Jump to content

PUP malware & BLANK Light Blue Screen upon Startup in Normal mode :(


Recommended Posts

Please help you guys,

 

I have a Laptop Toshiba Sattelite L305 and I downloaded AdwCleaner and when it restarted my computer, I noticed a Light Blue blank screen upon StartUp, but If I am using Safe Mode with Networking, I can surf the internet, it runs normal, but if I am on Normal mode restarting, it just goes to a Blank light blue screen. Please help me :(

 

I ran a scan on Malwarebytes and this is what I found. A whole bunch of PUP malware. Do you think this caused my Blank light blue screen upon Startup, it wont take me to my Desktop :(!!!!!!!

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.26.09

Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Anam :: ANAM-PC [administrator]

9/26/2013 10:09:44 PM
mbam-log-2013-09-26 (22-09-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213082
Time elapsed: 8 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Users\Anam\AppData\Local\Temp\ct3298566 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 20
C:\Users\Anam\AppData\Local\Temp\Installer.exe (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\MixiCND_CID2_20130716.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\CT3298566.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\ct3298566\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Anam\Downloads\Setup(1).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\Anam\Downloads\Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
 

Link to post
Share on other sites

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop.

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

 

Double click on each in turn until one version will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

Process;emptyclsid;firefoxlook;Chromelook;CHRdefaults;autoclean;iedefaults;filesrcm;startupall;

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply…..

Link to post
Share on other sites

Thank you so much for your quick reply. Here are the Zoek Results

 

 

 

 

 

 

Zoek.exe Version 4.0.0.4 Updated 27-September-2013
Tool run by Anam on Fri 09/27/2013 at 16:29:13.19.
Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Anam\Desktop\zoek\zoek.exe   [Quick Scan] [Auto Clean]

==== System Restore Info ======================

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-587149693-440183245-2185910456-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D6F20C2-AB73-4D9A-9D6C-F87E769B5A69} deleted successfully
HKEY_USERS\S-1-5-21-587149693-440183245-2185910456-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default

user.js not found
---- Lines CT3298566 removed from prefs.js ----


---- Lines CT3298566 modified from prefs.js ----


---- Lines C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566 removed from prefs.js ----


---- Lines C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566 modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----

prefs_20130927_0434_.backup

ProfilePath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\djofqw49.default

prefs.js not found
user.js not found
---- Lines CT3298566 removed from prefs.js ----


---- Lines CT3298566 modified from prefs.js ----


---- Lines C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566 removed from prefs.js ----


---- Lines C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566 modified from prefs.js ----


---- FireFox user.js and prefs.js backups ----


==== Deleting Files \ Folders ======================

"C:\Users\Anam\AppData\Local\{000F5AEB-7E31-4277-9312-1F3881F16513}" deleted
"C:\Users\Anam\Downloads\avg_free_stb_all_2012_1808_cnet.exe" deleted
"C:\found.000" deleted
"C:\found.001" deleted
"C:\found.003" deleted
"C:\found.005" deleted
"C:\found.006" deleted
"C:\Users\Nadia\AppData\LocalLow\AskToolbar" deleted
"C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566" deleted
"C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default\CT3298566" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Anam\AppData\Local\Temp ====
2013-09-24 22:31:06    14D8444746CF6F5EB038E49874D538F6    5165344    ----a-w-    C:\Users\Anam\AppData\Local\Temp\tbMixi.dll
2013-09-24 04:10:09    E0347CFB68DA6E23F52FE39A198D7B12    492164    ----a-w-    C:\Users\Anam\AppData\Local\Temp\{397914D6-8227-4063-8A4C-BE85C53886C1}\ISSetup.dll
2013-09-24 04:10:09    A205551E7BA8580D2C0FF896A4D79FA9    460248    ----a-w-    C:\Users\Anam\AppData\Local\Temp\_is73C8.exe
2013-09-24 04:10:09    30EBD4E80B1DDA05EAC709A1DC5965B4    164784    ----a-w-    C:\Users\Anam\AppData\Local\Temp\{397914D6-8227-4063-8A4C-BE85C53886C1}\_Setup.dll
2013-09-24 04:08:49    F798F61B3B5642D7086B96A891B129D2    37664    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\avgtpx86.sys
2013-09-24 04:08:49    EE0631F44A03290D8508A12ED3B73D87    145072    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
2013-09-24 04:08:49    A56B06DEAEC7750B453BAA32D959CC16    43184    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\helper.dll
2013-09-24 04:08:49    A4A33D48E286619CDC78DD7EBC18C740    569520    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
2013-09-24 04:08:49    9846C6120CBCDA5E069F29600612B39A    1095344    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
2013-09-24 04:08:49    60EF0935011E420C1E90E3EB4FE480C4    257712    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ConfigFiles\avguidx.dll
2013-09-24 04:08:49    2B32843667FCE26ED229AF9D8FD989DE    581808    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
2013-09-24 04:08:49    1720A8128CD866BBEE8C7D8206391403    3086512    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
2013-09-24 04:08:49    0B66D02FD0C8DF346E459AFC38FE5433    596144    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
2013-09-24 04:08:49    0B2520AA90C20971BDB45AE6F3047E0F    45856    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\avgtpx64.sys
2013-09-24 04:08:48    E24B539E8B4F7FBAE1EC785809690C40    2285232    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\vprot.exe
2013-09-24 04:08:48    DEB90E51DD0F6B9F087C1972CC796489    920240    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\lip.exe
2013-09-24 04:08:48    D617A2BFA86001819D20ADCF0BC20719    1822896    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
2013-09-24 04:08:48    BEA34C09A21490C8BBE89167967FAC26    641200    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
2013-09-24 04:08:48    4F3A274E95A94E196AC224E1646E8013    147120    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
2013-09-24 04:08:48    308598FF177676648E043CE28E09FCCD    2267824    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
2013-09-24 04:08:48    2F208AD0E44992E5FF1CB7C6B699C263    1616048    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
2013-09-24 04:08:48    2F1CE0072D1FFC72048D9544452C939F    572592    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ConfigFiles\MachineIdCreator.exe
2013-09-24 04:08:47    9A413B46E4035E5793FDF81EBA71EB55    2196656    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\avg-secure-search-installer.exe
2013-09-24 04:08:47    7BA1BAD7FD40CEAA0F0902BC0D92DFB0    640176    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
2013-09-24 04:08:44    C4CB0D49D9146DBE7D2AC76B5BE015BA    4540440    ----a-w-    C:\Users\Anam\AppData\Local\Temp\oi_{F0BA9F46-E491-420E-ACE6-67B18BCBAC6A}.exe
2013-09-24 04:08:37    D09CE61BD82E96A4F76E4C1049761BD1    494920    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
2013-09-24 04:08:37    AAA7D53D228E76B4291AC61E987BB058    247808    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ConfigFiles\avguidx.dll
2013-09-24 04:08:37    83B017935870D4ADA363EC59D3488D6B    157000    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
2013-09-24 04:08:37    5235D84702262FC9BCF1A35B261CC1CE    37720    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\avgtpx64.sys
2013-09-24 04:08:37    2F55CAAC94D302C5373FF317DB644D28    568648    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
2013-09-24 04:08:37    2F1CB7371568776FC578FEB8510148B0    562504    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
2013-09-24 04:08:37    139723C3A6EB619CBD62ABB437E930DF    31576    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\avgtpx86.sys
2013-09-24 04:08:37    0DE164BCD7ACAF98D12985CAA606B099    565576    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
2013-09-24 04:08:36    FFA46363EC9CE2572B39F96CC8BBB7D4    146248    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
2013-09-24 04:08:36    F38DBF287B64358BD10FD002DC91C512    1175368    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\avg-secure-search-installer.exe
2013-09-24 04:08:36    ED1A74F529D0829CF28DB53E33A58F38    1014600    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
2013-09-24 04:08:36    BC39FCA7E32300ECBAEE98E75C4FBD0F    1883976    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dll
2013-09-24 04:08:36    B6C65F3EDBD95E9B61694B86269F7D2E    652616    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\lip.exe
2013-09-24 04:08:36    78F4402803F507A8EB978649CC3984E1    464200    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
2013-09-24 04:08:36    5E299254DE2A70D7DBCEDE30D6462052    1100616    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\vprot.exe
2013-09-24 04:08:36    486D0F932FF8A272C778A1E748A61A57    1180488    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
2013-09-24 04:08:36    301CFD154D004E5BC5EC092D86ADC5DB    945480    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
2013-09-24 04:08:36    07DA2495C8911208579FFBBF0568E232    509256    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
2013-09-24 04:08:36    05AF2D045031BD83A5D988910F2AACF0    157000    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ConfigFiles\MachineIdCreator.exe
2013-09-24 04:01:12    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\system32 =====
2013-09-24 04:06:58    67EC459E42D3081DD8FD34356F7CAFC1    770384    ----a-w-    C:\Windows\System32\msvcr100.dll
2013-09-24 04:06:58    03E9314004F504A14A61C3D364B62F66    421200    ----a-w-    C:\Windows\System32\msvcp100.dll
====== C:\Windows\system32\drivers =====
2013-09-27 02:07:33    4470E3C1E0C3378E4CAB137893C12C3A    22856    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-09-24 04:08:59    F798F61B3B5642D7086B96A891B129D2    37664    ----a-w-    C:\Windows\System32\drivers\avgtpx86.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\Anam\AppData\Roaming ======
2013-09-24 04:06:50    --------    d-----w-    C:\Users\Anam\AppData\Locallow\Temp
2013-09-10 21:54:59    --------    d-s---w-    C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft
====== C:\Users\Anam ======
2013-09-27 20:23:34    17C8BF490CA207D06EF2A0EC84F47191    1042066    ----a-w-    C:\Users\Anam\Downloads\adwcleaner.exe
2013-09-27 02:06:05    683FDD3D773C58B262DC07CD0C6CE938    10285040    ----a-w-    C:\Users\Anam\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-27 02:00:13    482CBA6D1C944A314AC9715F6754DF79    80456    ----a-w-    C:\Users\Anam\Downloads\mbam-clean-1.60.2.0003(1).exe
2013-09-27 01:57:02    482CBA6D1C944A314AC9715F6754DF79    80456    ----a-w-    C:\Users\Anam\Downloads\mbam-clean-1.60.2.0003.exe
2013-09-24 04:08:04    9CAEC4452CB20FD0BCF56868B94B96C9    592856    ----a-w-    C:\Users\Anam\Downloads\cbsidlm-tr1_15-AdwCleaner-SEO-75851221.exe
2013-09-24 04:01:03    64C1A0E3E5B08FAFD6B4678B3A90BE1F    1030038    ----a-w-    C:\Users\Anam\Downloads\JRT.exe

====== C: exe-files ==
2013-09-27 20:23:34    17C8BF490CA207D06EF2A0EC84F47191    1042066    ----a-w-    C:\Users\Anam\Downloads\adwcleaner.exe
2013-09-27 20:18:45    454B3B87A9B31FD96E37A76379FE7EE9    544    ----a-w-    C:\$RECYCLE.BIN\S-1-5-21-587149693-440183245-2185910456-1000\$I9H3U3B.exe
2013-09-27 02:06:05    683FDD3D773C58B262DC07CD0C6CE938    10285040    ----a-w-    C:\Users\Anam\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-27 02:00:13    482CBA6D1C944A314AC9715F6754DF79    80456    ----a-w-    C:\Users\Anam\Downloads\mbam-clean-1.60.2.0003(1).exe
2013-09-27 01:57:02    482CBA6D1C944A314AC9715F6754DF79    80456    ----a-w-    C:\Users\Anam\Downloads\mbam-clean-1.60.2.0003.exe
2013-09-24 04:24:47    17C8BF490CA207D06EF2A0EC84F47191    1042066    ----a-w-    C:\$RECYCLE.BIN\S-1-5-21-587149693-440183245-2185910456-1000\$R9H3U3B.exe
2013-09-24 04:10:09    A205551E7BA8580D2C0FF896A4D79FA9    460248    ----a-w-    C:\Users\Anam\AppData\Local\Temp\_is73C8.exe
2013-09-24 04:08:48    E24B539E8B4F7FBAE1EC785809690C40    2285232    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\vprot.exe
2013-09-24 04:08:48    DEB90E51DD0F6B9F087C1972CC796489    920240    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\lip.exe
2013-09-24 04:08:48    D617A2BFA86001819D20ADCF0BC20719    1822896    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
2013-09-24 04:08:48    BEA34C09A21490C8BBE89167967FAC26    641200    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
2013-09-24 04:08:48    4F3A274E95A94E196AC224E1646E8013    147120    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
2013-09-24 04:08:48    308598FF177676648E043CE28E09FCCD    2267824    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
2013-09-24 04:08:48    2F208AD0E44992E5FF1CB7C6B699C263    1616048    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
2013-09-24 04:08:48    2F1CE0072D1FFC72048D9544452C939F    572592    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ConfigFiles\MachineIdCreator.exe
2013-09-24 04:08:47    9A413B46E4035E5793FDF81EBA71EB55    2196656    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\avg-secure-search-installer.exe
2013-09-24 04:08:47    7BA1BAD7FD40CEAA0F0902BC0D92DFB0    640176    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
2013-09-24 04:08:44    C4CB0D49D9146DBE7D2AC76B5BE015BA    4540440    ----a-w-    C:\Users\Anam\AppData\Local\Temp\oi_{F0BA9F46-E491-420E-ACE6-67B18BCBAC6A}.exe
2013-09-24 04:08:36    FFA46363EC9CE2572B39F96CC8BBB7D4    146248    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
2013-09-24 04:08:36    F38DBF287B64358BD10FD002DC91C512    1175368    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\avg-secure-search-installer.exe
2013-09-24 04:08:36    ED1A74F529D0829CF28DB53E33A58F38    1014600    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
2013-09-24 04:08:36    B6C65F3EDBD95E9B61694B86269F7D2E    652616    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\lip.exe
2013-09-24 04:08:36    78F4402803F507A8EB978649CC3984E1    464200    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
2013-09-24 04:08:36    5E299254DE2A70D7DBCEDE30D6462052    1100616    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\vprot.exe
2013-09-24 04:08:36    486D0F932FF8A272C778A1E748A61A57    1180488    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
2013-09-24 04:08:36    301CFD154D004E5BC5EC092D86ADC5DB    945480    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
2013-09-24 04:08:36    07DA2495C8911208579FFBBF0568E232    509256    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
2013-09-24 04:08:36    05AF2D045031BD83A5D988910F2AACF0    157000    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ConfigFiles\MachineIdCreator.exe
2013-09-24 04:08:04    9CAEC4452CB20FD0BCF56868B94B96C9    592856    ----a-w-    C:\Users\Anam\Downloads\cbsidlm-tr1_15-AdwCleaner-SEO-75851221.exe
2013-09-24 04:01:12    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-09-24 04:01:03    64C1A0E3E5B08FAFD6B4678B3A90BE1F    1030038    ----a-w-    C:\Users\Anam\Downloads\JRT.exe
=== C: other files ==
2013-09-27 02:07:33    4470E3C1E0C3378E4CAB137893C12C3A    22856    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-09-24 04:08:59    F798F61B3B5642D7086B96A891B129D2    37664    ----a-w-    C:\Windows\System32\drivers\avgtpx86.sys
2013-09-24 04:08:49    F798F61B3B5642D7086B96A891B129D2    37664    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\avgtpx86.sys
2013-09-24 04:08:49    0B2520AA90C20971BDB45AE6F3047E0F    45856    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\CommonFiles\AVG SafeGuard toolbar\avgtpx64.sys
2013-09-24 04:08:46    A18651DEEC522D0C3362266A26A8CC97    257159    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgData\AVG SafeGuard toolbar\ChromeExt\15.4.0.5\avg.crx
2013-09-24 04:08:46    264F8E1A89771B80D9F2985A68BAA8C3    178115    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03876\ProgFiles\AVG SafeGuard toolbar\data.zip
2013-09-24 04:08:37    5235D84702262FC9BCF1A35B261CC1CE    37720    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\avgtpx64.sys
2013-09-24 04:08:37    139723C3A6EB619CBD62ABB437E930DF    31576    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\CommonFiles\AVG SafeGuard toolbar\avgtpx86.sys
2013-09-24 04:08:36    7DD13BC2983BC384F5883F97BA0149F9    180659    ----a-w-    C:\Users\Anam\AppData\Local\Temp\avg_a03644\ProgData\AVG SafeGuard toolbar\ChromeExt\14.0.0.12\avg.crx
2013-09-24 04:01:12    FDB9CF820305FE44231763042642F7A6    12733    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\searchlnk.bat
2013-09-24 04:01:12    E0589EF14B8B620FE8754D61C1538F9D    152206    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\firefox.bat
2013-09-24 04:01:12    D1D3FD0499CAD7C6CC982D84420C1B7C    16063    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\get.bat
2013-09-24 04:01:12    CC6C23C02BE66014AD87F2678BBB3A1D    8117    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\modules.bat
2013-09-24 04:01:12    B964B792D3692699CD7D4FDB63EE470E    1239    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\FWPolicy.bat
2013-09-24 04:01:12    B45931E5313CB14CAA0F2BC3DA30E6FC    29648    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\ask.bat
2013-09-24 04:01:12    8A5F66FA7FEC2E9BE70081BEA85CF380    10261    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\JRT.bat
2013-09-24 04:01:12    80D02380F1AC33E459324B088392A1EC    732    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\ev_clear.bat
2013-09-24 04:01:12    654E9FE74B930A454EE5BDE165794B65    85    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\delorphans.bat
2013-09-24 04:01:12    603595734D290C73FA40EDA1ACADF265    14973    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\chrome.bat
2013-09-24 04:01:12    58605DA3492FB918D3D40B1FB88046AE    39471    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\prelim.bat
2013-09-24 04:01:12    4A6E641AAC6D55A22B86A0753C6B8667    146539    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\misc.bat
2013-09-24 04:01:12    1FBF882AA934A741530741FC134872A3    1243    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\TDL4.bat
2013-09-24 04:01:12    14D6EE8B672684E2232FB430D8C4A928    18668    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\medfos.bat
2013-09-24 04:01:12    1277E771E8BF193B4C64BA5BAE6A424E    8398    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\runvalues.bat
2013-09-24 04:01:12    0768E560CCD86C18F35FAD29DCEA7B80    1820    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\delfolders.bat
2013-09-24 04:01:12    05B282816F9DB49C325A5D88ECF0D9A1    29932    ----a-w-    C:\Users\Anam\AppData\Local\Temp\jrt\iexplore.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-587149693-440183245-2185910456-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="TOSCDSPD.EXE"
"Akamai NetSession Interface"="C:\Users\Anam\AppData\Local\Akamai\netsession_win.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-21-587149693-440183245-2185910456-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"924_1930563102704"="C:\Users\Anam\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"NDSTray.exe"="NDSTray.exe"
"cfFncEnabler.exe"="cfFncEnabler.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"snp2std"="C:\Windows\vsnp2std.exe"
"AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe "
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"
"Malwarebytes Anti-Malware (cleanup)"="rundll32.exe C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll,ProcessCleanupScript"
"924_1930298102704"="C:\Users\Anam\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp_r.bat"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="TOSCDSPD.EXE"
"Akamai NetSession Interface"="C:\Users\Anam\AppData\Local\Akamai\netsession_win.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"924_1930563102704"="C:\Users\Anam\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat"

==== Startup Folders ======================

2011-09-26 03:34:33    1882    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\52375223-1E16-4178-8570-64551329A3E6.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/19/2011 05:14 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/19/2011 05:14 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default
- BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

ProfilePath: C:\Users\Nadia\AppData\Roaming\Mozilla\Firefox\Profiles\djofqw49.default
- Hide My Ass Proxy Extension - %ProfilePath%\extensions\extension@hidemyass.com.xpi
- BetterPrivacy - %ProfilePath%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Anam\AppData\Roaming\Mozilla\Firefox\Profiles\me0sl4d0.default
101700E93EB905992B518256CB441829    - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll -    Google Update
AE1971EEAD01BEEE155F0EBB4B09D2D7    - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -    QuickTime Plug-in 7.7
2F7E933613F278A713F45E51B9BFE954    - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -    QuickTime Plug-in 7.7
BD879D8AFBCCAB1F957904168D9CD6D8    - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -    QuickTime Plug-in 7.7
21EF01CBD2E5D126D51EF8FFDBB98390    - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -    QuickTime Plug-in 7.7
01986158921B5064631F6C47A998FD99    - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -    QuickTime Plug-in 7.7
15A10AEA93A48B82E7AF02B6F32D3564    - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -    QuickTime Plug-in 7.7
534FB04D167CE2B8DE6E180A23646074    - C:\Program Files\QuickTime\Plugins\npqtplugin.dll -    QuickTime Plug-in 7.7
5AD4E19D583FA285F4B5CCB7784A28C2    - C:\Windows\system32\Macromed\Flash\NPSWF32.dll -    Shockwave Flash
D8A3FDE47CBDC2D6DFAC14243050526B    - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll -    WPI Detector 1.4
CE252B04FB9F4F773A7DB5338BFEEA5B    - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL -    CANON iMAGE GATEWAY Album Plugin Utility
AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll -    Adobe Acrobat


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.toshibadirect.com/dpdstart"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yahoo.com/?ilc=8"
"Default_Page_URL"="http://www.yahoo.com/?ilc=8"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{77695E20-8E65-4041-88A5-33787F75BAEA} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSHB_enUS450"

==== Empty IE Cache ======================

C:\Users\Anam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Anam\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nadia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Anam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Anam\AppData\Local\Mozilla\Firefox\Profiles\me0sl4d0.default\Cache emptied successfully
C:\Users\Nadia\AppData\Local\Mozilla\Firefox\Profiles\djofqw49.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Anam\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Anam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on Fri 09/27/2013 at 16:41:28.26 ======================
 

Link to post
Share on other sites

There is evidence in your log that may suggest a failing Hard drive or power supply unit, it would be a good idea to back up any important data in case a sudden failure did happen. How old is your system? have you had any unusual behavior previously?

 

If you are happy to continue run the following:

 

Please download RogueKiller from here:

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe <- 32 bit version

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe  <- 64 bit version

                                     

  • Make sure to get the correct version for your system.
  • Quit all running programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • Wait until Prescan has finished...
  • The following EULA will appear, please select accept
     
    RKLicence.png
     
  • Ensure MBR scan, Check faked and AntiRootkit are checked
  • Select Scan
     
    RK1A.png
     
  • When the scan completes select Report, copy and paste that to your reply.
     
    RK2A.png
     
  • The log should be found in RKreport[?].txt on your Desktop
  • Exit/Close RogueKiller

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.