azazz Posted October 28, 2013 ID:747214 Share Posted October 28, 2013 I am running Windows 7. My computer won't start in safe mode; just restarts. I downloaded Farbar Recovery Scan Tool and have it on a flashdrive. Ran FRST64 and i have a FRST.txt log. From all the forums I have read, it seems I need someone to evaluate the data specific to my computer so I cannot go any farther on my own. To anyone with the know-how, PLEASE HELP! Here is mt FRST.txt log: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2013 01Ran by SYSTEM on MININT-HN35IAD on 27-10-2013 21:29:31Running from E:\Windows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: RecoveryThe current controlset is ControlSet001ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [set] - c:\programdata\SetWallpaper.cmdHKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8084000 2009-08-25] (Realtek Semiconductor)HKLM\...\Run: [skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-08-25] (Realtek Semiconductor Corp.)HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupHKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated)HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonHKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [767312 2009-09-03] (CANON INC.)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-03-15] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3054136 2009-09-10] (ASUS)HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)HKLM-x32\...\Run: [PowerForPhone] - C:\Program Files (x86)\P4P\P4P.exe [778240 2008-01-25] ()HKLM-x32\...\Run: [updateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)HKLM-x32\...\Run: [updateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)HKLM-x32\...\Run: [Turbo Gear Help] - C:\Program Files\ASUS\Turbo Gear\GearHelp.exe [1026048 2009-08-05] ()HKLM-x32\...\Run: [Turbo Gear] - C:\Program Files\ASUS\Turbo Gear\TurboGear.exe [2987520 2009-08-05] ()HKLM-x32\...\Run: [ADSMTray] - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [DirectConsole2] - C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe [2861696 2009-08-11] (ASUSTek.)HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [141608 2010-07-16] (Apple Inc.)HKLM-x32\...\Run: [iJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-15] (CANON INC.)HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [bYR_AGENT] - C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe [396416 2012-09-12] (LG Electronics)HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2404376 2013-10-02] ()HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)HKU\Mcx1\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [163328 2010-11-20] (Microsoft Corporation)HKU\Mcx1\...\Run: [spybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)HKU\Mcx1\...\Run: [sUPERAntiSpyware] - C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [2424192 2013-08-03] (SUPERAntiSpyware.com)HKU\Mcx1\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-02] (AVG Secure Search)HKU\Mcx1\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-07] (AVG Secure Search)HKU\Mcx1\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)HKU\Mcx1\...\RunOnce: [DPAPIKeyMig] - C:\Windows\System32\dpapimig.exe [74752 2009-07-13] (Microsoft Corporation)HKU\Mcx1\...\RunOnce: [avg_spchecker] - "C:\Program Files (x86)\AVG\AVG9\Notification\SPChecker1.exe" /startHKU\Nate\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [163328 2010-11-20] (Microsoft Corporation)HKU\Nate\...\Run: [spybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)HKU\Nate\...\Run: [PeerBlock] - C:\Program Files\PeerBlock\peerblock.exe [2101848 2009-09-27] (PeerBlock, LLC)HKU\Nate\...\Run: [Akamai NetSession Interface] - C:\Users\Nate\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-04] (Akamai Technologies, Inc.)Startup: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnkShortcutTarget: 3rd7t7lc.lnk -> C:\PROGRA~3\cl7t7dr3.dss ()BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart==================== Services (Whitelisted) =================S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)S2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)S2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search)S2 WBVGAservice; C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [72248 2009-02-06] ()S2 Winmgmt; C:\PROGRA~3\3rd7t7lc.pss [61544 2013-10-22] (Microsoft Corporation)S4 msvsmon90; "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe" /service msvsmon90 [x]==================== Drivers (Whitelisted) ====================S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-10] (AVG Technologies CZ, s.r.o.)S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)S3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12672 2007-08-02] (Razer (Asia-Pacific) Pte Ltd)S1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2009-07-22] (ASUSTeK Computer Inc.)S2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-02] ()S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [19544 2009-09-27] ()S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-04-01] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S3 SASENUM; C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [12872 2010-04-01] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [67656 2010-06-29] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-13] (LG Electronics Inc.)S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-13] (LG Electronics Inc.)S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-13] (LG Electronics Inc.)S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)S3 catchme; \??\C:\ComboFix\catchme.sys [x]S1 EIO_XP; \??\C:\Windows\system32\drivers\EIO64_XP.sys [x]S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-10-27 21:20 - 2013-10-27 21:20 - 00000000 ____D C:\FRST2013-10-22 19:13 - 2013-10-23 21:31 - 95025368 ____T C:\ProgramData\3rd7t7lc.bxx2013-10-22 19:13 - 2013-10-23 21:30 - 00000000 _____ C:\ProgramData\3rd7t7lc.fvv2013-10-22 19:13 - 2013-10-22 19:13 - 00128512 _____ C:\ProgramData\cl7t7dr3.dss2013-10-22 19:13 - 2013-10-22 19:13 - 00061544 ____T (Microsoft Corporation) C:\ProgramData\3rd7t7lc.pss2013-10-12 12:10 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-10-12 12:10 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-10-12 12:10 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-10-12 12:10 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-10-12 12:10 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-10-12 12:10 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-10-12 12:10 - 2013-09-22 15:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-10-12 12:10 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-10-12 12:10 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-10-12 12:10 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2013-10-12 12:10 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-10-12 12:10 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-10-12 12:10 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-10-12 12:10 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-10-12 12:10 - 2013-09-22 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll2013-10-12 12:10 - 2013-09-20 19:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-10-12 12:10 - 2013-09-20 19:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-10-12 12:10 - 2013-09-20 18:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2013-10-12 12:10 - 2013-09-20 18:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\7747f7abe698b5e08ec29a8332396ca82013-10-10 14:54 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys2013-10-10 14:54 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys2013-10-10 14:54 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll2013-10-10 14:54 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2013-10-10 14:54 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe2013-10-10 14:54 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll2013-10-10 14:54 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll2013-10-10 14:54 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll2013-10-10 14:54 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll2013-10-10 14:54 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-10-10 14:54 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-10-10 14:54 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-10-10 14:54 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2013-10-10 14:54 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-10-10 14:54 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2013-10-10 14:54 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-10-10 14:54 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-10-10 14:54 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-10-10 14:54 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-10-10 14:54 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys2013-10-10 14:54 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-10-10 14:54 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-10-10 14:54 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys2013-10-10 14:54 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys2013-10-10 14:54 - 2013-07-12 02:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys2013-10-10 14:54 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll2013-10-10 14:54 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll2013-10-10 14:54 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll2013-10-10 14:54 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-10-10 14:54 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-10-10 14:54 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-10-10 14:54 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys2013-10-10 14:54 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys2013-10-10 14:54 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys2013-10-10 14:54 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys2013-10-10 14:54 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll2013-10-10 14:54 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll2013-10-10 14:54 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll2013-10-10 14:54 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll2013-10-10 14:54 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2013-10-10 14:54 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2013-10-10 14:54 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2013-10-10 14:54 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll2013-10-10 14:54 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-10-10 14:54 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-10-10 14:53 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll2013-10-10 14:53 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys==================== One Month Modified Files and Folders =======2013-10-27 21:20 - 2013-10-27 21:20 - 00000000 ____D C:\FRST2013-10-27 17:16 - 2011-04-14 19:42 - 01791194 _____ C:\Windows\setupact.log2013-10-27 17:16 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-10-24 19:13 - 2010-02-11 20:11 - 02082048 _____ C:\Windows\WindowsUpdate.log2013-10-24 19:13 - 2010-02-11 19:00 - 00011104 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-10-24 19:13 - 2010-02-11 19:00 - 00011104 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-10-24 19:12 - 2012-08-21 20:53 - 00000000 ____D C:\Windows\System32\Drivers\AVG2013-10-23 21:31 - 2013-10-22 19:13 - 95025368 ____T C:\ProgramData\3rd7t7lc.bxx2013-10-23 21:31 - 2010-03-15 23:22 - 00000000 ____D C:\Program Files\PeerBlock2013-10-23 21:30 - 2013-10-22 19:13 - 00000000 _____ C:\ProgramData\3rd7t7lc.fvv2013-10-23 21:30 - 2010-11-05 06:43 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-10-23 21:29 - 2013-06-07 17:02 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job2013-10-23 21:29 - 2013-06-02 12:06 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job2013-10-22 19:13 - 2013-10-22 19:13 - 00128512 _____ C:\ProgramData\cl7t7dr3.dss2013-10-22 19:13 - 2013-10-22 19:13 - 00061544 ____T (Microsoft Corporation) C:\ProgramData\3rd7t7lc.pss2013-10-22 18:47 - 2010-11-05 06:43 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-10-22 18:33 - 2012-07-10 16:43 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-10-22 15:06 - 2010-02-11 20:21 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{729F353F-406B-4D5D-B26D-C4D40B962884}2013-10-14 13:42 - 2010-11-05 06:43 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-10-14 13:41 - 2010-11-05 06:43 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-10-13 10:44 - 2010-03-23 16:50 - 00000000 ____D C:\Users\Nate\AppData\Roaming\vlc2013-10-12 22:51 - 2009-10-02 02:03 - 00000000 ____D C:\Users\Nate\AppData\Roaming\uTorrent2013-10-12 22:50 - 2009-07-13 21:13 - 00850430 _____ C:\Windows\System32\PerfStringBackup.INI2013-10-12 22:44 - 2013-03-14 07:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-12 22:44 - 2013-03-14 07:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2013-10-12 22:44 - 2009-07-13 20:45 - 00503640 _____ C:\Windows\System32\FNTCACHE.DAT2013-10-12 14:31 - 2008-09-19 03:18 - 00000000 ____D C:\ProgramData\Microsoft Help2013-10-12 12:05 - 2010-06-01 14:18 - 00844646 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-10-12 11:49 - 2013-07-25 23:01 - 00000000 ____D C:\Windows\System32\MRT2013-10-12 11:42 - 2010-04-11 09:30 - 80541720 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-10-11 15:33 - 2010-12-26 14:22 - 00000000 ____D C:\Windows\rescache2013-10-11 15:33 - 2010-02-11 19:17 - 00000000 ____D C:\users\Mcx12013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\7747f7abe698b5e08ec29a8332396ca82013-10-10 14:39 - 2012-07-10 16:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-10-10 14:39 - 2012-07-10 16:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-10-10 14:39 - 2011-09-18 13:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-10-02 02:10 - 2012-08-21 20:54 - 00046368 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys2013-10-02 02:10 - 2012-08-21 20:54 - 00000000 ____D C:\Program Files (x86)\AVG Secure SearchFiles to move or delete:====================C:\ProgramData\cl7t7dr3.dssSome content of TEMP:====================C:\Users\Nate\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\Nate\AppData\Local\Temp\~tmf2863949050340457556.dll==================== Known DLLs (Whitelisted) ==================================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points ============================================= Memory info ===========================Percentage of memory in use: 12%Total physical RAM: 6143.04 MBAvailable physical RAM: 5404.48 MBTotal Pagefile: 6141.18 MBAvailable Pagefile: 5407.05 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.88 MB==================== Drives ================================Drive c: (VistaOS) (Fixed) (Total:453.07 GB) (Free:8.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive e: () (Removable) (Total:1.88 GB) (Free:0.59 GB) FATDrive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 97646C29)Partition 1: (Not Active) - (Size=13 GB) - (Type=1C)Partition 2: (Active) - (Size=453 GB) - (Type=07 NTFS)========================================================Disk: 1 (Size: 2 GB) (Disk ID: 6F20736B)No partition Table on disk 1.Disk 1 is a removable device.LastRegBack: 2013-10-21 13:38==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Psychotic Posted October 28, 2013 ID:747282 Share Posted October 28, 2013 Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding. Fix with FRST (Recovery Environment) Open notepad (Start =>All Programs => Accessories => Notepad).Please copy the entire contents of the code box below.(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txtStartup: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnkShortcutTarget: 3rd7t7lc.lnk -> C:\PROGRA~3\cl7t7dr3.dss ()S2 Winmgmt; C:\PROGRA~3\3rd7t7lc.pss [61544 2013-10-22] (Microsoft Corporation)C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnkC:\ProgramData\3rd7t7lc.bxxC:\ProgramData\3rd7t7lc.fvvC:\ProgramData\cl7t7dr3.dssC:\ProgramData\3rd7t7lc.pssNOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemNow please enter System Recovery Options again. Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply. Then boot into windows. Full System Scan with Malwarebytes Antimalware If not existing, please download Malwarebytes' Anti-Malware to your desktop.Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If the program is already installed:Run Malwarebytes AntimalwareIf an update is found, it will download and install the latest version.Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Be sure that everything is checked, and click Remove Selected.When completed, a log will open in Notepad. Please save it to a convenient location.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txtPost that log back here. Link to post Share on other sites More sharing options...
azazz Posted October 30, 2013 Author ID:748010 Share Posted October 30, 2013 Thank you so much for helping! Here are the logs. First, Fixliog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2013 01Ran by SYSTEM at 2013-10-29 18:27:17 Run:1Running from E:\Boot Mode: Recovery============================================== Content of fixlist:*****************Startup: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnkShortcutTarget: 3rd7t7lc.lnk -> C:\PROGRA~3\cl7t7dr3.dss () S2 Winmgmt; C:\PROGRA~3\3rd7t7lc.pss [61544 2013-10-22] (Microsoft Corporation) C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnkC:\ProgramData\3rd7t7lc.bxxC:\ProgramData\3rd7t7lc.fvvC:\ProgramData\cl7t7dr3.dssC:\ProgramData\3rd7t7lc.pss***************** C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnk => Moved successfully.C:\PROGRA~3\cl7t7dr3.dss => Moved successfully.Winmgmt => Service restored successfully."C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3rd7t7lc.lnk" => File/Directory not found.C:\ProgramData\3rd7t7lc.bxx => Moved successfully.C:\ProgramData\3rd7t7lc.fvv => Moved successfully."C:\ProgramData\cl7t7dr3.dss" => File/Directory not found.C:\ProgramData\3rd7t7lc.pss => Moved successfully. ==== End of Fixlog ==== ----------------------------------------------------------------------------------------------------------------------------------------------- Now, Malwarebytes log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.03.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Nate :: NATE-PC [administrator] 10/29/2013 6:34:05 PMmbam-log-2013-10-29 (18-34-05).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 712930Time elapsed: 5 hour(s), 25 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) Link to post Share on other sites More sharing options...
Psychotic Posted October 30, 2013 ID:748040 Share Posted October 30, 2013 Scan with Malwarebytes Anti-RootkitPlease download Malwarebytes Anti-Rootkit from here Malwarebytes : Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.Double click the mbar.zip file to open it, then 'Extract all files'. Double click the mbar folder to open it, then double click mbar.exe to start the tool.Check for Updates, then Scan your system for malwareIf malware is found, do NOT press the Cleanup button yet. Click EXIT.I'd like to see the log first so I can see what it sees. You'll find the log in that mbar folder as MBAR-log-[date and time]***.txt . Please attach that to your next reply. Scan with Farbar´s Service ScannerPlease download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet Services Windows Firewall System Restore Security Center Windows Update Windows Defender [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply. Scan with ESET Online ScanPlease go to here to run the online scannner from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is unticked Click on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth Technology[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
azazz Posted October 31, 2013 Author ID:748352 Share Posted October 31, 2013 1) mbar-log-2013-10-30 (17-12-09).txt Malwarebytes Anti-Rootkit BETA 1.07.0.1007www.malwarebytes.orgDatabase version: v2013.10.30.07Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721Nate :: NATE-PC [administrator]10/30/2013 5:12:09 PMmbar-log-2013-10-30 (17-12-09).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled:Objects scanned: 371510Time elapsed: 59 minute(s), 41 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end) 2) FSS.txt Farbar Service Scanner Version: 24-10-2013Ran by Nate (administrator) on 30-10-2013 at 18:27:37Running from "C:\Users\Nate\Desktop"Microsoft Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible.Windows Firewall:=============Firewall Disabled Policy:==================System Restore:============System Restore Disabled Policy:========================Action Center:============Windows Update:============Windows Autoupdate Disabled Policy:============================Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK.The ServiceDll of WinDefend service is OK.Windows Defender Disabled Policy:==========================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]"DisableAntiSpyware"=DWORD:1Other Services:==============File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys[2013-10-10 18:54] - [2013-09-13 21:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A65C:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys[2013-10-10 18:54] - [2013-09-07 22:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51C:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll => MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll => MD5 is legitC:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit**** End of log **** 3) ESET.txt C:\FRST\Quarantine\3rd7t7lc.pss Win64/Disabler.A trojanC:\FRST\Quarantine\cl7t7dr3.dss a variant of Win32/Kryptik.BNGP trojanC:\Qoobox\Quarantine\C\Users\Nate\AppData\Local\ASUS\Apple\mjbwc.dll.vir a variant of Win32/Kryptik.AKPW trojanC:\Users\Nate\AppData\LocalLow\oovootoolbar\oovootoolbar.dll a variant of Win32/Toolbar.Visicom.A applicationC:\Users\Nate\AppData\LocalLow\oovootoolbar\oovootoolbarX.dll a variant of Win32/Toolbar.Visicom.B applicationC:\Users\Nate\Documents\My Games\Mount&Blade\mount&blade-uniloader.exe probably a variant of Win32/HackTool.Patcher.N applicationC:\Users\Nate\Documents\SCH 10-11\Spring\CIT173\Adobe dreamweaver cs5 v11 keygen+patch - ECLiPSE.HD\Adobe Dreamweaver CS5 [Win]-[CyberPiraten]\Activation Blocker.cmd BAT/HostsChanger.A applicationC:\Users\Nate\Downloads\flstudio_10.0_online.exe Win32/OpenCandy applicationC:\Users\Nate\Downloads\SetupGamevance.exe.part a variant of Win32/Adware.Gamevance.AR application Link to post Share on other sites More sharing options...
Psychotic Posted October 31, 2013 ID:748414 Share Posted October 31, 2013 Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machineHaving said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up. Link to post Share on other sites More sharing options...
azazz Posted October 31, 2013 Author ID:748450 Share Posted October 31, 2013 I understand and I apologize for not reading the rules ahead of time. And thank you again for your help, considering.After I remove any such software, what is the next step? Link to post Share on other sites More sharing options...
Psychotic Posted October 31, 2013 ID:748451 Share Posted October 31, 2013 Fix with FRST (normal mode)Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.C:\Users\Nate\AppData\LocalLow\oovootoolbarC:\Users\Nate\Documents\My Games\Mount&Blade\mount&blade-uniloader.exeC:\Users\Nate\Documents\SCH 10-11\Spring\CIT173\Adobe dreamweaver cs5 v11 keygen+patch - ECLiPSE.HDC:\Users\Nate\Downloads\flstudio_10.0_online.exeC:\Users\Nate\Downloads\SetupGamevance.exe.partNOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait. The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply. Then we can do the cleanup - if you are facing any issues, report that immediately.Delete junk with adwCleanerPlease download AdwCleaner to your desktop.Run adwcleaner.exe Hit Scan and wait for the scan to finish. Confirm the message but don´t uncheck anything. Hit Clean When the run is finished, it will open up a text file Please post its contents within your next reply You´ll find the log file at C:\AdwCleaner[s1].txt alsoSecurityCheckPlease download SecurityCheck: LINK1 LINK2 Save it to your desktop, start it and follow the instructions in the window. After the scan finished the (checkup.txt) will open. Copy its content to your thread. Link to post Share on other sites More sharing options...
azazz Posted October 31, 2013 Author ID:748628 Share Posted October 31, 2013 Am I running FRST before I remove the software or after? Link to post Share on other sites More sharing options...
azazz Posted November 1, 2013 Author ID:748770 Share Posted November 1, 2013 Files have been removed. Here are the logs: 1) Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2013 01Ran by Nate at 2013-11-01 01:34:14 Run:2Running from H:\Boot Mode: Normal==============================================Content of fixlist:*****************C:\Users\Nate\AppData\LocalLow\oovootoolbarC:\Users\Nate\Documents\My Games\Mount&Blade\mount&blade-uniloader.exeC:\Users\Nate\Documents\SCH 10-11\Spring\CIT173\Adobe dreamweaver cs5 v11 keygen+patch - ECLiPSE.HDC:\Users\Nate\Downloads\flstudio_10.0_online.exeC:\Users\Nate\Downloads\SetupGamevance.exe.part*****************C:\Users\Nate\AppData\LocalLow\oovootoolbar => Moved successfully."C:\Users\Nate\Documents\My Games\Mount&Blade\mount&blade-uniloader.exe" => File/Directory not found.C:\Users\Nate\Documents\SCH 10-11\Spring\CIT173\Adobe dreamweaver cs5 v11 keygen+patch - ECLiPSE.HD => Moved successfully.C:\Users\Nate\Downloads\flstudio_10.0_online.exe => Moved successfully.C:\Users\Nate\Downloads\SetupGamevance.exe.part => Moved successfully.==== End of Fixlog ==== 2) AdwCleaner[R0].txt # AdwCleaner v3.010 - Report created 01/11/2013 at 01:36:35# Updated 20/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Nate - NATE-PC# Running from : C:\Users\Nate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EH286EAA\adwcleaner.exe# Option : Scan***** [ Services ] *****Service Found : Partner ServiceService Found : vToolbarUpdater17.0.12***** [ Files / Folders ] *****File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xmlFolder Found : C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFolder Found : C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\Extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}Folder Found C:\Program Files (x86)\AVG Secure SearchFolder Found C:\Program Files (x86)\Celebrity ToolbarFolder Found C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TBFolder Found C:\ProgramData\AVG Secure SearchFolder Found C:\ProgramData\PartnerFolder Found C:\Users\Nate\AppData\Local\AVG Secure SearchFolder Found C:\Users\Nate\AppData\LocalLow\AVG Secure SearchFolder Found C:\Users\Nate\AppData\LocalLow\AVG Security ToolbarFolder Found C:\Users\Nate\AppData\LocalLow\Toolbar4Folder Found C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\oovootoolbar***** [ Shortcuts ] ********** [ Registry ] *****Key Found : HKCU\Software\AppDataLow\Software\AVG Security ToolbarKey Found : HKCU\Software\AVG Secure SearchKey Found : HKCU\Software\AVG Security ToolbarKey Found : HKCU\Software\IGearSettingsKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Found : HKCU\Software\Somoto ToolbarKey Found : HKCU\Software\YahooPartnerToolbarKey Found : [x64] HKCU\Software\AVG Secure SearchKey Found : [x64] HKCU\Software\AVG Security ToolbarKey Found : [x64] HKCU\Software\IGearSettingsKey Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Found : [x64] HKCU\Software\Somoto ToolbarKey Found : [x64] HKCU\Software\YahooPartnerToolbarKey Found : HKLM\Software\AVG Secure SearchKey Found : HKLM\Software\AVG Security ToolbarKey Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Found : HKLM\SOFTWARE\Classes\SKey Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbarKey Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManagerKey Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManagerKey Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequestKey Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTaskKey Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelperKey Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifierKey Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImplKey Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Found : HKLM\Software\DeviceVMKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Found : [x64] HKLM\SOFTWARE\DeviceVMKey Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16720-\\ Mozilla Firefox v19.0.2 (en-US)[ File : C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\prefs.js ]Line Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");-\\ Google Chrome v30.0.1599.101[ File : C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [14350 octets] - [01/11/2013 01:36:35]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14411 octets] ########## 3) AdwCleaner[s0].txt # AdwCleaner v3.010 - Report created 01/11/2013 at 01:41:02# Updated 20/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Nate - NATE-PC# Running from : C:\Users\Nate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EH286EAA\adwcleaner.exe# Option : Clean***** [ Services ] *****[#] Service Deleted : Partner ServiceService Deleted : vToolbarUpdater17.0.12***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\ProgramData\PartnerFolder Deleted : C:\Program Files (x86)\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\Celebrity ToolbarFolder Deleted : C:\Program Files (x86)\Common Files\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TBFolder Deleted : C:\Users\Nate\AppData\Local\AVG Secure SearchFolder Deleted : C:\Users\Nate\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\Nate\AppData\LocalLow\AVG Security ToolbarFolder Deleted : C:\Users\Nate\AppData\LocalLow\Toolbar4Folder Deleted : C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\oovootoolbarFolder Deleted : C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\Extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}Folder Deleted : C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml***** [ Shortcuts ] ********** [ Registry ] *****Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequestKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTaskKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelperKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifierKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImplKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbarKey Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\AVG Security ToolbarKey Deleted : HKCU\Software\IGearSettingsKey Deleted : HKCU\Software\Somoto ToolbarKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\Software\AVG Security ToolbarKey Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\Software\DeviceVMKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure SearchKey Deleted : [x64] HKLM\SOFTWARE\DeviceVM***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16720-\\ Mozilla Firefox v19.0.2 (en-US)[ File : C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\8eorskm3.default\prefs.js ]Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");-\\ Google Chrome v30.0.1599.101[ File : C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [14608 octets] - [01/11/2013 01:36:35]AdwCleaner[s0].txt - [14315 octets] - [01/11/2013 01:41:02]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14376 octets] ########## 4) checkup.txt Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy SUPERAntiSpyware Free Edition Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 37 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox 19.0.2 Firefox out of Date! Google Chrome 30.0.1599.101 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe`````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
azazz Posted November 4, 2013 Author ID:749807 Share Posted November 4, 2013 Am I not receiving help anymore?? Link to post Share on other sites More sharing options...
Psychotic Posted November 4, 2013 ID:749815 Share Posted November 4, 2013 Sure, but I have my first day at my new company today. Your system is clean now! Java runtime Environment out of dateYour Java runtime environment is outdated. We will fix this. Get the actual JRE from here Save jxpiinstall.exe to your desktop Close all running programs, especially your browser(s) Run jxpiinstall.exe. This will download the newest JRE installer and install the software when finished, go toStart-->control panel-->add/remove programs and remove all older Java versions. (if existing) When finished, reboot your computer.After the reboot Open control panel again and click the java symbol. Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears. Click Delete Files.The Delete Temporary Files dialog box appearsClick OK on Delete Temporary Files window.Click OK again. Mozilla Firefox out of dateYour Firefox browser is outdated. Please follow these instructions to update it:Get the actual firefox from here. Run setup and follow the instructions on your monitor. Report any problems you have with the update. Uninstall our tools using delfixPlease follow these steps in order: In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed. In any case please download delfix to your desktop. Close all other programms and start delfix. Please check all the boxes and run the tool. delfix will now delete all found traces of our removal process [*] If there is still something left please delete it manualy. How to protect yourself System UpdatesBeeing up to date is very important. Please be sure to activate automatic updates in your control panel. Windows XP | Windows Vista | Windows 7 | windows 8 ProtectionWhat you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software. Up to date SoftwareStay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check: Secunia Online Software Inspector - Checks if your software has updates available. Filehippo Update Checkere - This tool also scans your computer for outdated software. Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins in your Firefox browser. [*] BackupsThere are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice. [*] BrainsIt's no joke! You really need one of those things. It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want. Link to post Share on other sites More sharing options...
azazz Posted November 6, 2013 Author ID:750777 Share Posted November 6, 2013 Thank you! I really appreciate all your help. I hope things go well at your new company! Link to post Share on other sites More sharing options...
Psychotic Posted November 7, 2013 ID:750953 Share Posted November 7, 2013 You´re welcome! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted November 11, 2013 Root Admin ID:752221 Share Posted November 11, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts