Jump to content

CPVRDR redirect

aahockey9999
 Share

Recommended Posts

aahockey9999

aahockey9999

Posted
Posted

When I open up Chrome Internet Explorer also opens start redirecting to CPVRDR.co.  I have run Malwarebytes it did not help things out. Do you think that you could help me out?

 

Thank You

Tommy

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Tommy at 16:52:20 on 2013-07-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3836.2066 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\ProgramData\GorillaPrice\WatGorp.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
C:\Users\Tommy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\system32\taskeng.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Tommy\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Tommy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [GorillaPrice] "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [GorillaPrice] "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Tommy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Tommy\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: LastPass - C:\Users\Tommy\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\Tommy\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 10.1.10.1
TCP: Interfaces\{56D86D2D-5218-4C8B-B3CA-B59FFCE5A137} : DHCPNameServer = 10.1.10.1
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B} : DHCPNameServer = 10.1.10.1
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B}\0265562796A7F6E60214442563430303C40273542343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B}\24947405F6070716 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B}\65562796A7F6E60214442563430303C40273542343 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B}\771697E6569393 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{63896D9D-119A-4E71-AC9C-21BE3934045B}\C696E6B6379737 : DHCPNameServer = 75.75.76.76 75.75.75.75
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-7-20 55280]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-7-20 482384]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-7-20 203264]
R2 BrowserDefendert;BrowserDefendert;C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2013-6-20 2827728]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-1-29 87368]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-30 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-23 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 WatGorp;WatGorp;C:\ProgramData\GorillaPrice\WatGorp.exe -service --> C:\ProgramData\GorillaPrice\WatGorp.exe -service [?]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2012-7-20 9216]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-7-23 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-7-20 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-7-20 236544]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2012-7-20 943616]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-20 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-8-4 826224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2013-5-1 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-7-28 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-23 1255736]
.
=============== Created Last 30 ================
.
2013-07-17 20:50:35 -------- d-----w- C:\windows\Microsoft Antimalware
2013-07-17 16:25:38 941720 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B6821708-712B-45BB-BBCE-9603D4638992}\gapaengine.dll
2013-07-17 16:23:27 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C92350C8-23FC-4DDB-8BC8-68700F7AEC37}\mpengine.dll
2013-07-12 02:46:00 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-10 16:08:02 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 16:08:01 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 16:08:01 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-10 16:08:00 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 16:08:00 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-10 16:08:00 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-10 16:07:59 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 16:07:53 624128 ----a-w- C:\windows\System32\qedit.dll
2013-07-10 16:07:52 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2013-07-10 16:07:51 1887744 ----a-w- C:\windows\System32\WMVDECOD.DLL
2013-07-10 16:07:51 1620480 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 16:07:25 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 16:07:25 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 16:07:24 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 16:07:24 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 16:07:23 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 16:07:20 3153920 ----a-w- C:\windows\System32\win32k.sys
2013-07-10 16:06:34 1643520 ----a-w- C:\windows\System32\DWrite.dll
2013-07-10 16:06:34 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll
2013-07-08 01:42:04 -------- d-----w- C:\Program Files (x86)\GUMFD99.tmp
2013-06-24 16:21:59 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 15:20:20 -------- d-----w- C:\windows\SysWow64\searchplugins
2013-06-20 15:20:20 -------- d-----w- C:\windows\SysWow64\Extensions
2013-06-20 05:12:59 -------- d-----w- C:\Users\Tommy\AppData\Roaming\Open Download Manager
2013-06-20 05:12:37 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-06-20 05:12:27 -------- d-----w- C:\ProgramData\GorillaPrice
2013-06-20 05:12:26 -------- d-----w- C:\Program Files (x86)\GorillaPrice
2013-06-20 05:12:16 -------- d-----w- C:\ProgramData\WeCareReminder
2013-06-20 05:11:39 -------- d-----w- C:\ProgramData\Tarma Installer
2013-06-20 05:11:24 -------- d-----w- C:\ProgramData\BrowserDefender
2013-06-20 05:11:24 -------- d-----w- C:\Program Files (x86)\Delta
2013-06-20 05:11:20 -------- d-----w- C:\Users\Tommy\AppData\Roaming\BabSolution
2013-06-20 05:11:19 -------- d-----w- C:\Users\Tommy\AppData\Roaming\Delta
2013-06-20 05:11:04 -------- d-----w- C:\Users\Tommy\AppData\Roaming\Babylon
2013-06-20 05:11:04 -------- d-----w- C:\ProgramData\Babylon
.
==================== Find3M  ====================
.
2013-06-24 16:21:50 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-24 16:21:50 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-06-12 00:28:41 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 00:28:41 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\windows\SysWow64\cryptdlg.dll
2013-05-08 15:40:07 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-05-02 15:29:56 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-04-26 05:51:36 751104 ----a-w- C:\windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll
2013-01-09 02:40:36 14794312 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
.
============= FINISH: 16:52:54.21 ===============
 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 7/20/2012 2:28:07 PM
System Uptime: 7/17/2013 4:43:19 PM (0 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: AMD Turion II Dual-Core Mobile M500 | Socket S1G3 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 210.421 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP115: 6/17/2013 8:33:01 AM - Windows Update
RP116: 6/20/2013 9:46:38 PM - Windows Update
RP117: 6/24/2013 12:20:41 PM - Installed Java 7 Update 25
RP118: 6/24/2013 6:23:52 PM - Windows Update
RP119: 6/27/2013 7:51:20 AM - Windows Update
RP120: 6/30/2013 8:13:13 AM - Windows Update
RP121: 7/7/2013 9:37:23 PM - Windows Update
RP122: 7/11/2013 6:09:19 PM - Windows Update
RP123: 7/12/2013 9:24:52 AM - Windows Update
RP124: 7/17/2013 12:19:18 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.1
Adobe Shockwave Player 11.6
Ask Toolbar
Ask Toolbar Updater
ATI Catalyst Install Manager
BrowserDefender
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Delta Chrome Toolbar
Delta toolbar  
Dropbox
Evernote v. 4.5.7
Foxit Reader
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GorillaPrice
HTC Driver Installer
HTC Sync Manager
Hulu Desktop
IPTInstaller
Java 7 Update 25
Java Auto Updater
Java 6 Update 14
JavaFX 2.1.1
Junk Mail filter update
LastPass(uninstall only)
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Picasa 3
PlayReady PC Runtime amd64
Realtek Ethernet Controller  Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Revo Uninstaller 1.94
Roxio Burn
Roxio Express Labeler 3
Roxio Roxio Burn
Roxio Update Manager
SavetheChildren Reminder by We-Care.com v4.1.22.4
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Skype™ 5.10
swMSM
Synaptics Pointing Device Driver
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.7
WebCake 3.00
WebSlingPlayer ActiveX
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
7/17/2013 4:43:32 PM, Error: atikmdag [52236]  - CPLIB :: General - Invalid Parameter
7/17/2013 4:43:32 PM, Error: atikmdag [43029]  - Display is not active
7/17/2013 11:20:57 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1824.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/17/2013 11:20:57 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1824.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x8024001e   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/12/2013 9:27:00 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user Tommy-PC\Guest SID (S-1-5-21-3267693126-4145974992-1865501436-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/11/2013 6:25:20 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 6:25:20 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 6:25:20 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 10:06:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 10:06:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Install   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 10:06:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.1694.0   Update Source: Microsoft Update Server   Update Stage: Download   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x80240016   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
7/11/2013 10:04:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2847927).
7/10/2013 11:53:29 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa80042497a0, 0xfffff80000b9c518, 0xfffffa8005c24c00). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 071013-27003-01.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello aahockey9999

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept