Jump to content

Search Assist


Recommended Posts

Hi Everyone,

 

I believe I have some Malware or Adware on my PC. I currently have tried AVG, Spybot, CC Cleaner, Super Anti Spyware, Ad Aware, and Malbytes Anti Malware with no luck. This is the problem I am account. When I click on links (even safe links like Yahoo) a new window will popup that says something like "This ad ware brought to you by SearchAssist.com. It will close in 30 seconds of inactivity" or something. It also turns certain Words into hyperlinks that are orange in color and double underlined.

 

Does anyone know how to remove this. Thank you in advance!

Link to post
Share on other sites

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, Adobe host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2
Run by Adam Pantano at 21:03:12 on 2013-09-10
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16364.11569 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\ProgramData\Search Protection\SearchProtection.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\PasswordBox\Application\BgPageServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: PasswordBox Toolbar: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
TB: PasswordBox Toolbar: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
uRun: [AIM for Windows] "C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe"
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\ADAMPA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Ereg\eReg.exe
StartupFolder: C:\Users\ADAMPA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Windows\System32\Sendori.dll

TCP: NameServer = 192.168.1.1
TCP: Interfaces\{30DBC389-AECA-476F-8E55-42C6A1FEDE7D} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{30DBC389-AECA-476F-8E55-42C6A1FEDE7D}\147514747435D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA}\0727563747967656 : NameServer = 75.75.75.75,75.75.76.76
TCP: Interfaces\{E2DC7496-C4AC-45EB-B275-4E3D5E5758EA}\0727563747967656 : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-7-10 45880]
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-9-9 14456]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-30 45856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-6-13 1236336]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-2-15 240640]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-16 13592]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-9-7 67584]
R2 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [2012-4-30 377088]
R2 RalinkRegistryWriter64;RalinkRegistryWriter64;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2012-4-30 455424]
R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-9-10 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-9-10 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-9-10 171928]
R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-8-15 1643184]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-2-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-2-24 389608]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-1-15 96768]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-28 646248]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/03/16 13:42:15;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-3-9 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-8-25 158976]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-4-30 30232]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-20 1255736]
.
=============== Created Last 30 ================
.
2013-09-11 00:03:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-09-11 00:03:49 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-09-11 00:03:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-10 03:03:52 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\PasswordBox
2013-09-10 02:42:35 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com
2013-09-10 02:42:31 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-09-10 02:42:31 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-09-10 01:57:28 -------- d-----w- C:\Program Files (x86)\PasswordBox
2013-09-10 01:40:50 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics
2013-09-10 01:40:48 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus
2013-09-10 01:38:26 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-10 01:38:15 -------- d-----w- C:\ProgramData\Downloaded Installations
2013-09-10 01:38:14 -------- d-----w- C:\ProgramData\Search Protection
2013-09-10 01:38:13 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\adawarebp
2013-09-10 01:38:13 -------- d-----w- C:\ProgramData\blekko toolbars
2013-09-10 01:38:12 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2013-09-10 01:38:08 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2013-09-10 01:38:02 -------- d-----w- C:\Program Files (x86)\Lavasoft
2013-09-10 01:37:22 47496 ----a-w- C:\Windows\System32\sbbd.exe
2013-09-10 01:37:22 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-09-10 01:37:21 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus
2013-08-24 16:21:42 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs
2013-08-24 16:21:37 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-08-24 16:21:16 -------- d-----w- C:\ProgramData\SplitMediaLabs
2013-08-24 16:21:16 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs
2013-08-24 16:20:54 -------- d-----w- C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs
2013-08-18 13:53:02 -------- d-----w- C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software
2013-08-18 13:49:38 53248 ----a-r- C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-08-18 13:48:56 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2013-08-17 23:27:55 -------- d-----w- C:\Program Files\iPod
2013-08-17 23:27:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-17 23:27:54 -------- d-----w- C:\Program Files\iTunes
2013-08-17 23:27:54 -------- d-----w- C:\Program Files (x86)\iTunes
2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-08-17 23:25:15 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-08-15 02:37:58 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-12 07:00:17 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
.
==================== Find3M  ====================
.
2013-08-21 15:09:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 15:09:11 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-21 15:09:07 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-08-15 08:21:37 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-20 05:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-20 05:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 05:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 05:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-10 05:32:38 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-01 16:49:06 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll
2013-07-01 05:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-06-25 00:20:11 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 00:20:11 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-25 00:20:11 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 21:03:21.91 ===============
 

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/18/2013 3:20:15 PM
System Uptime: 9/10/2013 7:47:58 PM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P8Z68-V LE
Processor: Intel® Core i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1823 GiB total, 1722.122 GiB free.
D: is FIXED (NTFS) - 40 GiB total, 34.643 GiB free.
E: is CDROM (CDFS)
F: is FIXED (FAT32) - 233 GiB total, 215.634 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: High Definition Audio Controller
Device ID: PCI\VEN_1002&DEV_AA58&SUBSYS_AA581545&REV_00\4&2E16EFB5&0&01E0
Manufacturer: Microsoft
Name: High Definition Audio Controller
PNP Device ID: PCI\VEN_1002&DEV_AA58&SUBSYS_AA581545&REV_00\4&2E16EFB5&0&01E0
Service: HDAudBus
.
==== System Restore Points ===================
.
RP79: 8/24/2013 12:21:03 PM - Installed XSplit Broadcaster
RP80: 8/25/2013 7:00:10 PM - Windows Backup
RP81: 9/1/2013 7:00:10 PM - Windows Backup
RP82: 9/8/2013 7:00:10 PM - Windows Backup
RP83: 9/10/2013 7:34:35 PM - Restore Operation
.
==== Installed Programs ======================
.
Ad-Aware Antivirus
Ad-Aware Security Add-on
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.6
Age of Empires II: HD Edition
AIM for Windows
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Profiles
Asmedia ASM104x USB 3.0 Host Controller Driver
AVG 2013
AVG SafeGuard toolbar
Bonjour
CameraHelperMsi
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink Power2Go
CyberLink PowerDVD 10
D3DX10
Diablo III
Download Updater (AOL Inc.)
erLT
iCloud
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor 2.0
iTunes
Java 7 Update 25
Java Auto Updater
JavaFX 2.0.3
Junk Mail filter update
Logitech Vid
Logitech Webcam Software
Logitech Webcam Software Driver Package
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
NETGEAR WNDA4100 Genie
PasswordBox
Path of Exile
Photo Common
Photo Gallery
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sendori
SimCity 2000 Special Edition
Skype Click to Call
Skype™ 6.6
Spybot - Search & Destroy
Steam
SUPERAntiSpyware
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XSplit Broadcaster
.
==== Event Viewer Messages From Past Week ========
.
9/10/2013 7:44:49 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
9/10/2013 7:24:51 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
9/10/2013 7:24:51 PM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/10/2013 3:06:54 AM, Error: Service Control Manager [7031]  - The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================
 

Link to post
Share on other sites

RogueKiller V8.6.10 _x64_ [sep  9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Adam Pantano [Admin rights]
Mode : Scan -- Date : 09/10/2013 21:12:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤
[sUSP PATH] nexdef.exe -- C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe [-] -> KILLED [TermProc]
[sUSP PATH] SearchProtection.exe -- C:\ProgramData\Search Protection\SearchProtection.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : AIM for Windows ("C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe" [7]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-603108328-2774621648-2957917973-1000\[...]\Run : AIM for Windows ("C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe" [7]) -> FOUND
[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [7]) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[bROK VAL] HKCR\[...]\command :  () -> MISSING

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤
[Adam Pantano][sUSP PATH] NexDef Plug-in.lnk : C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk @C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe [-][-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS723020BLA642 +++++
--- User ---
[MBR] e586aac099f535a4daa92294c78d1bc0
[bSP] 05ad55a80422b83a6b3ad38d75f01f30 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 500 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1026048 | Size: 40960 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 84912128 | Size: 1866267 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Hitachi HDS723020BLA642 +++++
--- User ---
[MBR] 8081c2ba23b90f5cc447b56b614dbed6
[bSP] 9b2f533c20e0c751fe7be299b0a7c5c1 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_09102013_211254.txt >>

Link to post
Share on other sites

Lets clean out any adware : (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

# AdwCleaner v3.003 - Report created 10/09/2013 at 21:43:59
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Adam Pantano - ADAMPANTANO-PC
# Running from : C:\Users\Adam Pantano\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Search Protection
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Adam Pantano\AppData\LocalLow\adawaretb

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

*************************

AdwCleaner[R0].txt - [6808 octets] - [10/09/2013 21:42:27]
AdwCleaner[s0].txt - [6754 octets] - [10/09/2013 21:43:59]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6814 octets] ##########

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.11.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Adam Pantano :: ADAMPANTANO-PC [administrator]

9/10/2013 9:48:58 PM
MBAM-log-2013-09-10 (21-52-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222298
Time elapsed: 2 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Adam Pantano\Desktop\Setup.exe (PUP.Optional.IBryte) -> No action taken.

(end)

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system)

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 02
Ran by Adam Pantano (administrator) on ADAMPANTANO-PC on 11-09-2013 21:40:47
Running from C:\Users\Adam Pantano\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AOL Inc.) C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Lavasoft Limited) C:\PROGRA~2\AD-AWA~1\AdAware.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_168_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [intelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKCU\...\Run: [AIM for Windows] - C:\Users\Adam Pantano\AppData\Local\AOL\AIM\aim.exe [2930288 2012-12-05] (AOL Inc.)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6185240 2013-06-19] (Piriform Ltd)
HKCU\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5472016 2009-04-30] (Logitech Inc.)
HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-14] (SUPERAntiSpyware)
MountPoints2: {258d84da-c0c2-11e2-a6ac-c860006e03fe} - F:\MotoCastSetup.exe -a
MountPoints2: {ebaa3360-8879-11e2-a788-c860006e03fe} - G:\MotoCastSetup.exe -a
MountPoints2: {f4c46e04-6f8c-11e1-8e1d-806e6f6e6963} - E:\setup.exe
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-04-29] (cyberlink)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-02-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] - "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run [x]
HKLM-x32\...\Run: [sDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Startup: C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk
ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\Adam Pantano\AppData\Local\Autobahn\nexdef.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -  No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 RalinkRegistryWriter; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2012-04-30] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [455424 2012-04-30] (Ralink Technology, Corp.)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-09] (GFI Software)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 cpuz130; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-11 21:40 - 2013-09-11 21:40 - 00000000 ____D C:\FRST
2013-09-11 21:18 - 2013-09-11 21:19 - 00004940 _____ C:\Windows\WindowsUpdate.log
2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-11 07:13 - 2013-09-11 07:13 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\adawarebp
2013-09-10 22:40 - 2013-09-10 22:40 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT1.txt
2013-09-10 22:39 - 2013-09-10 22:39 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT.txt
2013-09-10 22:35 - 2013-09-10 22:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 22:30 - 2013-09-10 22:35 - 01029490 _____ (Thisisu) C:\Users\Adam Pantano\Desktop\JRT.exe
2013-09-10 21:41 - 2013-09-11 07:12 - 00000000 ____D C:\AdwCleaner
2013-09-10 21:41 - 2013-09-10 21:41 - 01037278 _____ C:\Users\Adam Pantano\Desktop\AdwCleaner.exe
2013-09-10 21:12 - 2013-09-10 21:12 - 00002935 _____ C:\Users\Adam Pantano\Desktop\RKreport[0]_S_09102013_211254.txt
2013-09-10 21:11 - 2013-09-10 21:13 - 00000000 ____D C:\Users\Adam Pantano\Desktop\RK_Quarantine
2013-09-10 21:05 - 2013-09-10 21:05 - 03788288 _____ C:\Users\Adam Pantano\Desktop\RogueKillerX64.exe
2013-09-10 21:03 - 2013-09-10 21:03 - 00027172 _____ C:\Users\Adam Pantano\Desktop\dds.txt
2013-09-10 21:03 - 2013-09-10 21:03 - 00010494 _____ C:\Users\Adam Pantano\Desktop\attach.txt
2013-09-10 21:02 - 2013-09-10 21:02 - 00688992 ____R (Swearware) C:\Users\Adam Pantano\Desktop\dds.scr
2013-09-10 20:03 - 2013-09-11 07:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-10 20:03 - 2013-09-10 20:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-10 20:03 - 2013-09-10 20:03 - 00001386 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-10 20:03 - 2013-09-10 20:03 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-10 20:03 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-09-10 20:02 - 2013-09-10 20:02 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Adam Pantano\Desktop\spybotsd-2.1.21-SR2.exe
2013-09-09 23:03 - 2013-09-09 23:03 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\PasswordBox
2013-09-09 22:42 - 2013-09-10 23:01 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-09 22:42 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com
2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-09 22:41 - 2013-09-09 22:42 - 27404504 _____ (SUPERAntiSpyware) C:\Users\Adam Pantano\Desktop\SUPERAntiSpyware.exe
2013-09-09 21:40 - 2013-09-09 21:46 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-09 21:40 - 2013-09-09 21:40 - 00004348 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-09 21:40 - 2013-09-09 21:40 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics
2013-09-09 21:38 - 2013-09-11 21:15 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-09 21:38 - 2013-09-10 19:47 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-09 21:37 - 2013-09-09 23:05 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus
2013-09-09 21:37 - 2013-09-09 21:37 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-09 21:37 - 2013-09-09 21:37 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-09 21:36 - 2013-09-09 21:36 - 05616264 _____ (Lavasoft Limited) C:\Users\Adam Pantano\Desktop\Adaware_Installer.exe
2013-09-08 22:57 - 2013-09-08 22:57 - 00090852 _____ C:\Users\Adam Pantano\Desktop\395637621248637851.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00090428 _____ C:\Users\Adam Pantano\Desktop\753471652949093105.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00073479 _____ C:\Users\Adam Pantano\Desktop\15769549389785069375.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00053562 _____ C:\Users\Adam Pantano\Desktop\15508204569846420613.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00046323 _____ C:\Users\Adam Pantano\Desktop\12812555374516349257.jpeg
2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs
2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs
2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software
2013-08-18 09:48 - 2013-08-18 09:48 - 00000000 ____D C:\ProgramData\Logitech
2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\Program Files\iTunes
2013-08-17 19:27 - 2013-08-17 19:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 19:27 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iPod
2013-08-17 19:25 - 2013-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-15 03:04 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:04 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:04 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:04 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:04 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:04 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:04 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:04 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:04 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:04 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:04 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:04 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:04 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:04 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 22:37 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 22:37 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 22:37 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 22:37 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 22:37 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 22:37 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 22:37 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 22:37 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 22:37 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 22:37 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 22:37 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 22:37 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 22:37 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 22:37 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 22:37 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 22:37 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 22:37 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 22:37 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 22:37 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 22:37 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 22:37 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 22:37 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 22:37 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 22:37 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 22:37 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 22:37 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:37 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 03:00 - 2013-08-12 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

==================== One Month Modified Files and Folders =======

2013-09-11 21:40 - 2013-09-11 21:40 - 01949642 _____ (Farbar) C:\Users\Adam Pantano\Desktop\FRST64.exe
2013-09-11 21:40 - 2013-09-11 21:40 - 00000000 ____D C:\FRST
2013-09-11 21:23 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-11 21:23 - 2009-07-14 00:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-11 21:19 - 2013-09-11 21:18 - 00004940 _____ C:\Windows\WindowsUpdate.log
2013-09-11 21:17 - 2013-05-13 14:43 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-11 21:15 - 2013-09-09 21:38 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-09-11 21:15 - 2013-08-10 21:17 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2013-09-11 21:15 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-11 21:09 - 2013-02-20 00:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-11 20:25 - 2013-09-11 20:25 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-11 17:19 - 2013-02-18 22:13 - 00000000 ____D C:\ProgramData\MFAData
2013-09-11 07:13 - 2013-09-11 07:13 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\adawarebp
2013-09-11 07:12 - 2013-09-10 21:41 - 00000000 ____D C:\AdwCleaner
2013-09-11 07:09 - 2013-09-10 20:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-10 23:01 - 2013-09-09 22:42 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-10 22:40 - 2013-09-10 22:40 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT1.txt
2013-09-10 22:39 - 2013-09-10 22:39 - 00001118 _____ C:\Users\Adam Pantano\Desktop\JRT.txt
2013-09-10 22:35 - 2013-09-10 22:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-10 22:35 - 2013-09-10 22:30 - 01029490 _____ (Thisisu) C:\Users\Adam Pantano\Desktop\JRT.exe
2013-09-10 22:09 - 2013-02-20 00:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-10 22:09 - 2013-02-20 00:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 22:09 - 2012-03-16 13:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-10 21:52 - 2009-07-14 01:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-10 21:41 - 2013-09-10 21:41 - 01037278 _____ C:\Users\Adam Pantano\Desktop\AdwCleaner.exe
2013-09-10 21:13 - 2013-09-10 21:11 - 00000000 ____D C:\Users\Adam Pantano\Desktop\RK_Quarantine
2013-09-10 21:12 - 2013-09-10 21:12 - 00002935 _____ C:\Users\Adam Pantano\Desktop\RKreport[0]_S_09102013_211254.txt
2013-09-10 21:05 - 2013-09-10 21:05 - 03788288 _____ C:\Users\Adam Pantano\Desktop\RogueKillerX64.exe
2013-09-10 21:03 - 2013-09-10 21:03 - 00027172 _____ C:\Users\Adam Pantano\Desktop\dds.txt
2013-09-10 21:03 - 2013-09-10 21:03 - 00010494 _____ C:\Users\Adam Pantano\Desktop\attach.txt
2013-09-10 21:02 - 2013-09-10 21:02 - 00688992 ____R (Swearware) C:\Users\Adam Pantano\Desktop\dds.scr
2013-09-10 20:06 - 2013-09-10 20:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-10 20:03 - 2013-09-10 20:03 - 00001386 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-10 20:03 - 2013-09-10 20:03 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-09-10 20:02 - 2013-09-10 20:02 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Adam Pantano\Desktop\spybotsd-2.1.21-SR2.exe
2013-09-10 19:50 - 2013-06-01 14:06 - 00000000 ____D C:\Users\Adam Pantano\Documents\TOOLBAR
2013-09-10 19:47 - 2013-09-09 22:42 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-09-10 19:47 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-09-10 19:47 - 2013-04-26 14:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-10 19:47 - 2013-04-26 14:49 - 00000000 ____D C:\ProgramData\Skype
2013-09-10 19:47 - 2013-03-30 10:29 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-09-10 19:47 - 2013-02-18 22:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\AVG2013
2013-09-10 19:47 - 2013-02-18 16:20 - 00000000 ___RD C:\Users\Adam Pantano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-10 19:47 - 2013-02-18 16:20 - 00000000 ____D C:\Users\Adam Pantano
2013-09-10 19:47 - 2012-03-16 13:36 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-10 19:47 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-10 19:47 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-09-10 19:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-09-10 19:47 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-09-09 23:05 - 2013-09-09 21:37 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Ad-Aware Antivirus
2013-09-09 23:04 - 2013-06-01 14:05 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-09 23:03 - 2013-09-09 23:03 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\PasswordBox
2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SUPERAntiSpyware.com
2013-09-09 22:42 - 2013-09-09 22:42 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-09 22:42 - 2013-09-09 22:41 - 27404504 _____ (SUPERAntiSpyware) C:\Users\Adam Pantano\Desktop\SUPERAntiSpyware.exe
2013-09-09 21:46 - 2013-09-09 21:40 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-09-09 21:40 - 2013-09-09 21:40 - 00004348 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-09-09 21:40 - 2013-09-09 21:40 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\LavasoftStatistics
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Lavasoft
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-09 21:38 - 2013-09-09 21:38 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-09-09 21:37 - 2013-09-09 21:37 - 00047496 _____ (GFI Software) C:\Windows\system32\sbbd.exe
2013-09-09 21:37 - 2013-09-09 21:37 - 00014456 _____ (GFI Software) C:\Windows\system32\Drivers\gfibto.sys
2013-09-09 21:36 - 2013-09-09 21:36 - 05616264 _____ (Lavasoft Limited) C:\Users\Adam Pantano\Desktop\Adaware_Installer.exe
2013-09-08 22:57 - 2013-09-08 22:57 - 00090852 _____ C:\Users\Adam Pantano\Desktop\395637621248637851.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00090428 _____ C:\Users\Adam Pantano\Desktop\753471652949093105.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00073479 _____ C:\Users\Adam Pantano\Desktop\15769549389785069375.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00053562 _____ C:\Users\Adam Pantano\Desktop\15508204569846420613.jpeg
2013-09-08 22:57 - 2013-09-08 22:57 - 00046323 _____ C:\Users\Adam Pantano\Desktop\12812555374516349257.jpeg
2013-09-02 01:14 - 2013-04-26 14:49 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\Skype
2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\SplitMediaLabs
2013-08-24 12:21 - 2013-08-24 12:21 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-08-24 12:20 - 2013-08-24 12:20 - 00000000 ____D C:\Users\Adam Pantano\AppData\Roaming\SplitMediaLabs
2013-08-18 09:53 - 2013-08-18 09:53 - 00000000 ____D C:\Users\Adam Pantano\AppData\Local\Logitech® Webcam Software
2013-08-18 09:49 - 2013-08-10 21:17 - 00000000 ____D C:\Program Files (x86)\Logitech
2013-08-18 09:49 - 2013-08-10 21:16 - 00008797 _____ C:\Windows\system32\lvcoinst.log
2013-08-18 09:49 - 2013-08-10 21:15 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-08-18 09:48 - 2013-08-18 09:48 - 00000000 ____D C:\ProgramData\Logitech
2013-08-18 09:45 - 2013-08-10 21:15 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iTunes
2013-08-17 19:28 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 19:27 - 2013-08-17 19:27 - 00000000 ____D C:\Program Files\iPod
2013-08-17 19:25 - 2013-08-17 19:25 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-15 04:21 - 2013-03-30 10:29 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-08-15 03:58 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:23 - 2011-03-08 19:38 - 00000000 ____D C:\Windows\Panther
2013-08-15 03:01 - 2013-07-14 03:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:01 - 2013-05-01 20:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 03:00 - 2013-02-20 08:00 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 03:00 - 2013-08-12 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

Files to move or delete:
====================
C:\Users\ADAMPA~1\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-11 00:51

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Also, I have been noticing different ads on pages, even something like Yahoo. They are called "AdChoices" when I click on properties the link takes me to "http://ad.yieldmanager.com/pixel?id=1048831&t=2&piggyback=http%3A%2F%2Finfo%2Eyahoo%2Ecom%2Fprivacy%2Fus%2Fyahoo%2Frelevantads%2Ehtml" or something similar. So it is def related to this yieldmanager request (whatever is causing it).

Link to post
Share on other sites

Seems a lot of people are having the same problem with no answers.


Java 7 Update 25 
Update your Java, it should be Update 40

Go to control panel > Java > Update Tab > Update Now
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

If there's no update tab in Java, uninstall it and Download and install the latest version from Here
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".


Now clear your Java cache:

http://www.java.com/en/download/help/plugin_cache.xml

-----------------------------

Use your CCleaner to clean out temp files.

Then.........

Please run a free online scan with the ESET Online Scanner:
Note: You will need to use Internet Explorer for this scan.
http://www.eset.eu/online-scanner
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Advanced settings and select the following:

  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

Click Start
Wait for the scan to finish
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.