Jump to content

Search the Community

Showing results for tags 'Ads'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. In the past 3 days I have had non-website based ads, pop-up windows, and hyperlink changing for various ads with a logo and "ads by LaSuperba" in the corner of my browser screen. Symantec anti virus didn't detect it and a malware removal program didn't get rid of it. The virus seems exactly like the one from this thread- https://forums.malwarebytes.org/index.php?/topic/173347-strange-popups-and-ads-no-anti-malware-seems-to-fix/ Should I copy the fixes said there or get individual help for this? Thanks in advance for any help/advice.
  2. i just bought a computer from the store and the salesman downloaded Apache OpenOffice by putting a USB in the computer. Maybe there was a virus in the folder as that moments onwards my computer was infected. There were multiple unknown programs installed including: eye perform, crossbrowse, oursurfing, cinemaplus, etc... I tried reinstalling windows and did a whole system reset but the advertisements came a week later. After that I tried uninstalling the programs but they did no effect or didn't allow me to stating that there were windows not closed concerning the program but I checked Task Manager and there were no open programs. Symptoms 1. When opening google chrome, I am redirected to an oursurfing site with advertisements on the screen. 2. Computer slows down 3. Whenever I turn on the computer, a Plus! site opens automatically. I tried a repair software but I am afraid it did more harm than good. What should I do? P.S. i have a remote desktop connection on the infected computer. And i am typing this in a separate computer.
  3. Hi everyone, I'm having the issue now that whilie I'm surfing the internet I'm getting these audio ads that can't be stopped, and some play in specfic tabs that you have to go to and press on the X buttom to cancel them, and on top of that there are these box ads all around the webpages now. How can this malware be eliminated? Thanks
  4. Hello, newbie here...I am getting chrome virus popup warnings. Premium member. Attached the FRST and Addition files.....TIA.... FRST_29-07-2015_22-11-19.txt Addition_29-07-2015_22-11-19.txt
  5. Hello. When i started my computer i realized it was slower than usual, and when i opened my google chrome i could see it was full of ads. I ran a scan and found 24 threats which got removed. I then scanned again and no threats were found, neither by Malwarebytes Anti-Malware or Avast! However i still have a lot of adds everywhere and whenever i click somewhere on the screen it takes me to a website like bet365 and etc. I tried to follow some of the threads i found on this forum but i did not help. So now i am looking for help myself. Programs i used so far: Malwarebytes Anti-Malware, Avast, Adwcleaner, JRT, OLT. I haven't tried using Combofix due to the fact that i have windows 8 and it says i am using windows 2000. Please help
  6. About and hour ago I started hearing random ads running in the background of my laptop. There is no video and tack manager will not display any programs. I saw where several people have had this problem and received help from this forum and I hope someone can help me out. Thanks
  7. Hi and hopefully, I am in the correct forum. Within the last month or so, I've been getting these "Adcash" popups throughout the day. I can get them when I am click on something else on a webpage that I know has nothing to do with ads. They are random, but very annoying. When I get them, the either popup in another tab, or they try to run behind my current window. I try not to let the page load due to fear that something else is trying to install, so I rarely get to see what's trying to load. Also, please see some of the symptoms below that I believe is related to this adware issue: - The adwares has effected all apple products in the house (mobile, laptops) - My internet has sometimes been so slow that I cannot use it - I get this pop up sometimes that is either extremely hard to get rid of or I have to hard boot my computer off and turn it back on. The pop up is trying to get me to call a number to remove the "detected viruses" off of my computer. I know it's a phishing scam. - My email has been acting weird on my iphone... Sometimes it looks as if I received hundreds of emails from the year 2070 and some of the emails are read and some are unread... The sender is shown as something like "Sender". I can't remember the sender's name, but its really weird. - Sometimes pages won't load or pages that were previously loaded goes to a "Page cannot be loaded" screen (could be due to slow internet) - Format for some platforms like Facebook is distorted really bad. - Can't scroll down sometimes (This happens on one particular page only and could be a different issue) I think I covered it all, but if I remember that I've forgotten something, I will update this post. I appreciate any help on this. Thanks Robin
  8. Hello everyone, new user here. I've been having some issues in google chrome lately, and was thinking it might be related to malware. I'm hoping you guys will be able to help me out. Here's the stuff that's been happening lately: -When entering a website or advancing to a new page on the website, sometimes something redirects me to a new page, either on that same tab or on a new one. Example: readytwos.com -When viewing a website, some words are highlighted in Blue letters for no apparent reason, and upon clicking on them takes you to an ad. -Other weird stuff That's the stuff that's been going on. I've also used Malwarebytes Anti-Root whatever-it-is-called and Farbar Recovery Scan Tool and the problem hasn't been fixed. I have not tried reinstalling google chrome. This has also been relatively new stuff going on here and has not been happening at least 2 weeks ago, maybe even not a week ago. I will attach the data from the Farbar Recovery Scan Tool. If you guys tell me to, I will also attach the stuff from the Malwarebytes thing too. Thanks for taking your time to read this. I appreciate anything you do to try to help me. Peace out! -JasonWolf727 Addition_27-12-2014_20-51-30.txt FRST_27-12-2014_20-51-30.txt
  9. Hi all I have problem with random ad keeps spamming me while i am surfing web. I have read the topic im infected what-do i do now and follow those steps there by trying: MBAM, FARBAR RECOVERY SCAN TOOL but those ads still keep coming back. i have been bombed with those annoying ads for 1 month. Please help me if you can. Thanks, Long FRST.txt Addition.txt
  10. No matter what I do, they will not go away! I got it about 3 days ago, but I don't know how. I deleted the program files already, which I hope doesn't mess with this process. If I remove it from my extensions, it will go away until I close the browser. It only does it to Google Chrome. Malwarebytes doesn't detect it even when I go into safe mode. Please help me, this is starting to get on my nerves. Screenshot of the Extensions: http://gyazo.com/9ab3bbc3318aac2083fc86e35a1aa860 Screenshot of What It Does: http://gyazo.com/05ce3b5d6a1ae16c7070d4b8c08bb647
  11. HELP! My computer is generally normal, but once i left to go eat once, i came back to an infected laptop. My screen was full of ads and they kind of just clog up my google searches, my screen, etc. Once i came back from eating, i noticed all of my extensions were gone as well. since my computer is a lenovo laptop, i used the lenovo solution center. I did a disk cleanup, but that did nothing. Most notably, the virus tab in the solution center also says that the computer is fine, so that wasn't going to work. I then found malwarebytes and did a scan, thinking it'll all be fine, but nothing really happened. it said it found some things in my computer to quarantine and also said it removed them, but the ads were still there. please help?
  12. Hi, i keep getting ads and popup from rocketsaler, can someone help me please? I ran malwarebytes but doesn't work I ran MBAR and no malware found. I also ran farbar recovery scan tool, I've attached FRST and addition files to my post thanks Addition.txt FRST.txt
  13. Hello everyone, new user here. I've been having some issues in google chrome lately, and was thinking it might be related to malware. I'm hoping you guys will be able to help me out. Here's the stuff that's been happening lately: -When entering a website or advancing to a new page on the website, sometimes something redirects me to a new page, either on that same tab or on a new one. Example: readytwos.com -When viewing a website, some words are highlighted in Blue letters for no apparent reason, and upon clicking on them takes you to an ad. -Other weird stuff That's the stuff that's been going on. I've also used Malwarebytes Anti-Root whatever-it-is-called and Farbar Recovery Scan Tool and the problem hasn't been fixed. I have not tried reinstalling google chrome. This has also been relatively new stuff going on here and has not been happening at least 2 weeks ago, maybe even not a week ago. I will attach the data from the Farbar Recovery Scan Tool. If you guys tell me to, I will also attach the stuff from the Malwarebytes thing too. Thanks for taking your time to read this. I appreciate anything you do to try to help me. Peace out! -JasonWolf727 Addition_27-12-2014_20-51-30.txt FRST_27-12-2014_20-51-30.txt
  14. Hi, I keep getting ads and popup from rocketsaler, can someone help me please? I ran MBAR and cleaned up all the malware I also ran farbar recovery scan tool but they still appear I've attached FRST and addition files to my post thanks Addition.txt FRST.txt
  15. I was wondering if I could get some feedback about a couple of things. First, a few weeks ago, I unintentionally downloaded adware onto my PC. After installing Malwarebytes and performing several scans, the program was found and removed. I opened up my browsers, and the pop-ups were gone. However, I like to know how to tell the difference between normal webpage banner ads and adware advertisements (whenever I see an ad, I start thinking it could be adware). How do you tell the difference? For example, in the first attachment, would those Ad Choices ads from at&t be considered standard? My second question involves McAfee (note that the trial has expired). I noticed in Total Activity that a scan had detected a Trojan. I ran a Malwarebytes scan but nothing was detected. I provided an image of the activity as another attachment. Does this need to be taken care of? I hope to hear back soon. Your help would be greatly appreciated!
  16. I'm getting these popup ads from bottom and side of screen as well as Robosaver ads. I ran a full Malware Bytes scan and Loaris Trojan Remover. LTR found a list of 118 items which I quarantined then deleted. I found this thread ---> https://forums.malwarebytes.org/index.php?showtopic=140042 and downloaded then ran AdwCleaner. I rebooted. But ads continued. I ran the Farbar Recovery Scan tool when I decided to post here. Attached are the files from Farbar and AdwCleaner. Also attached Malware Bytes Scan Log which I ran after all the above. Thank you. Addition.txt FRST.txt AdwCleanerR0.txt AdwCleanerS0.txt mbam-log-2014-06-13 (16-52-19).txt
  17. I think my computer has malware. My computer is up-to-date with Windows update, and I've updated and run malwarebytes, adwcleaner, hitmanpro, rkill. Symptoms: sluggish performance, periodic freezes of programs, and Google Chrome continues to show costminn as an extension after removing it. Malwarebytes scans continue to show superfish files as well. FRST.txt and Addition.txt pastes below. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01Ran by Dave (administrator) on DAVE-PC on 25-07-2014 17:11:56Running from C:\Users\Dave\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(AMD) C:\Windows\System32\atiesrxx.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe(AMD) C:\Windows\System32\atieclxx.exe(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4872\Battle.net.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe() C:\Users\Dave\AppData\Local\Hyper - Browser\Hyper - Browser.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google) C:\Users\Dave\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe(Google Inc.) C:\Users\Dave\AppData\Local\Hyper - Browser\Chrome-bin\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [172032 2010-02-28] (Sun Microsystems, Inc.)HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-12-30] (IDT, Inc.)HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-10] (Microsoft Corporation)HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-05-14] (CyberLink Corp.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-23] (Hewlett-Packard)HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,Winlogon\Notify\ScCertProp: wlnotify.dll [X]HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-575872417-1751023796-2398206445-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)HKU\S-1-5-21-575872417-1751023796-2398206445-1001\...\Run: [Google Update] => "C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-575872417-1751023796-2398206445-1001\...\Run: [GoogleChromeAutoLaunch_C62251D359A8F5B5CC8EADB510991ABB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)Lsa: [Notification Packages] DPPassFilter scecliStartup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dave\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing.BHO: HP SimplePass Identity Protection Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\dpotspluginie8.dll (DigitalPersona, Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabDPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 10.59.0.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll (Hulu LLC)FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtensionFF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-11]FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExtFF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-08-23] Chrome: =======CHR HomePage: CHR StartupUrls: "hxxp://www.facebook.com/", "hxxp://www.gmail.com/"CHR DefaultSearchKeyword: v9CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll No FileCHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No FileCHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No FileCHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll (Hulu LLC)CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No FileCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-20]CHR Extension: (YouTube) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-11]CHR Extension: (Google Search) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-11]CHR Extension: (cosstminn) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefgaobciliephjkajgnikgbckkbkkci [2014-07-19]CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-14]CHR Extension: (Gmail) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-11]CHR Extension: (cosstminn) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefgaobciliephjkajgnikgbckkbkkci\2.0 [2014-07-19]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-17] (ArcSoft Inc.)S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [241648 2011-03-21] (CyberLink)R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-02-08] (DeviceVM, Inc.)R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-26] (Hewlett-Packard Company) [File not signed]R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-20] (Hewlett-Packard Company)R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-10] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-10] (Microsoft Corporation)S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-24] ()R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-25] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-24] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-10] (Microsoft Corporation)S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-04] (Identive)R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-05-13] (CyberLink Corp.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 17:11 - 2014-07-25 17:12 - 00025577 _____ () C:\Users\Dave\Downloads\FRST.txt2014-07-25 17:11 - 2014-07-25 17:11 - 00000000 ____D () C:\FRST2014-07-25 17:08 - 2014-07-25 17:10 - 02093568 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe2014-07-25 16:05 - 2014-07-25 16:08 - 00002324 _____ () C:\Users\Dave\Desktop\Rkill.txt2014-07-25 15:59 - 2014-07-25 16:01 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Dave\Downloads\rkill.exe2014-07-24 18:03 - 2014-07-24 18:03 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys2014-07-24 18:01 - 2014-07-24 18:01 - 00001086 _____ () C:\Windows\system32\.crusader2014-07-24 17:38 - 2014-07-24 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro2014-07-24 17:38 - 2014-07-24 17:38 - 00000000 ____D () C:\Program Files\HitmanPro2014-07-24 17:37 - 2014-07-24 18:02 - 00000000 ____D () C:\ProgramData\HitmanPro2014-07-24 17:10 - 2014-07-25 15:17 - 00000012 ____H () C:\dvmexp.idx2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ___HD () C:\dvmexp2014-07-24 17:03 - 2014-07-24 17:10 - 00000000 ____D () C:\temp2014-07-24 17:00 - 2014-07-24 18:08 - 00000000 ____D () C:\AdwCleaner2014-07-24 16:53 - 2014-07-24 16:59 - 11188736 _____ (SurfRight B.V.) C:\Users\Dave\Downloads\HitmanPro_x64.exe2014-07-24 16:52 - 2014-07-24 16:53 - 01354223 _____ () C:\Users\Dave\Downloads\adwcleaner_3.216.exe2014-07-23 22:48 - 2014-07-23 23:02 - 51330378 _____ () C:\Users\Dave\Downloads\Unconfirmed 663470.crdownload2014-07-22 17:11 - 2014-07-24 17:16 - 00000000 ___RD () C:\Users\Dave\Dropbox2014-07-22 17:11 - 2014-07-22 17:11 - 00001041 _____ () C:\Users\Dave\Desktop\Dropbox.lnk2014-07-22 17:11 - 2014-07-22 17:11 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-07-22 17:07 - 2014-07-24 17:15 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox2014-07-22 17:07 - 2014-07-22 17:07 - 00323696 _____ (Dropbox, Inc.) C:\Users\Dave\Downloads\DropboxInstaller.exe2014-07-21 23:25 - 2014-07-21 23:37 - 108293368 _____ (Microsoft Corporation) C:\Users\Dave\Downloads\msert.exe2014-07-21 23:23 - 2014-07-21 23:41 - 223165336 ____N (Symantec Corporation) C:\Users\Dave\Downloads\NIS_21.1.0.18_SYMTB_PROMO_4_MRFTT_829_10144-US1.exe2014-07-19 22:54 - 2014-07-19 23:28 - 00000000 ____D () C:\Users\Dave\AppData\Local\29842014-07-19 22:54 - 2014-07-19 22:55 - 00000000 ____D () C:\Users\Dave\AppData\Local\Hyper - Browser2014-07-19 22:54 - 2014-07-19 22:54 - 00004566 _____ () C:\Windows\System32\Tasks\Hyper - Browser Runner2014-07-19 22:54 - 2014-07-19 22:54 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\Packages2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\ProgramData\fa44f3b9b7d85d912014-07-13 18:50 - 2014-07-13 18:50 - 00000000 ____D () C:\Users\Dave\Documents\SUNY Maritime2014-07-13 18:04 - 2014-07-13 18:04 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-07-13 18:04 - 2014-07-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-07-13 18:03 - 2014-07-13 18:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-07-13 18:03 - 2014-07-13 18:04 - 00000000 ____D () C:\Program Files\iTunes2014-07-13 18:03 - 2014-07-13 18:04 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-07-13 18:03 - 2014-07-13 18:03 - 00000000 ____D () C:\Program Files\iPod2014-07-10 23:30 - 2014-07-10 23:32 - 00000000 ____D () C:\Users\Public\Documents\CyberLink2014-07-10 23:30 - 2014-07-10 23:30 - 00000000 ____D () C:\Users\Dave\Documents\CyberLink2014-07-10 23:26 - 2014-07-10 23:26 - 00002203 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 14.lnk2014-07-10 23:26 - 2014-07-10 23:26 - 00000000 ____D () C:\ProgramData\PDVD2014-07-10 23:26 - 2014-07-10 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 142014-07-10 23:23 - 2014-07-10 23:23 - 00000000 ____D () C:\ProgramData\SUPPORTDIR2014-07-10 23:23 - 2014-07-10 23:23 - 00000000 ____D () C:\ProgramData\install_clap2014-07-10 23:21 - 2014-07-10 23:22 - 188169104 _____ () C:\Users\Dave\Documents\PowerDVD_14.0.4028.58_DVD140430-04.exe2014-07-10 23:20 - 2014-07-10 23:20 - 01029080 _____ (CyberLink) C:\Users\Dave\Downloads\CyberLink_PowerDVD_Downloader.exe2014-07-10 21:55 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-07-10 21:55 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-07-10 21:55 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-07-10 21:55 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-07-10 21:55 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-07-10 21:55 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-07-10 21:55 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-07-10 21:55 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-07-10 21:55 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-07-10 21:55 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-07-10 21:55 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-07-10 21:55 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-07-10 21:55 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-07-10 21:55 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-07-10 21:55 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-07-10 21:55 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-07-10 21:55 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-07-10 21:55 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-07-10 21:55 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-07-10 21:55 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-07-10 21:55 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-07-10 21:55 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-07-10 21:55 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-07-10 21:55 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-07-10 21:55 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-07-10 21:55 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-07-10 21:55 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-07-10 21:55 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-07-10 21:55 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-07-10 21:55 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-07-10 21:55 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-07-10 21:55 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-07-10 21:55 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-07-10 21:55 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-07-10 21:55 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-07-10 21:55 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-07-10 21:55 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-07-10 21:55 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-07-10 21:55 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-07-10 21:55 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-07-10 21:55 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-07-10 21:55 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-07-10 21:55 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-07-10 21:55 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-07-10 21:55 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-07-10 21:55 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-07-10 21:55 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-07-10 21:55 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-07-10 21:55 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-07-10 21:55 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-07-10 21:55 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-07-10 21:55 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-07-10 21:55 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-07-10 21:55 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-07-10 21:55 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-07-10 21:55 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-07-10 21:55 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2014-07-10 21:55 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2014-07-10 21:54 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-07-10 21:54 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-07-10 21:54 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-07-10 21:54 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-07-10 21:54 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-07-10 21:54 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-07-10 21:54 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-07-10 21:54 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-07-10 21:54 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-07-10 21:54 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-07-10 21:54 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2014-07-10 21:30 - 2014-07-10 21:32 - 551293744 _____ () C:\Users\Dave\Desktop\Windows6.1-KB947821-v33-x64.msu2014-07-10 21:11 - 2014-07-10 21:11 - 00000000 ____D () C:\Windows\CheckSur2014-07-09 21:44 - 2014-07-18 20:51 - 00000650 _____ () C:\Users\Dave\Desktop\NYC Trip Ideas.txt2014-06-27 23:16 - 2014-06-27 23:16 - 00000110 _____ () C:\Users\Dave\Desktop\PCVST contacts.txt2014-06-27 21:39 - 2014-06-27 21:39 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 17:12 - 2014-07-25 17:11 - 00025577 _____ () C:\Users\Dave\Downloads\FRST.txt2014-07-25 17:11 - 2014-07-25 17:11 - 00000000 ____D () C:\FRST2014-07-25 17:11 - 2013-10-26 22:07 - 00000000 ____D () C:\Users\Dave\AppData\Local\Battle.net2014-07-25 17:10 - 2014-07-25 17:08 - 02093568 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe2014-07-25 17:02 - 2014-02-15 09:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-575872417-1751023796-2398206445-1001UA.job2014-07-25 16:41 - 2014-05-23 04:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-07-25 16:19 - 2012-03-30 21:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-07-25 16:18 - 2012-09-11 07:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-07-25 16:15 - 2011-07-09 09:43 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-575872417-1751023796-2398206445-1001UA.job2014-07-25 16:08 - 2014-07-25 16:05 - 00002324 _____ () C:\Users\Dave\Desktop\Rkill.txt2014-07-25 16:01 - 2014-07-25 15:59 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Dave\Downloads\rkill.exe2014-07-25 15:34 - 2010-06-26 05:48 - 01895413 _____ () C:\Windows\WindowsUpdate.log2014-07-25 15:23 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-07-25 15:23 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-07-25 15:22 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI2014-07-25 15:17 - 2014-07-24 17:10 - 00000012 ____H () C:\dvmexp.idx2014-07-25 15:16 - 2013-08-26 07:30 - 00032155 _____ () C:\Windows\setupact.log2014-07-25 15:16 - 2012-09-11 07:29 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-07-25 15:16 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-07-25 10:23 - 2012-10-11 08:00 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForDave.job2014-07-24 22:26 - 2012-10-11 08:00 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDave2014-07-24 22:25 - 2011-12-01 07:36 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt2014-07-24 22:25 - 2010-09-30 08:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log2014-07-24 18:08 - 2014-07-24 17:00 - 00000000 ____D () C:\AdwCleaner2014-07-24 18:08 - 2010-06-26 05:54 - 00832266 _____ () C:\Windows\PFRO.log2014-07-24 18:03 - 2014-07-24 18:03 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys2014-07-24 18:02 - 2014-07-24 17:37 - 00000000 ____D () C:\ProgramData\HitmanPro2014-07-24 18:01 - 2014-07-24 18:01 - 00001086 _____ () C:\Windows\system32\.crusader2014-07-24 17:38 - 2014-07-24 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro2014-07-24 17:38 - 2014-07-24 17:38 - 00000000 ____D () C:\Program Files\HitmanPro2014-07-24 17:16 - 2014-07-22 17:11 - 00000000 ___RD () C:\Users\Dave\Dropbox2014-07-24 17:15 - 2014-07-22 17:07 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox2014-07-24 17:10 - 2014-07-24 17:03 - 00000000 ____D () C:\temp2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ___HD () C:\dvmexp2014-07-24 16:59 - 2014-07-24 16:53 - 11188736 _____ (SurfRight B.V.) C:\Users\Dave\Downloads\HitmanPro_x64.exe2014-07-24 16:53 - 2014-07-24 16:52 - 01354223 _____ () C:\Users\Dave\Downloads\adwcleaner_3.216.exe2014-07-24 16:38 - 2013-10-26 22:06 - 00000000 ____D () C:\Program Files (x86)\Battle.net2014-07-23 23:03 - 2012-05-20 21:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2014-07-23 23:03 - 2012-05-20 21:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2014-07-23 23:02 - 2014-07-23 22:48 - 51330378 _____ () C:\Users\Dave\Downloads\Unconfirmed 663470.crdownload2014-07-23 22:52 - 2010-09-22 05:32 - 00000000 ____D () C:\Users\Dave2014-07-23 18:29 - 2012-05-20 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2014-07-22 21:37 - 2013-10-26 22:09 - 00000000 ____D () C:\Program Files (x86)\Hearthstone2014-07-22 17:23 - 2010-12-24 22:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Skype2014-07-22 17:11 - 2014-07-22 17:11 - 00001041 _____ () C:\Users\Dave\Desktop\Dropbox.lnk2014-07-22 17:11 - 2014-07-22 17:11 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-07-22 17:07 - 2014-07-22 17:07 - 00323696 _____ (Dropbox, Inc.) C:\Users\Dave\Downloads\DropboxInstaller.exe2014-07-22 16:56 - 2011-03-07 07:38 - 00004682 _____ () C:\Users\Dave\Documents\info.txt2014-07-21 23:41 - 2014-07-21 23:23 - 223165336 ____N (Symantec Corporation) C:\Users\Dave\Downloads\NIS_21.1.0.18_SYMTB_PROMO_4_MRFTT_829_10144-US1.exe2014-07-21 23:37 - 2014-07-21 23:25 - 108293368 _____ (Microsoft Corporation) C:\Users\Dave\Downloads\msert.exe2014-07-20 10:15 - 2011-07-09 09:43 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-575872417-1751023796-2398206445-1001Core.job2014-07-19 23:29 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\Offline Web Pages2014-07-19 23:28 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\29842014-07-19 22:55 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\Hyper - Browser2014-07-19 22:54 - 2014-07-19 22:54 - 00004566 _____ () C:\Windows\System32\Tasks\Hyper - Browser Runner2014-07-19 22:54 - 2014-07-19 22:54 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\HomeGroupUser$2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Guest2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\Packages2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Dave\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\Users\Administrator2014-07-19 22:54 - 2014-07-19 22:54 - 00000000 ____D () C:\ProgramData\fa44f3b9b7d85d912014-07-19 22:54 - 2012-09-11 07:28 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google2014-07-19 22:54 - 2012-09-11 07:28 - 00000000 ____D () C:\Program Files (x86)\Google2014-07-19 22:54 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-07-19 22:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2014-07-19 19:49 - 2014-06-10 09:48 - 00000315 _____ () C:\Users\Dave\Desktop\Nozomi test & vacation schedule.txt2014-07-18 20:51 - 2014-07-09 21:44 - 00000650 _____ () C:\Users\Dave\Desktop\NYC Trip Ideas.txt2014-07-13 18:50 - 2014-07-13 18:50 - 00000000 ____D () C:\Users\Dave\Documents\SUNY Maritime2014-07-13 18:04 - 2014-07-13 18:04 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-07-13 18:04 - 2014-07-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-07-13 18:04 - 2014-07-13 18:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-07-13 18:04 - 2014-07-13 18:03 - 00000000 ____D () C:\Program Files\iTunes2014-07-13 18:04 - 2014-07-13 18:03 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-07-13 18:03 - 2014-07-13 18:03 - 00000000 ____D () C:\Program Files\iPod2014-07-11 09:02 - 2014-02-15 09:49 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-575872417-1751023796-2398206445-1001Core.job2014-07-11 08:58 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-07-10 23:32 - 2014-07-10 23:30 - 00000000 ____D () C:\Users\Public\Documents\CyberLink2014-07-10 23:32 - 2010-02-27 23:46 - 00000000 ____D () C:\ProgramData\CyberLink2014-07-10 23:30 - 2014-07-10 23:30 - 00000000 ____D () C:\Users\Dave\Documents\CyberLink2014-07-10 23:26 - 2014-07-10 23:26 - 00002203 _____ () C:\Users\Public\Desktop\CyberLink PowerDVD 14.lnk2014-07-10 23:26 - 2014-07-10 23:26 - 00000000 ____D () C:\ProgramData\PDVD2014-07-10 23:26 - 2014-07-10 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 142014-07-10 23:26 - 2011-04-18 18:27 - 00000000 ____D () C:\Users\Dave\AppData\Local\CyberLink2014-07-10 23:26 - 2010-02-27 21:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-07-10 23:24 - 2010-02-27 22:40 - 00000000 ____D () C:\ProgramData\Temp2014-07-10 23:23 - 2014-07-10 23:23 - 00000000 ____D () C:\ProgramData\SUPPORTDIR2014-07-10 23:23 - 2014-07-10 23:23 - 00000000 ____D () C:\ProgramData\install_clap2014-07-10 23:23 - 2010-02-27 23:47 - 00000000 ____D () C:\Program Files (x86)\CyberLink2014-07-10 23:22 - 2014-07-10 23:21 - 188169104 _____ () C:\Users\Dave\Documents\PowerDVD_14.0.4028.58_DVD140430-04.exe2014-07-10 23:20 - 2014-07-10 23:20 - 01029080 _____ (CyberLink) C:\Users\Dave\Downloads\CyberLink_PowerDVD_Downloader.exe2014-07-10 22:06 - 2009-07-14 00:45 - 00424392 _____ () C:\Windows\system32\FNTCACHE.DAT2014-07-10 22:04 - 2014-05-07 09:36 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-07-10 22:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-07-10 22:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism2014-07-10 22:02 - 2010-02-27 22:27 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-07-10 22:00 - 2013-07-11 05:36 - 00000000 ____D () C:\Windows\system32\MRT2014-07-10 21:57 - 2010-09-26 09:34 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-07-10 21:32 - 2014-07-10 21:30 - 551293744 _____ () C:\Users\Dave\Desktop\Windows6.1-KB947821-v33-x64.msu2014-07-10 21:11 - 2014-07-10 21:11 - 00000000 ____D () C:\Windows\CheckSur2014-07-08 20:19 - 2012-03-30 21:16 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-07-08 20:19 - 2012-03-30 21:16 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-07-08 20:19 - 2011-06-09 10:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-07-05 10:36 - 2014-06-22 08:19 - 00000000 ____D () C:\Users\Dave\Documents\Tokorozawas2014-07-04 08:41 - 2010-09-25 11:48 - 00000000 ____D () C:\Users\Dave\AppData\Local\CrashDumps2014-07-03 08:23 - 2009-07-14 01:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-06-29 22:09 - 2014-07-10 21:54 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-29 22:04 - 2014-07-10 21:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-27 23:16 - 2014-06-27 23:16 - 00000110 _____ () C:\Users\Dave\Desktop\PCVST contacts.txt2014-06-27 22:07 - 2013-07-29 07:54 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\vlc2014-06-27 21:39 - 2014-06-27 21:39 - 00001068 _____ () C:\Users\Public\Desktop\VLC media player.lnk2014-06-27 21:39 - 2013-07-29 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN Some content of TEMP:====================C:\Users\Dave\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnjm074.dllC:\Users\Dave\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\Quarantine.exeC:\Users\Dave\AppData\Local\Temp\UNT3F58.tmp.exeC:\Users\Dave\AppData\Local\Temp\UNT3F59.tmp.exeC:\Users\Dave\AppData\Local\Temp\UNT3F69.tmp.exeC:\Users\Dave\AppData\Local\Temp\UNT3F6B.tmp.exeC:\Users\Dave\AppData\Local\Temp\UNT3F6E.tmp.exeC:\Users\Dave\AppData\Local\Temp\UNT3F6F.tmp.exeC:\Users\Dave\AppData\Local\Temp\vlc-2.1.3-win32.exeC:\Users\Dave\AppData\Local\Temp\VOPackage.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-19 06:37 ==================== End Of Log ============================
  18. My friend asked me to take a look at his desktop yesterday and I removed a lot of viruses that plagued his computer. I want to try to not remove anything from his computer because I'll never hear the end of it. As the topic reads, I have a problem that keeps persisting. These annoying video ads keep showing up in the lower right hand corner of the screen when I use the browser (Only using it because I'm trying to go through as many possible infected areas to see if there's an issue). I removed a couple of nasty trojans for him already that kept shutting down his computer (Whihch he's happy about) but I can't get rid of these annoying ads. Since the ads are still there I'm kinda worried I haven't gotten rid of everything else that might be on it. Any help is appreciated! Thanks for your time!
  19. Since a week or so, there are a lot of ads and pop-up on my google chrome browser. Yesterday I realized that the problem is also present on Steam (a platform to download games) Unfortunately, I tried every softwares that many sites recommended but nothing worked for me (I also tried malwarebytes and it found anything...) What can I do?
  20. Incredible software. TY!! Quick scan found 300 PUPs in over 30k files. Do I only delete the 3 software selected checked ones or the entire 300 list from the MalwarBytes results log? Are any of them important to keep? Below are the 3 selected 'Adware's followed by two similar software-unselected PUP files. All dealing with FlashPlayer. After that is the entire list of 300. My problem is tons of ads popping up and an especially upper right hand screen corner rolling down in various degrees to reveal an underlying ad. Further, my cursor and screen freeze. C:\Users\N\Downloads\FlashPlayer (1).exe (Adware.DomaIQ) -> No action taken. C:\Users\N\Downloads\FlashPlayer (2).exe (Adware.DomaIQ) -> No action taken.C:\Users\N\Downloads\FlashPlayer.exe (Adware.DomaIQ) -> No action taken. C:\Users\N\Downloads\FlashPlayer_V.aFxGFgqnc.exe (PUP.FakeFlash.Domaiq) -> No action taken.C:\Users\N\Downloads\FlashPlayer_V.NjfpUD75c.exe (PUP.FakeFlash.Domaiq) Entire 300 list:Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2014.03.23.07 Windows 8 x64 NTFSInternet Explorer 11.0.9600.16521N :: I3 [administrator] Protection: Enabled 3/23/2014 12:06:43 PMMBAM-log-2014-03-23 (12-54-35).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 283665Time elapsed: 20 minute(s), 35 second(s) Memory Processes Detected: 2C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> 1868 -> No action taken.C:\ProgramData\WebShield\WebShieldService.exe (PUP.Optional.InternetUpdater.A) -> 2208 -> No action taken. Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 24HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.HKLM\SYSTEM\CurrentControlSet\Services\WebShield (PUP.Optional.InternetUpdater.A) -> No action taken.HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> No action taken.HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> No action taken.HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> No action taken.HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> No action taken.HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> No action taken.HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> No action taken.HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> No action taken.HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.Optional.PlayTopus) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.Optional.PlayTopus) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.HKLM\SOFTWARE\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.HKLM\SOFTWARE\SOFTWAREUPDATER (PUP.Optional.SoftwareUpdater.A) -> No action taken.HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller.A) -> No action taken.HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9b47a47-5082-41ba-bdef-89a0002dd891} (PUP.Optional.MediaView.A) -> No action taken.HKCR\CLSID\{d9b47a47-5082-41ba-bdef-89a0002dd891} (PUP.Optional.MediaView.A) -> No action taken.HKCR\TypeLib\{1701083b-2c7c-4cf9-b2fe-546f90863ae2} (PUP.Optional.MediaView.A) -> No action taken.HKCR\Interface\{54070D67-0FFE-4E83-B1DE-4A593AE5B004} (PUP.Optional.MediaView.A) -> No action taken. Registry Values Detected: 3HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@MediaViewV1alpha1243.net (PUP.Optional.MediaView.A) -> Data: C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff -> No action taken.HKLM\SOFTWARE\SoftwareUpdater|partner_keyword (PUP.Optional.SoftwareUpdater.A) -> Data: ALLFILEWINCOM -> No action taken.HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater|ImagePath (PUP.Optional.SoftwareUpdater.A) -> Data: C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -> No action taken. Registry Data Items Detected: 2HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> No action taken.HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPB03DBD25-858F-4FF4-A150-B77F77B271CB&SSPV=) Good: (http://www.google.com) -> No action taken. Folders Detected: 32C:\Program Files (x86)\SoftwareUpdater (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Users\N\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243 (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ch (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\default (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ie (PUP.Optional.MediaView.A) -> No action taken. Files Detected: 244C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\ProgramData\WebShield\WebShieldService.exe (PUP.Optional.InternetUpdater.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> No action taken.C:\Users\N\AppData\Local\Temp\nsb14FC.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nsj7626.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nsl6F3F.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nst1C1.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nsv7B47.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nsz1CCD.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Users\N\AppData\Local\Temp\setapp.exe (PUP.Optional.MediaView.A) -> No action taken.C:\Users\N\AppData\Local\Temp\spstub.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\AppData\Local\Temp\verifier.exe (PUP.Optional.Conduit) -> No action taken.C:\Users\N\AppData\Local\Temp\nso41F5\SpSetup.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\AppData\Local\Temp\nsu1FF3.tmp\aminsis.dll (PUP.Optional.Amonetize) -> No action taken.C:\Users\N\Downloads\FileZipperSetup-bootable windows 7 USB.exe (PUP.Optional.InstallBrain) -> No action taken.C:\Users\N\Downloads\FlashPlayer (1).exe (Adware.DomaIQ) -> No action taken.C:\Users\N\Downloads\FlashPlayer (2).exe (Adware.DomaIQ) -> No action taken.C:\Users\N\Downloads\FlashPlayer.exe (Adware.DomaIQ) -> No action taken.C:\Users\N\Downloads\FlashPlayer_V.aFxGFgqnc.exe (PUP.FakeFlash.Domaiq) -> No action taken.C:\Users\N\Downloads\FlashPlayer_V.NjfpUD75c.exe (PUP.FakeFlash.Domaiq) -> No action taken.C:\Users\N\Downloads\installer_avg_anti-virus_free_edition_English.exe (PUP.Optional.VIT) -> No action taken.C:\Users\N\Downloads\nuancepdf.exe (PUP.Optional.InstallIQ.A) -> No action taken.C:\Users\N\Downloads\Setup (1)-for priv msg.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\Downloads\Setup.exe (PUP.Optional.InternetUpdater.A) -> No action taken.C:\Users\N\Downloads\WiseConvert_B.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\Downloads\zip.exe (PUP.Optional.InstallIQ.A) -> No action taken.C:\Users\N\Local Settings\Temporary Internet Files\IE\EYT94S65\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\Local Settings\Temporary Internet Files\IE\LF0L7VP0\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.C:\Users\N\Local Settings\Temporary Internet Files\IE\VXXKDZGV\SPIdentifierImpl[1].exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\KeyGen.dll (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.config (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\config.xml (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\Interop.Shell32.dll (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\translations.xml (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Program Files (x86)\SoftwareUpdater\uninstall.exe (PUP.Optional.SoftwareUpdater.A) -> No action taken.C:\Users\N\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_219.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_268.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Users\N\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\AxInterop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\ComponentFactory.Krypton.Toolkit.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\FileBrowser.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\Interop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\libreria.ico (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\Newtonsoft.Json.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\UltraID3Lib.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\Uninstall.exe (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\uninstall.ico (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.exe.config (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFPlayer.InstallState (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\VAFUpdate.exe (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\wmp.dll (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Arabic.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Arabic.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Bulgarian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Bulgarian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Catalan.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Catalan.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Czech.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Czech.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Danish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Danish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Dutch.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Dutch.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\English.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\English.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Estonian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Estonian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Finnish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Finnish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\French.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\French.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\German.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\German.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Greek.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Greek.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Haitian Creole.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Haitian Creole.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hebrew.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hebrew.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hindi.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hindi.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hungarian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Hungarian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Indonesian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Indonesian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Italian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Italian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Japanese.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Japanese.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Korean.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Korean.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Latvian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Latvian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Lithuanian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Lithuanian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Norwegian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Norwegian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Polish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Polish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Portuguese.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Portuguese.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Romanian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Romanian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Russian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Russian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovak.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovak.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovenian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Slovenian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Spanish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Spanish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Swedish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Swedish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Thai.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Thai.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Turkish.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Turkish.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Ukrainian.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Ukrainian.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Vietnamese.gif (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\Tuguu SL\VAFPlayer\languages\Vietnamese.ini (PUP.Optional.VPLMedia.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\uninstall.exe (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ch\MediaViewV1alpha1243.crx (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome.manifest (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\install.rdf (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\ffMediaViewV1alpha1243.js (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\ffMediaViewV1alpha1243ffaction.js (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\overlay.xul (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaView.A) -> No action taken.C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1243\ff\chrome\content\icons\default\MediaViewV1alpha1243_32.png (PUP.Optional.MediaView.A) -> No action taken. (end)
  21. Hello, my problem is that I get these random ads playing in the background at times (only when I'm connected to the internet) and it's really annoying. It all started back on January 11 and since then I have been doing everything to get it fixed but so far have come up empty. Security Essentials didn't find it, MBAM found a ransom trojan, but didn't find anything else, TDS couldn't find anything and both AdWare and RKiller found a few problems but they weren't related to my issue. I've downloaded ComboFix, but since my knowledge of computers is only so good, I'm afraid to use it considering it could really mess up my system. So, can you guys help me fix this annoying problem? I'd like to have a clean computer before I go back to school. Here is the DDS Info: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.5.1Run by Bryce at 15:30:27 on 2014-01-15Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.1003 [GMT -5:00].AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exeC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exeC:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exeC:\Windows\system32\lxdncoms.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Users\Bryce\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exeC:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exeC:\Users\Bryce\AppData\Local\Akamai\netsession_win.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\Windows Media Player\wmprph.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.1211.1\NativeBHO.dllBHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Bryce\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [Akamai NetSession Interface] "C:\Users\Bryce\AppData\Local\Akamai\netsession_win.exe"mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [HP Envy Guides AutoPlay] C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exemRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDEDmRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [TrayServer] C:\Program Files (x86)\MAGIX\Movie_Edit_Pro_17\TrayServer.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000IE: Save video on Savevid.com - C:\Program Files (x86)\Savevid\redirect.htmIE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\2656C6B696E6E2262366 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\455525E45425F5E4564777F627B6 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\455525E45425F5E4564777F627B6F58747 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\457796C69676864735071627B6C65696372456374705F6E697 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\55E69667562737964797D26596C6C61676560224C444D2232303D213 : DHCPNameServer = 8.8.8.8 8.8.4.4TCP: Interfaces\{ABF148C3-B533-49BC-8B9F-350A41427FE9}\94E6475627775626A7 : DHCPNameServer = 172.16.20.118Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLLSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exex64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exex64-Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hiddenx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Updatex64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Bryce\AppData\Roaming\Mozilla\Firefox\Profiles\6e1lco91.default\FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - about:homeFF - prefs.js: network.proxy.type - 0FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dllFF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dllFF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dllFF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dllFF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllFF - plugin: C:\Users\Bryce\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dllFF - plugin: C:\Users\Bryce\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dllFF - plugin: C:\Users\Bryce\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Users\Bryce\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Bryce\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Bryce\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: !HIDDEN! 2011-02-23 16:43; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]R1 AntiLog32;AntiLog32;C:\Windows\System32\drivers\AntiLog64.sys [2013-1-30 49240]R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2010-1-29 20056]R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe [2010-7-11 89600]R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-1-15 127984]R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-2-8 338168]R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2013-12-11 41024]R2 lxdn_device;lxdn_device;C:\Windows\System32\lxdncoms.exe -service --> C:\Windows\System32\lxdncoms.exe -service [?]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-11 2533400]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-30 56344]R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-31 317440]R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2013-1-30 25056]R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-7-20 44928]R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-7-20 29696]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-1-13 32512]S3 hpdoccardsvc;HP Documention Flash Card Detection Service;C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe [2010-3-24 83240]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-11 232992]S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-11 295424]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-28 1255736]S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2010-9-15 29288]S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2010-9-15 29288]S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2010-9-15 29288]S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2010-9-15 29288]S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2010-9-15 29288]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120].=============== Created Last 30 ================.2014-01-15 19:26:56 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{25A7850E-6F98-4D45-AB4D-3EE725A62C49}\mpengine.dll2014-01-14 00:35:13 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2014-01-13 23:51:36 32512 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys2014-01-13 23:51:17 -------- d-----w- C:\ProgramData\HitmanPro2014-01-12 04:57:07 -------- d--h--w- C:\dvmexp2014-01-12 04:55:29 -------- d-----w- C:\temp2014-01-12 04:47:53 -------- d-----w- C:\AdwCleaner2014-01-12 04:27:59 9728 ----a-w- C:\Windows\System32\drivers\umpass.sys.bak2014-01-12 04:26:59 5632 ----a-w- C:\Windows\System32\drivers\drmkaud.sys.bak2014-01-12 03:34:02 -------- d-----w- C:\Windows\pss2014-01-12 00:32:51 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-01-11 22:52:47 -------- d-sh--w- C:\$RECYCLE.BIN2014-01-11 22:51:34 98816 ----a-w- C:\Windows\sed.exe2014-01-11 22:51:34 256000 ----a-w- C:\Windows\PEV.exe2014-01-11 22:51:34 208896 ----a-w- C:\Windows\MBR.exe2014-01-11 22:51:23 -------- d-s---w- C:\ComboFix2014-01-07 19:57:31 -------- dc-h--w- C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}2014-01-07 19:56:57 -------- d-----w- C:\Program Files\Common Files\Avid2014-01-07 19:56:57 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign2014-01-07 19:56:57 -------- d-----w- C:\Program Files (x86)\Common Files\Avid2014-01-07 19:56:46 -------- dc-h--w- C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}2014-01-07 19:56:41 -------- d-----w- C:\ProgramData\Native Instruments2014-01-07 19:56:41 -------- d-----w- C:\Program Files\Native Instruments2014-01-07 19:56:41 -------- d-----w- C:\Program Files\Common Files\Native Instruments2013-12-30 21:21:46 -------- d-----w- C:\Program Files (x86)\HeliosPaint.==================== Find3M ====================.2014-01-06 05:20:54 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll2014-01-06 05:20:54 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll2013-12-17 04:54:33 49240 ----a-w- C:\Windows\System32\drivers\AntiLog64.sys2013-12-11 19:02:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 19:02:08 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-11-19 21:55:42 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll2013-11-19 21:55:41 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe.============= FINISH: 15:32:36.76 ===============
  22. Hi. So I recently acquired a virus that, now, as soon as it connects to the internet, starts playing ads in my background. So I mute it. After a while, it then forces my computer to shut down. I read on a recent post that using the RogueKiller app would help. Can someone help me from this point on? All i did was scan. Ill Post the report. RKreport0_S_01102014_114047.txt
  23. Since yesterday, my computer has had unknown ads and sometimes music playing in the desktop, regardless of the fact that there was no browser open at all. Under the sound mixer, I found "Name Not Available" which today has changed into "Host Process for Windows Services". I was able to mute this however it is still on my computer is definitely using my computer's resources more than usual. What can I do? Thanks
  24. Hello, I have been trying on my own to get rid of ScorpionSaver on my computer to remove the unwanted ads/pop ups on Google Chrome to no avail. I have run malware bytes after trying to uninstall the program directly from the list and have managed to remove the ads for the time being but I cannot remove the program itself. I am running Windows 7 and I'm not sure what steps to take next. Any help is greatly appreciated!
  25. Ever since i had installed the adblock plugin for my google chrome browser, I've been getting various types of ads, such as: 1) the highlighted text ad: http://snag.gy/CtKoh.jpg these things highlight texts that are not links and are really annoying when i accidentally click them, thinking its a link. 2) the classic pop-up ad : http://snag.gy/3xxV8.jpg 3) alnaddy.com : http://snag.gy/EOjXi.jpg This site is the most annoying as everytime i start up google chrome (my default browser) this comes as the home page when I clearly set it to google, and everytime i'm just browsing this site pops up for no reason. Pls help. Pc details: OS: Windows 7 Ultimate Processor: 64-bit Google chrome plugin: https://chrome.google.com/webstore/detail/adblock/gighmmpiobklfepjocnamgkkbiglidom?hl=en PLS HELP !!!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.