:34 - 00003180 _____ () C:\windows\System32\Tasks\ProPCCleaner_Start 2014-09-08 20:34 - 2014-09-08 20:34 - 00000000 ____D () C:\Users\r\AppData\Local\Pro_PC_Cleaner ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 12:01 - 2013-10-06 19:36 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-08 11:56 - 2013-12-22 03:51 - 00000912 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2636616572-4191175807-3233835049-1000UA.job 2014-10-08 08:20 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-08 08:20 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-08 08:12 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-10-07 22:47 - 2014-08-31 15:06 - 00001115 _____ () C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-10-07 22:47 - 2014-08-31 15:06 - 00001085 _____ () C:\Users\r\Desktop\Search.lnk 2014-10-07 22:47 - 2013-10-06 20:04 - 00000000 ____D () C:\Users\r 2014-10-07 22:16 - 2009-07-14 01:08 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT 2014-10-07 21:41 - 2013-10-06 22:15 - 00000024 _____ () C:\Users\r\random.dat 2014-10-07 21:12 - 2013-10-06 22:14 - 00000024 _____ () C:\Users\r\jagexappletviewer.preferences 2014-10-07 20:18 - 2013-10-06 22:15 - 00000040 _____ () C:\Users\r\jagex_cl_runescape_LIVE.dat 2014-10-07 09:24 - 2014-01-17 21:10 - 00000000 ____D () C:\Users\r\AppData\Local\CrashDumps 2014-10-04 19:32 - 2014-01-26 16:36 - 00000041 _____ () C:\Users\r\jagex_cl_runescape_LIVE1.dat 2014-10-04 19:25 - 2014-08-09 01:13 - 00000000 ____D () C:\Users\r\.frostwire5 2014-10-04 19:08 - 2009-07-14 01:13 - 00798818 _____ () C:\windows\system32\PerfStringBackup.INI 2014-10-03 16:27 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF 2014-10-03 09:31 - 2011-08-07 22:07 - 00000000 ____D () C:\ProgramData\Adobe 2014-10-03 09:04 - 2013-10-06 20:09 - 00000000 ____D () C:\Users\r\AppData\Roaming\Adobe 2014-10-03 09:02 - 2014-09-02 23:15 - 00000000 ____D () C:\Users\r\AppData\Local\Adobe 2014-10-03 09:00 - 2013-10-06 19:36 - 00000000 ____D () C:\Program Files (x86)\Google 2014-10-03 08:50 - 2014-06-18 01:26 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-03 08:49 - 2011-08-07 22:01 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-02 12:25 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PLA 2014-10-02 10:40 - 2014-03-18 03:38 - 00000000 ____D () C:\ProgramData\9a8f3647aa486d14 2014-10-02 10:34 - 2013-10-06 19:40 - 00000000 ____D () C:\ProgramData\Norton 2014-10-02 10:11 - 2014-08-08 20:04 - 00000000 ____D () C:\Users\r\AppData\Roaming\BitTorrent 2014-10-02 10:10 - 2011-08-08 14:16 - 00000000 ____D () C:\windows\Panther 2014-10-02 09:44 - 2013-10-06 19:36 - 00000000 ____D () C:\Program Files\Google 2014-10-02 09:37 - 2013-10-06 20:06 - 00001428 _____ () C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-02 09:25 - 2013-10-06 20:07 - 00000000 ____D () C:\Users\r\AppData\Local\Google 2014-10-02 08:43 - 2014-09-07 13:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-02 08:39 - 2014-05-18 00:56 - 00000000 __SHD () C:\Users\r\AppData\Local\EmieSiteList 2014-10-02 08:12 - 2013-10-07 21:39 - 00000000 ____D () C:\Users\r\AppData\Roaming\Skype 2014-10-02 08:09 - 2014-08-16 14:48 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-10-01 22:49 - 2009-07-13 23:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy 2014-10-01 22:49 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy 2014-10-01 20:46 - 2009-07-13 22:34 - 00000505 _____ () C:\windows\win.ini 2014-09-12 16:46 - 2014-08-09 01:13 - 00000000 ____D () C:\Program Files\005 2014-09-10 23:17 - 2014-06-27 13:18 - 00000276 _____ () C:\windows\Tasks\Rocket Updater.job 2014-09-10 23:17 - 2014-01-29 07:03 - 00791064 _____ () C:\windows\SysWOW64\PerfStringBackup.INI 2014-09-10 23:14 - 2014-02-02 17:51 - 00000000 ____D () C:\windows\system32\MRT 2014-09-10 23:06 - 2014-02-02 17:51 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-09-10 23:03 - 2014-05-17 07:42 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-09-10 22:49 - 2014-06-27 13:28 - 00000276 _____ () C:\windows\Tasks\UpdaterEX.job 2014-09-10 15:28 - 2014-01-13 13:53 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-09-08 17:43 - 2013-12-22 03:51 - 00000890 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2636616572-4191175807-3233835049-1000Core.job Files to move or delete: ==================== C:\Users\r\jagex_cl_oldschool_LIVE.dat C:\Users\r\jagex_cl_runescape_LIVE.dat C:\Users\r\jagex_cl_runescape_LIVE1.dat C:\Users\r\jagex_cl_runescape_LIVE_BETA.dat C:\Users\r\random.dat Some content of TEMP: ==================== C:\Users\r\AppData\Local\Temp\Quarantine.exe C:\Users\r\AppData\Local\Temp\tu17p84.exe C:\Users\r\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_14484.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-02 23:43 ==================== End Of Log ============================
  8. While using these scanners the problem was fixed and I was able to download Windows 7 updates. Though is there any chance you could tell me what was wrong with it? Junkware Removal Tool (JRT) by Thisisu Version: 6.3.1 (10.06.2014:1) OS: Windows 7 Home Premium x64 Ran by r on Tue 10/07/2014 at 22:22:18.13 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] netfilter64 Successfully deleted: [service] netfilter64 ~~~ Registry Values Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655185555} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655195513} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666186655} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666196613} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644184455} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644194413} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655185555} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195513} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666186655} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196613} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644184455} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194413} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655185555} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655195513} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666186655} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666196613} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644184455} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644194413} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655185555} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195513} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666186655} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196613} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644184455} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194413} ~~~ Files Successfully deleted: [File] C:\windows\Tasks\APSnotifierPP1.job Successfully deleted: [File] C:\windows\Tasks\Driver Support-RTMRules.job Successfully deleted: [File] C:\windows\Tasks\Driver Support-RTMScan.job Successfully deleted: [File] C:\windows\Tasks\Driver Support-RTMUpdater.job Successfully deleted: [File] "C:\Users\r\desktop\live pc help.lnk" Successfully deleted: [File] "C:\windows\wininit.ini" ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\BettterPriCEChec Successfully deleted: [Folder] C:\ProgramData\CliiCkForSaele Successfully deleted: [Folder] C:\ProgramData\dEal4moE Successfully deleted: [Folder] C:\ProgramData\DeaulExpResss Successfully deleted: [Folder] C:\ProgramData\LeuCkyCoupoN Successfully deleted: [Folder] "C:\ProgramData\apn" Successfully deleted: [Folder] "C:\ProgramData\driver support" Successfully deleted: [Folder] "C:\ProgramData\pcfixspeed" Successfully deleted: [Folder] "C:\ProgramData\wincert" Successfully deleted: [Folder] "C:\Users\r\AppData\Roaming\rocketupdater" Successfully deleted: [Folder] "C:\Users\r\AppData\Roaming\systweak" Successfully deleted: [Folder] "C:\Users\r\appdata\local\genienext" Successfully deleted: [Folder] "C:\Users\r\appdata\local\mobogenie" Successfully deleted: [Folder] "C:\Users\r\appdata\local\pc_drivers_headquarters" Successfully deleted: [Folder] "C:\Users\r\appdata\local\rocket" Successfully deleted: [Folder] "C:\Users\r\appdata\local\torch" Successfully deleted: [Folder] "C:\Users\r\appdata\locallow\smartbar" Successfully deleted: [Folder] "C:\Program Files (x86)\bench" Successfully deleted: [Folder] "C:\Program Files (x86)\driver support" Successfully deleted: [Folder] "C:\Program Files (x86)\mobogenie" Successfully deleted: [Folder] "C:\Program Files (x86)\netcrawl" Successfully deleted: [Folder] "C:\Program Files (x86)\pcfixspeed" Successfully deleted: [Folder] "C:\Program Files (x86)\predm" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver support" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed" Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 10/07/2014 at 22:26:07.84 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ____________________________________________________________________________________________________________ # AdwCleaner v3.311 - Report created 07/10/2014 at 22:47:25 # Updated 30/09/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : r - R-PC # Running from : C:\Users\r\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622 ***** [ Files / Folders ] ***** [#] Folder Deleted : C:\ProgramData\BitGuard [#] Folder Deleted : C:\ProgramData\Browser Manager [#] Folder Deleted : C:\ProgramData\BrowserProtect Folder Deleted : C:\ProgramData\KiNgCoupeonn Folder Deleted : C:\ProgramData\QueeenCoupoN Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tech Hotline Folder Deleted : C:\Program Files (x86)\globalUpdate Folder Deleted : C:\Program Files (x86)\iMesh Applications Folder Deleted : C:\Program Files (x86)\Music Toolbar Folder Deleted : C:\Program Files (x86)\PCTechHotline Folder Deleted : C:\Program Files\Quiknowledge Folder Deleted : C:\Users\r\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\r\AppData\Local\globalUpdate [x] Not Deleted : C:\Users\r\AppData\Local\iMesh [x] Not Deleted : C:\Users\r\AppData\LocalLow\imeshmusicboxtoolbarha Folder Deleted : C:\Users\r\AppData\roaming\PC Tech Hotline Folder Deleted : C:\Users\r\AppData\roaming\UpdaterEX Folder Deleted : C:\Users\r\Documents\Mobogenie File Deleted : C:\END File Deleted : C:\Users\r\daemonprocess.txt File Deleted : C:\Users\r\AppData\roaming\aps.uninstall.scan.results File Deleted : C:\Users\r\AppData\roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk File Deleted : C:\Users\r\AppData\roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk File Deleted : C:\Users\r\Desktop\Sync Folder.lnk ***** [ Scheduled Tasks ] ***** Task Deleted : Driver Support-RTMRules Task Deleted : Driver Support-RTMScan Task Deleted : Driver Support-RTMScanRunOnce Task Deleted : Driver Support-RTMUpdater Task Deleted : globalUpdateUpdateTaskMachineCore Task Deleted : Rocket Updater Task Deleted : SMupdate1 Task Deleted : SPDriver Task Deleted : SpeedUpMyPC Maintenance Task Deleted : SpeedUpMyPC Startup Task Deleted : UpdaterEX Task Deleted : Yahoo! Search Task Deleted : YTDownloader ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\r\Desktop\Search.lnk Shortcut Disinfected : C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ***** [ Registry ] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\Imesh Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\powerpack Key Deleted : HKCU\Software\RegisteredApplicationsEx Key Deleted : HKCU\Software\Rocket Browser Key Deleted : HKCU\Software\RocketUpdater Key Deleted : HKCU\Software\ShopperPro Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\UpdaterEX Key Deleted : HKCU\Software\VuuPC Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B} Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Key Deleted : HKLM\SOFTWARE\AdvertisingSupport Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : HKLM\SOFTWARE\systweak Key Deleted : HKLM\SOFTWARE\Tutorials Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : [x64] HKLM\SOFTWARE\iWebar-nv Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\r\AppData\Local\Linkey\IEEXTE~1\iedll64.dll Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Mozilla Firefox v -\\ Google Chrome v35.0.1916.114 [ File : C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [19051 octets] - [07/10/2014 22:35:20] AdwCleaner[s0].txt - [18282 octets] - [07/10/2014 22:47:25] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [18343 octets] ########## _____________________________________________________________________________________________________________ Malwarebytes Anti-Malware www.malwarebytes.org Protection, 10/8/2014 8:17:43 AM, SYSTEM, R-PC, Protection, Malware Protection, Starting, Protection, 10/8/2014 8:17:43 AM, SYSTEM, R-PC, Protection, Malware Protection, Started, Protection, 10/8/2014 8:17:43 AM, SYSTEM, R-PC, Protection, Malicious Website Protection, Starting, Protection, 10/8/2014 8:17:46 AM, SYSTEM, R-PC, Protection, Malicious Website Protection, Started, Protection, 10/8/2014 8:32:22 AM, SYSTEM, R-PC, Protection, Malware Protection, Stopping, Protection, 10/8/2014 8:32:24 AM, SYSTEM, R-PC, Protection, Malware Protection, Stopped, Protection, 10/8/2014 8:33:08 AM, SYSTEM, R-PC, Protection, Malicious Website Protection, Stopping, Protection, 10/8/2014 8:33:08 AM, SYSTEM, R-PC, Protection, Malicious Website Protection, Stopped, Update, 10/8/2014 8:59:59 AM, SYSTEM, R-PC, Scheduler, Malware Database, 2014.10.7.16, 2014.10.8.3, Protection, 10/8/2014 8:59:59 AM, SYSTEM, R-PC, Protection, Refresh, Starting, Protection, 10/8/2014 9:01:38 AM, SYSTEM, R-PC, Protection, Refresh, Success, Update, 10/8/2014 9:50:07 AM, SYSTEM, R-PC, Scheduler, Malware Database, 2014.10.8.3, 2014.10.8.4, Protection, 10/8/2014 9:50:08 AM, SYSTEM, R-PC, Protection, Refresh, Starting, Protection, 10/8/2014 9:50:15 AM, SYSTEM, R-PC, Protection, Refresh, Success, Update, 10/8/2014 11:54:03 AM, SYSTEM, R-PC, Scheduler, Malware Database, 2014.10.8.4, 2014.10.8.5, Protection, 10/8/2014 11:54:06 AM, SYSTEM, R-PC, Protection, Refresh, Starting, Protection, 10/8/2014 11:56:04 AM, SYSTEM, R-PC, Protection, Refresh, Success, Protection, 10/8/2014 12:41:29 PM, SYSTEM, R-PC, Protection, Malware Protection, Starting, Protection, 10/8/2014 12:41:29 PM, SYSTEM, R-PC, Protection, Malware Protection, Started, Protection, 10/8/2014 12:41:33 PM, SYSTEM, R-PC, Protection, Malicious Website Protection, Starting, Protection, 10/8/2014 12:41:33 PM, SYSTEM, R-PC, Protection, Malicious Website Protection, Started, (end) _____________________________________________________________________________________________________________ ESET Log C:\AdwCleaner\Quarantine\C\Program Files (x86)\iMesh Applications\iMesh\Helper.dll.vir a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\iMesh Applications\iMesh\Uninstall.exe.vir a variant of Win32/Toolbar.SearchSuite.L potentially unwanted application C:\Users\r\.frostwire5\updates\frostwire-5.7.6.windows.coc.premium.exe a variant of Win32/OpenCandy.A potentially unsafe application C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 a variant of Win32/DomaIQ.BK potentially unwanted application C:\Users\r\AppData\Local\Temp\4160858.Uninstall\uninstaller.exe Win32/InstallCore.PC potentially unwanted application C:\Windows\Installer\89989.msi a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\bfde2.msi a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Windows\Installer\MSI74E3.tmp-\Smartbar.Resources.LanguageSettings.resources.dll a variant of MSIL/Toolbar.Linkury.E potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\spbl.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application C:\Windows\Installer\MSI74E3.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-PLT2-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsaFBB0.tmp\Starter.exe a variant of Win32/Toolbar.SearchSuite.M potentially unwanted application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-PLT2-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsaFBB0.tmp\Starter.exe a variant of Win32/Toolbar.SearchSuite.M potentially unwanted application
  9. That actually helps allot. Currently I'm actually studying the OSI model, layer 2 and 3 to be more precise, and I understand IP is for LAN and TCP is for end to end over the internet, but my problem is mainly with subnet. Do you have any advise with that? I grasp the other layer perfectly fine though.
  10. What's a good place to start practicing and getting a better introduction and grasp?
  11. Thank you. How much experience would you recommend before attempting these?
  12. Hello I'm currently going to school to become a network technician and I'm studying for my CCENT and CCNA. However I would truly love to become a white hat and help find and prevent breaches. Where should I start? Thank You lmhicks101
  13. Sorry for taking so long to reply with the information. Here are the report logs. Rkill 2.6.8 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2014 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 10/07/2014 08:34:42 AM in x64 mode.Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 * Reparse Point/Junctions Found (Most likely legitimate)! * C:\windows\AppPatch\spbin => C:\PROGRA~2\SearchProtect\SearchProtect\bin [Dir] Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual * Windows Update (wuauserv) is not Running. Startup Type set to: Automatic (Delayed Start) Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 10/07/2014 08:35:16 AMExecution time: 0 hours(s), 0 minute(s), and 34 seconds(s) _____________________________________________________________________________________________________________________________ Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/7/2014Scan Time: 8:46:00 AMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.10.07.06Rootkit Database: v2014.09.19.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: r Scan Type: Threat ScanResult: CompletedObjects Scanned: 347764Time Elapsed: 17 min, 16 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) _____________________________________________________________________________________________________________________________ RogueKiller V9.3.0.0 (x64) [Oct 6 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : r [Admin rights]Mode : Scan -- Date : 10/07/2014 09:19:49 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 34 ¤¤¤[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> FOUND[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> FOUND[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> FOUND[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> FOUND[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> FOUND[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> FOUND[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2636616572-4191175807-3233835049-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.com/ -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2636616572-4191175807-3233835049-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.com/ -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=19.9.1.14 -> FOUND [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2636616572-4191175807-3233835049-1000\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> FOUND[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2636616572-4191175807-3233835049-1000\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CF9E2BA5-5AA3-4360-8A7E-74A06830D9FC} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CF9E2BA5-5AA3-4360-8A7E-74A06830D9FC} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{CF9E2BA5-5AA3-4360-8A7E-74A06830D9FC} | NameServer : 75.126.206.18,184.173.169.186 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command | (default) : iexplore.exe -> FOUND[suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command | (default) : iexplore.exe -> FOUND[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_Dlls : C:\Users\r\AppData\Local\Linkey\IEEXTE~1\iedll64.dll -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[suspicious.Path] Rocket Updater.job -- C:\Users\r\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND[suspicious.Path] UpdaterEX.job -- C:\Users\r\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: TOSHIBA MK3275GSX +++++--- User ---[MBR] 19c6b1a929af46d67b725cd7149105a0[bSP] 164e43d1a5a092730bcad9ead4c92727 : HP MBR CodePartition table:0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 291176 MB2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 599402496 | Size: 12568 MBUser = LL1 ... OKUser = LL2 ... OK
  14. I'm bumping this message. i has been over 48 hours also I ran another test and got error code 0x80080005(2014-10-3-T-10_49_25A).
  15. While I was waiting I ran some more tests and got an error code for the problem. It's 0x80080005(2014-10-3-T-10_49_25A). How would I add that to my post without bumping it?
  16. Hello I am working on my friends PC and he is unable to download windows updates and firefox. He had multiple malware programs as well as freeware and was unable to get on the internet. He took over 20 seconds to fully load on start up. I've gone into his uninstall and deleted tool bars freeware and obvious malware. Then I ran MB and then ccleaner. Then used Hiren's boot CD to open mini xp and run MB while in that and it found a virus malware. His computer is now able to load in 5 seconds and he is able to get on the internet and play runescape, but I still can't download programs such as firefox and windows updates. His specs are Toshiba Satellite C655 Intel Core i3-2330M CPU @ 2.20 GHz 2.20 GHz 4.0 GB ram 64-bit Windows 7 Home Premium Any help would be appreciated. Addition.txt FRST.txt Malwarebytes Scan Log.txt
  17. Hello I am working on my friends PC and he is unable to download windows updates and firefox. He had multiple malware programs as well as freeware and was unable to get on the internet. He took over 20 seconds to fully load on start up. I've gone into his uninstall and deleted tool bars freeware and obvious malware. Then I ran MB and then ccleaner. Then used Hiren's boot CD to open mini xp and run MB while in that and it found a virus malware. His computer is now able to load in 5 seconds and he is able to get on the internet and play runescape, but I still can't download programs such as firefox and windows updates. His specs are Toshiba Satellite C655 Intel Core i3-2330M CPU @ 2.20 GHz 2.20 GHz 4.0 GB ram 64-bit Windows 7 Home Premium Any help would be appreciated.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.