Jump to content

web-opinions.com... hijacking my clicks on webpages


Recommended Posts

Well was doing well with my comp but recently started noticing i kept getting redirected to other websites when i clicked on certain webpages.  A major one was when i was going to type in password for bank of america and getting redirected to a free credit report for being a BOA member.  Luckily i have not been crazy enough to click anything else.  but help because god knows what they may already have for my info.

Link to post
Share on other sites

here is my DDS

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.25.2
Run by Neill at 21:59:12 on 2013-10-19
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8190.5564 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\ASUS\ROG GameFirst\spd.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Sendori\sndappv2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sendori\SendoriSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Sendori\SendoriUp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\Sendori\SendoriTray.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Sendori\Sendori.Service.exe
C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: SweetPacks A5 Toolbar: {93ec97bf-fe43-4bca-a735-5c5d6a0a40c4} - C:\Program Files (x86)\SweetPacks_A5\prxtbSwee.dll
mURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
mURLSearchHooks: SweetPacks A5 Toolbar: {93ec97bf-fe43-4bca-a735-5c5d6a0a40c4} - C:\Program Files (x86)\SweetPacks_A5\prxtbSwee.dll
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SweetPacks A5 Toolbar: {93ec97bf-fe43-4bca-a735-5c5d6a0a40c4} - C:\Program Files (x86)\SweetPacks_A5\prxtbSwee.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: SweetPacks A5 Toolbar: {93ec97bf-fe43-4bca-a735-5c5d6a0a40c4} - C:\Program Files (x86)\SweetPacks_A5\prxtbSwee.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [googletalk] C:\Users\Neill\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
mRun: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
mRun: [QFan Help] "C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe"
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\Users\Neill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Neill\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Users\Neill\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: Interfaces\{258CF985-BC5B-4636-85E6-69A7C0E68BA1} : NameServer = 192.168.1.1,192.168.1.3
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [ROG GameFirst] C:\Program Files\ASUS\ROG GameFirst\cFosSpeed.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\
FF - ExtSQL: 2013-10-12 00:00; jzkenlkaloil@kctewplunsmgzuca.org; C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\extensions\jzkenlkaloil@kctewplunsmgzuca.org
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 39768]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-6-10 96896]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-1 2746704]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]
R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-9 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-6-10 39480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-6-10 1301504]
R3 VMfilt;VMfilt;C:\Windows\System32\drivers\VMfilt64.sys [2010-6-10 25600]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-2-15 401696]
S?2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-23 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-23 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-4-11 1025352]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
S3 EagleX64;EagleX64;C:\Windows\System32\drivers\EagleX64.sys [2013-2-20 140088]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-1-12 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-6-27 20992]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-16 1255736]
.
=============== Created Last 30 ================
.
2013-10-20 01:40:29 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-14 00:24:54 -------- d-----w- C:\Users\Neill\AppData\Local\LogMeIn
2013-10-14 00:24:54 -------- d-----w- C:\ProgramData\LogMeIn
2013-10-13 05:28:01 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-13 05:28:01 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-13 05:28:01 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-13 05:28:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-13 05:28:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-13 05:28:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-13 05:28:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-10-12 23:26:30 -------- d-----w- C:\Users\Neill\AppData\Local\Conduit
2013-10-12 23:26:30 -------- d-----w- C:\ProgramData\Conduit
2013-10-12 23:26:30 -------- d-----w- C:\Program Files (x86)\SweetPacks_A5
2013-10-12 23:26:19 -------- d-----w- C:\Program Files (x86)\Conduit
2013-10-12 23:26:11 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-10-12 23:26:08 -------- d-----w- C:\Users\Neill\AppData\Roaming\SearchProtect
2013-10-12 23:25:23 -------- d-----w- C:\Windows\SysWow64\jmdp
2013-10-12 23:25:23 -------- d-----w- C:\Windows\System32\ljkb
2013-10-12 23:25:21 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2013-10-12 23:25:21 -------- d-----w- C:\Windows\SysWow64\ARFC
2013-10-12 23:25:19 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
2013-10-12 23:25:19 1761584 ----a-w- C:\Windows\System32\dmwu.exe
2013-10-12 23:25:18 -------- d-----w- C:\Windows\SysWow64\WNLT
2013-10-12 23:25:17 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-11 20:43:02 -------- d-----w- C:\Program Files\McAfee Security Scan
2013-10-11 10:36:51 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-11 10:36:51 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-10-11 10:34:33 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-10-11 10:34:33 42496 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2013-10-11 10:34:33 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-10-11 10:34:06 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-10-11 10:34:06 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2013-10-11 10:34:06 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-10-11 10:34:06 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-10-11 10:34:06 102400 ----a-w- C:\Windows\System32\davclnt.dll
2013-10-11 10:33:39 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-10-11 10:33:38 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-10-11 10:33:38 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-10-11 10:33:38 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-10-11 10:33:11 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-11 10:31:19 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 10:31:19 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 10:30:52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-10-11 10:30:25 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-10-10 10:47:02 -------- d-----w- C:\Users\Neill\AppData\Roaming\AVG2014
2013-10-10 10:46:57 -------- d-----w- C:\Users\Neill\AppData\Local\Avg2014
2013-09-29 03:06:48 -------- d-----w- C:\ProgramData\AVG2014
2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
.
==================== Find3M  ====================
.
2013-10-09 11:26:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 11:26:08 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-09-03 13:52:45 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-03 13:52:45 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-09-03 13:52:45 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-08-01 20:07:06 251192 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
.
============= FINISH: 21:59:20.57 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 6/10/2010 7:23:58 PM
System Uptime: 10/14/2013 6:09:09 PM (123 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | Crosshair IV Formula
Processor: AMD Phenom II X6 1090T Processor | AM3 | 3210/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 528.57 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP321: 10/12/2013 7:23:42 PM - Installed LogMeIn Hamachi
RP322: 10/13/2013 3:00:30 AM - Windows Update
RP323: 10/19/2013 10:28:46 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
µTorrent
Acrobat.com
Adobe Flash Player 11 Plugin
AI Suite
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD USB Filter Driver
AMD VISION Engine Control Center
Antichamber
ASUSUpdate
ATI AVIVO64 Codecs
ATI Catalyst Registration
AVG 2014
AVG PC Tuneup 2011
Backup Assistant Plus
Bandisoft MPEG-1 Decoder
Battlefield 3™
Battlelog Web Plugins
BioShock
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG5200 series MP Drivers
Canon MG5200 series User Registration
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Curse Client
Diablo III
Dragon Age II
Dragon Age: Origins
Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.14.00.802
EA Installer
EPU
ESN Sonar
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
Guild Wars 2
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2484841)
HydraVision
Java 7 Update 15 (64-bit)
Java 7 Update 25
Java Auto Updater
JMicron JMB36X Driver
Juniper Networks, Inc. Setup Client
Juniper Networks, Inc. Setup Client Activex Control
Juniper Terminal Services Client
League of Legends
Lineage II
LogMeIn Hamachi
Magic Online
Magic The Gathering Online 
Malwarebytes Anti-Malware version 1.75.0.1300
MapleStory
Marvell Miniport Driver
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Monaco
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.4.0
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mumble 1.2.3
My Game Long Name
NCsoft Launcher
NEC Electronics USB 3.0 Host Controller Driver
Nexon Game Manager
Nexus Mod Manager
NVIDIA PhysX
Origin
Pando Media Booster
PC Probe II
Platform
PunkBuster Services
ROG GameFirst v4.53
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Sendori
Sid Meier's Civilization V
SimCity™
Skype™ 6.9
SolForge
Sound Blaster X-Fi MB
Star Wars: The Old Republic
StarCraft II
StarCraft II Beta
Steam
SUABnR
TeamSpeak 3 Client
The Lord of the Rings FREE Trial 
TurboV EVO
Ultima Online Classic Client
Ultima Online Stygian Abyss
Ultima Online Stygian Abyss Classic
Uncharted Waters Online
UOAssist
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Ventrilo Client for Windows x64
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
VIA Platform Device Manager
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Windows Media Player Firefox Plugin
World of Warcraft
Xfire (remove only)
.
==== Event Viewer Messages From Past Week ========
.
10/19/2013 9:40:36 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Application Sendori service.
10/19/2013 9:38:28 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
10/19/2013 9:38:02 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/19/2013 9:28:34 PM, Error: Service Control Manager [7031]  - The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/16/2013 6:58:34 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer EMILE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FCC2D7A2-2F80-4096-AF18-16E0DEB976AC}. The master browser is stopping or an election is being forced.
10/14/2013 6:09:44 PM, Error: Service Control Manager [7000]  - The AODDriver4.2 service failed to start due to the following error:  The system cannot find the file specified.
10/13/2013 9:58:31 AM, Error: Service Control Manager [7034]  - The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
10/12/2013 7:25:27 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
10/12/2013 7:25:27 PM, Error: Service Control Manager [7000]  - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/12/2013 7:25:22 PM, Error: Service Control Manager [7030]  - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
10/12/2013 11:13:36 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/12/2013 11:13:36 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello saladid! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall this application: µTorrent

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Step 3

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Clean.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[s1].txt as well.
    Step 4
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

    In your next reply, post the following log files:

    • Junkware Removal Tool log
    • AdwCleaner log
    • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

U cant find the adwcleaner log...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Ultimate x64
Ran by Neill on Mon 10/21/2013 at 14:15:43.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2399436758-2014220237-2777049951-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2399436758-2014220237-2777049951-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3314312
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4A8F2E87-4C6A-4D23-B921-049319A37D03}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B4CB5F6C-7D66-4CF1-B1B5-A01995ADA092}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Neill\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\end"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\starapp"
Successfully deleted: [Folder] "C:\Users\Neill\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Neill\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Neill\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Neill\appdata\local\downloadterms"
Successfully deleted: [Folder] "C:\Users\Neill\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Neill\AppData\Roaming\mozilla\firefox\profiles\alwmh4f7.default\user.js
Successfully deleted: [File] C:\Users\Neill\AppData\Roaming\mozilla\firefox\profiles\alwmh4f7.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Neill\AppData\Roaming\mozilla\firefox\profiles\alwmh4f7.default\searchplugins\mystart search.xml
Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net"
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\lesstabs@lesstabs.com
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Neill\appdata\local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
Successfully deleted: [Folder] C:\Users\Neill\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/21/2013 at 14:20:41.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.21.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Neill :: NEILL-PC [administrator]
 
10/21/2013 2:26:33 PM
mbam-log-2013-10-21 (14-26-33).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232324
Time elapsed: 6 minute(s), 44 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Neill\Downloads\Chrome_Setup.exe (PUP.Optional.TinyInstaller) -> Quarantined and deleted successfully.
 
(end)
 
Link to post
Share on other sites

# AdwCleaner v3.010 - Report created 21/10/2013 at 14:22:49

# Updated 20/10/2013 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Neill - NEILL-PC

# Running from : C:\Users\Neill\Downloads\AdwCleaner (1).exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

[#] Folder Deleted : C:\ProgramData\Browser Manager

Folder Deleted : C:\Program Files (x86)\SweetPacks_A5

Folder Deleted : C:\Users\Neill\AppData\LocalLow\SweetPacks_A5

Folder Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\ICQToolbarData

Folder Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\CT3314312

Folder Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

Folder Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\Extensions\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}

File Deleted : C:\Windows\System32\dmwu.exe

File Deleted : C:\Windows\System32\ImhxxpComm.dll

File Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\searchplugins\icqplugin-4.xml

File Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\searchplugins\icqplugin-5.xml

File Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\searchplugins\icqplugin-6.xml

File Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\searchplugins\icqplugin-7.xml

File Deleted : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\searchplugins\icqplugin-8.xml

File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [iCQ Search]

Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook

Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4634A024-1754-4A6D-B4C0-4968168E3B7B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93EC97BF-FE43-4BCA-A735-5C5D6A0A40C4}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4634A024-1754-4A6D-B4C0-4968168E3B7B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C1071F0-F3B2-4FB1-ABDC-852EC002A0CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59B73F66-4559-431D-A5DE-DA166C2D2F50}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93EC97BF-FE43-4BCA-A735-5C5D6A0A40C4}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{93EC97BF-FE43-4BCA-A735-5C5D6A0A40C4}]

Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks_A5

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\ICQ\ICQToolbar

Key Deleted : HKLM\Software\SweetPacks_A5

Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

Key Deleted : [x64] HKLM\SOFTWARE\wnlt

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16720

 

 

-\\ Mozilla Firefox v23.0.1 (en-US)

 

[ File : C:\Users\Neill\AppData\Roaming\Mozilla\Firefox\Profiles\alwmh4f7.default\prefs.js ]

 

 

-\\ Google Chrome v30.0.1599.101

 

[ File : C:\Users\Neill\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : homepage

 

*************************

 

AdwCleaner[R0].txt - [4057 octets] - [21/10/2013 14:22:28]

AdwCleaner[s0].txt - [4018 octets] - [21/10/2013 14:22:49]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4078 octets] ##########
Link to post
Share on other sites

Glad I could help! :)

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.