Jump to content

Can't remove Browser Defender


Recommended Posts

Welcome to the forum, please follow this procedure:

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

MrCharlie,

 

Thank you!  Here is the results of the Report button.  Not sure what 'System Store' is.   Should I keep it?  Google search seems inconclusive.

 

thanks,

 

df

 

***********************************************************************************

 

# AdwCleaner v3.010 - Report created 29/10/2013 at 12:19:57

# Updated 20/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : David - BENDER-PC

# Running from : C:\Users\David\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

Service Found : BrowserDefendert

Service Found : SystemStoreService

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\Windows\System32\Tasks\BrowserDefendert

File Found : C:\Windows\System32\Tasks\DSite

File Found : C:\Windows\System32\Tasks\Software Updater

File Found : C:\Windows\System32\Tasks\Software Updater Ui

File Found : C:\Windows\Tasks\DSite.job

Folder Found C:\Program Files (x86)\Ask.com

Folder Found C:\Program Files (x86)\SoftwareUpdater

Folder Found C:\ProgramData\Babylon

Folder Found C:\Users\David\AppData\Local\Temp\TempDir

Folder Found C:\Users\David\AppData\Roaming\DSite

Folder Found C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender

Folder Found C:\Users\Duncan\AppData\Local\Temp\TempDir

Folder Found C:\Users\Duncan\AppData\LocalLow\Delta

Folder Found C:\Users\Duncan\AppData\Roaming\strongvault

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\5b6ded9b43cec41

Key Found : HKCU\Software\a55888ab33ee944

Key Found : HKCU\Software\BabSolution

Key Found : HKCU\Software\Ciuvo

Key Found : HKCU\Software\Delta

Key Found : HKCU\Software\dsiteproducts

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKCU\Software\BabSolution

Key Found : [x64] HKCU\Software\Ciuvo

Key Found : [x64] HKCU\Software\Delta

Key Found : [x64] HKCU\Software\dsiteproducts

Key Found : HKLM\SOFTWARE\5b6ded9b43cec41

Key Found : HKLM\SOFTWARE\a55888ab33ee944

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\Software\Delta

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16720

 

 

-\\ Google Chrome v30.0.1599.101

 

[ File : C:\Users\Duncan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\BENDER-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [10040 octets] - [29/10/2013 12:19:57]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10101 octets] ##########
Link to post
Share on other sites

# AdwCleaner v3.010 - Report created 29/10/2013 at 12:41:05

# Updated 20/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : David - BENDER-PC

# Running from : C:\Users\David\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : BrowserDefendert

[#] Service Deleted : SystemStoreService

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\Program Files (x86)\Ask.com

Folder Deleted : C:\Program Files (x86)\SoftwareUpdater

Folder Deleted : C:\Users\Duncan\AppData\Local\Temp\TempDir

Folder Deleted : C:\Users\Duncan\AppData\LocalLow\Delta

Folder Deleted : C:\Users\Duncan\AppData\Roaming\strongvault

Folder Deleted : C:\Users\David\AppData\Local\Temp\TempDir

Folder Deleted : C:\Users\David\AppData\Roaming\DSite

Folder Deleted : C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender

File Deleted : C:\END

File Deleted : C:\Windows\System32\Tasks\BrowserDefendert

File Deleted : C:\Windows\Tasks\DSite.job

File Deleted : C:\Windows\System32\Tasks\DSite

File Deleted : C:\Windows\System32\Tasks\Software Updater Ui

File Deleted : C:\Windows\System32\Tasks\Software Updater

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Deleted : HKCU\Software\5b6ded9b43cec41

Key Deleted : HKCU\Software\a55888ab33ee944

Key Deleted : HKLM\SOFTWARE\5b6ded9b43cec41

Key Deleted : HKLM\SOFTWARE\a55888ab33ee944

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Ciuvo

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\dsiteproducts

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16720

 

 

-\\ Google Chrome v30.0.1599.101

 

[ File : C:\Users\Duncan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\BENDER-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

thank you!  Here are the results from the log file after reboot.

 

***********************************************************************************************************

 

 

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [10366 octets] - [29/10/2013 12:19:57]

AdwCleaner[s0].txt - [10208 octets] - [29/10/2013 12:41:05]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10269 octets] ##########
Link to post
Share on other sites

Did you run MB:

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.10.29.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

David :: BENDER-PC [administrator]

 

10/29/2013 2:04:40 PM

mbam-log-2013-10-29 (14-03-42).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 449952

Time elapsed: 14 minute(s), 51 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Users\David\Downloads\CodecPackage.exe (PUP.Optional.JumpyApps) -> No action taken.

 

(end)

 

AFTER REMOVE SELECTED RUN

 


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.10.29.08

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

David :: BENDER-PC [administrator]

 

10/29/2013 2:04:40 PM

mbam-log-2013-10-29 (14-04-40).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 449952

Time elapsed: 14 minute(s), 51 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Users\David\Downloads\CodecPackage.exe (PUP.Optional.JumpyApps) -> Quarantined and deleted successfully.

 

(end)

 

Link to post
Share on other sites

Well, the good news is that Browser Defender has been removed from my Control Panel "Remove/Install Programs" list of programs.

 

There are still a few websites that seem to generate pop-up ads no matter where I click on the website.  Usually, I click on the scroll bars and avoid ads.  But about one time out of ten, no matter where I click, a pop-under screen generates.  It can be closed with a right-click close on the icon tray.

 

Weird, really.  Has anybody, in the history of the internet, every been so enticed by a pop-up ad that they click on it and then buy something from the advertiser?

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013

Ran by David (administrator) on BENDER-PC on 01-11-2013 14:00:33

Running from C:\Users\David\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

() C:\Windows\SysWOW64\XSrvSetup.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe

() C:\Program Files (x86)\Cisco Systems\VPN Client\ipseclog.exe

(Microsoft Corporation) C:\Windows\system32\mstsc.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKCU\...\Run: [3DFE07AAA0B32A309ED9547B543D5CA16227B004._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-08] (Google Inc.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)

HKU\Duncan\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-14] ()

HKU\Duncan\...\Run: [skyDrive] - C:\Users\Duncan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-25] (Microsoft Corporation)

HKU\Duncan\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

HKU\Mcx1-BENDER-PC\...\Run: [Google Update] - "C:\Users\Bender\AppData\Local\Google\Update\GoogleUpdate.exe" /c

HKU\Mcx1-BENDER-PC\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe

HKU\Mcx1-BENDER-PC\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)

HKU\Mcx1-BENDER-PC\...\Run: [iSUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)

HKU\Mcx1-BENDER-PC\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-14] ()

HKU\Mcx1-BENDER-PC\...\Run: [skyDrive] - C:\Users\Duncan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-25] (Microsoft Corporation)

HKU\Mcx1-BENDER-PC\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

HKU\Mcx1-BENDER-PC\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) <==== ATTENTION 

HKU\Mcx2-BENDER-PC\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-14] ()

HKU\Mcx2-BENDER-PC\...\Run: [skyDrive] - C:\Users\Duncan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-25] (Microsoft Corporation)

HKU\Mcx2-BENDER-PC\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

HKU\Mcx2-BENDER-PC\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) <==== ATTENTION 

HKU\Mcx3-BENDER-PC\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-14] ()

HKU\Mcx3-BENDER-PC\...\Run: [skyDrive] - C:\Users\Duncan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-25] (Microsoft Corporation)

HKU\Mcx3-BENDER-PC\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

HKU\Mcx3-BENDER-PC\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) <==== ATTENTION 

AppInit_DLLs-x32: browse~1\261519~1.190\{c16c1~1\browse~1.dll [ ] ()

Lsa: [Authentication Packages] msv1_0 relog_ap

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD83FC8B02D31CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Users\David\AppData\Roaming\LastPass\LPToolbar_x64.dll (LastPass)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Users\David\AppData\Roaming\LastPass\LPToolbar.dll (LastPass)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\David\AppData\Roaming\LastPass\LPToolbar_x64.dll (LastPass)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\David\AppData\Roaming\LastPass\LPToolbar.dll (LastPass)

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{DC2353D3-6704-42D8-A4F3-E917F84B655E}: [NameServer]10.0.31.20

 

Chrome: 

=======



CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Unity Player) - C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (NPLastPass) - C:\Users\David\AppData\Roaming\LastPass\nplastpass.dll (LastPass)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1

CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1

CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1

CHR Extension: (Chrome In-App Payments service) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

CHR Extension: (Picky Wallpapers) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_0

CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2

CHR HKLM\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\David\AppData\Local\RealSummerSale.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR HKLM-x32\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\David\AppData\Local\RealSummerSale.crx

 

==================== Services (Whitelisted) =================

 

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()

R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-18] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-09-19] (NVIDIA Corporation)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation)

R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

R3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2746624 2010-07-14] (Hewlett-Packard)

S3 etdrv; C:\Windows\etdrv.sys [25640 2013-08-03] (Windows ® Server 2003 DDK provider)

R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-01] (Windows ® Server 2003 DDK provider)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-10-28] ()

R3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [912896 2010-09-20] (Hauppauge Computer Works, Inc)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)

S3 SaiK0CCC; C:\Windows\System32\DRIVERS\SaiK0CCC.sys [171016 2010-08-10] (Saitek)

R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24640 2011-08-11] (Saitek)

R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52160 2011-08-11] (Saitek)

S3 SaiU0CCC; C:\Windows\System32\DRIVERS\SaiU0CCC.sys [41096 2010-04-29] (Saitek)

S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)

R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)

R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-11-01 14:00 - 2013-11-01 14:00 - 01957098 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe

2013-11-01 14:00 - 2013-11-01 14:00 - 00000000 ____D C:\FRST

2013-11-01 00:39 - 2013-11-01 00:39 - 00032475 _____ C:\Users\David\Downloads\Attachments_2013111.zip

2013-10-29 12:19 - 2013-10-29 12:41 - 00000000 ____D C:\AdwCleaner

2013-10-29 12:18 - 2013-10-29 12:18 - 01060070 _____ C:\Users\David\Desktop\AdwCleaner.exe

2013-10-28 17:48 - 2013-10-28 17:48 - 00688992 ____R (Swearware) C:\Users\David\Downloads\dds.scr

2013-10-28 17:39 - 2013-10-28 17:40 - 04012032 _____ C:\Users\David\Desktop\RogueKillerX64.exe

2013-10-28 17:17 - 2013-10-28 17:17 - 00000000 ____D C:\Windows\pss

2013-10-24 15:35 - 2013-10-24 15:36 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-24 15:35 - 2013-10-24 15:36 - 00000000 ____D C:\Program Files\iTunes

2013-10-24 15:35 - 2013-10-24 15:36 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-24 15:35 - 2013-10-24 15:35 - 00000000 ____D C:\Program Files\iPod

2013-10-22 21:22 - 2013-10-22 21:22 - 00000000 _____ C:\Users\David\Sti_Trace.log

2013-10-21 18:38 - 2013-10-21 18:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2013-10-21 18:35 - 2013-10-21 18:35 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini

2013-10-21 18:35 - 2013-06-25 21:54 - 00003226 _____ C:\Users\UpdatusUser\AppData\Local\installer.log

2013-10-21 18:35 - 2013-06-25 21:53 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Eastman_Kodak_Company

2013-10-21 18:35 - 2013-06-25 21:50 - 00800824 _____ (Microsoft Corporation) C:\Users\UpdatusUser\AppData\Roaming\DPInst.exe

2013-10-21 18:35 - 2013-06-25 21:50 - 00106496 _____ (Microsoft Corporation) C:\Users\UpdatusUser\AppData\Roaming\gacutil.exe

2013-10-21 18:35 - 2013-06-25 21:50 - 00036352 _____ (Microsoft Corporation) C:\Users\UpdatusUser\AppData\Roaming\PnPutil.exe

2013-10-21 18:35 - 2013-06-25 21:50 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\KODAK AiO Home Center1941010848

2013-10-21 18:35 - 2012-11-01 21:25 - 00000000 ____D C:\Users\UpdatusUser\AppData\LocalGoogle

2013-10-21 18:35 - 2012-11-01 21:25 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google

2013-10-21 18:35 - 2011-12-09 23:35 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia

2013-10-21 18:35 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-21 18:35 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-21 18:32 - 2013-10-15 20:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-21 18:32 - 2013-10-15 20:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-10-21 18:32 - 2013-10-15 20:48 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-10-21 18:32 - 2013-08-20 09:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-10-21 18:32 - 2013-08-20 09:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll

2013-10-21 18:32 - 2013-08-20 09:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-10-21 17:19 - 2013-10-21 17:20 - 209610296 _____ (NVIDIA Corporation) C:\Users\David\Downloads\331.58-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-10-20 21:02 - 2013-10-20 21:02 - 00000000 ____D C:\ProgramData\Oracle

2013-10-20 21:01 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-10-20 21:00 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-20 21:00 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-10-20 21:00 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-10-20 20:59 - 2013-10-20 21:00 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-10-17 00:42 - 2013-10-17 00:42 - 36004630 _____ C:\Users\David\Downloads\101413_DnD_Next_Public_Playtest.zip

2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-14 13:53 - 2013-10-14 13:53 - 00011471 ____H C:\Users\David\Desktop\~WRL3898.tmp

2013-10-13 15:09 - 2013-10-13 15:09 - 470548440 _____ C:\Windows\MEMORY.DMP

2013-10-13 15:09 - 2013-10-13 15:09 - 00540640 _____ C:\Windows\Minidump\101313-32463-01.dmp

2013-10-11 14:13 - 2013-10-11 14:13 - 00184597 _____ C:\Users\David\Downloads\hepmonaland.zip

2013-10-10 00:38 - 2013-09-22 19:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-10-10 00:38 - 2013-09-22 19:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-10-10 00:38 - 2013-09-22 19:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-10 00:38 - 2013-09-22 18:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-10-10 00:38 - 2013-09-22 18:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-10-10 00:38 - 2013-09-22 18:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-10 00:38 - 2013-09-22 18:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-10-10 00:38 - 2013-09-22 18:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-10 00:38 - 2013-09-20 23:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-10-10 00:38 - 2013-09-20 23:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-10-10 00:38 - 2013-09-20 22:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-10 00:38 - 2013-09-20 22:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-10 00:37 - 2013-09-22 19:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-10-09 21:54 - 2013-10-09 21:54 - 00000222 _____ C:\Users\David\Desktop\Kerbal Space Program.url

2013-10-09 16:49 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-10-09 16:49 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2013-10-09 16:48 - 2013-09-13 21:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-10-09 16:48 - 2013-09-07 22:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-10-09 16:48 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2013-10-09 16:48 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2013-10-09 16:48 - 2013-08-28 22:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-10-09 16:48 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-10-09 16:48 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2013-10-09 16:48 - 2013-08-28 22:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-10-09 16:48 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2013-10-09 16:48 - 2013-08-28 21:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-09 16:48 - 2013-08-28 21:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-09 16:48 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-10-09 16:48 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2013-10-09 16:48 - 2013-08-28 21:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-10-09 16:48 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2013-10-09 16:48 - 2013-08-28 20:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-10-09 16:48 - 2013-08-28 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-10-09 16:48 - 2013-08-28 20:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-10-09 16:48 - 2013-08-28 20:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-10-09 16:48 - 2013-08-27 21:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-10-09 16:48 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2013-10-09 16:48 - 2013-08-01 08:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-10-09 16:48 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 16:48 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 16:48 - 2013-07-12 06:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2013-10-09 16:48 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2013-10-09 16:48 - 2013-07-12 06:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys

2013-10-09 16:48 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2013-10-09 16:48 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2013-10-09 16:48 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2013-10-09 16:48 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2013-10-09 16:48 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2013-10-09 16:48 - 2013-07-03 00:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2013-10-09 16:48 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2013-10-09 16:48 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2013-10-09 16:48 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2013-10-09 16:48 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2013-10-09 16:48 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2013-10-09 16:48 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2013-10-09 16:48 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-10-09 16:48 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2013-10-09 16:48 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2013-10-09 16:48 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2013-10-09 16:48 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-10-09 16:48 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2013-10-09 16:48 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2013-10-06 13:58 - 2013-10-06 13:58 - 08420211 _____ (Macrovision Corporation) C:\Users\David\Downloads\20070813082717640_Samsung_USB_Driver_Installer.exe

2013-10-04 12:27 - 2013-10-04 12:27 - 00000000 ____D C:\Users\David\AppData\Roaming\TeamViewer

2013-10-02 17:13 - 2013-10-02 17:13 - 00003520 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Bender-PC-Administrator

 

==================== One Month Modified Files and Folders =======

 

2013-11-01 14:00 - 2013-11-01 14:00 - 01957098 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe

2013-11-01 14:00 - 2013-11-01 14:00 - 00000000 ____D C:\FRST

2013-11-01 13:54 - 2013-02-24 16:24 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype

2013-11-01 13:54 - 2010-01-19 22:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-01 13:34 - 2012-07-31 21:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-01 13:21 - 2013-06-21 21:58 - 00000000 ____D C:\Users\David\AppData\Roaming\Dropbox

2013-11-01 13:13 - 2009-12-05 18:02 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-234728039-4006066064-211093768-1000UA.job

2013-11-01 13:12 - 2009-12-05 18:34 - 01325059 _____ C:\Windows\WindowsUpdate.log

2013-11-01 09:54 - 2010-01-19 22:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-01 08:57 - 2013-02-22 22:56 - 00004978 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Bender-PC-David Bender-PC

2013-11-01 06:53 - 2013-02-22 20:16 - 00000000 ____D C:\Users\David\AppData\Local\Adobe

2013-11-01 06:52 - 2009-07-14 00:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-01 06:52 - 2009-07-14 00:45 - 00015360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-01 06:46 - 2013-06-21 22:01 - 00000000 ___RD C:\Users\David\Dropbox

2013-11-01 06:43 - 2013-07-20 15:23 - 00032879 _____ C:\Windows\setupact.log

2013-11-01 06:43 - 2013-02-23 00:52 - 00000000 ____D C:\ProgramData\Kodak

2013-11-01 06:43 - 2010-08-08 02:57 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys

2013-11-01 06:43 - 2009-12-14 21:51 - 00000000 ____D C:\ProgramData\NVIDIA

2013-11-01 06:43 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-11-01 00:39 - 2013-11-01 00:39 - 00032475 _____ C:\Users\David\Downloads\Attachments_2013111.zip

2013-10-31 23:06 - 2013-03-09 01:45 - 00000000 ____D C:\Program Files (x86)\StarCraft II

2013-10-31 22:13 - 2009-12-05 18:02 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-234728039-4006066064-211093768-1000Core.job

2013-10-31 21:42 - 2013-02-22 22:12 - 00000000 ____D C:\Program Files (x86)\Steam

2013-10-31 16:45 - 2013-02-22 20:20 - 00002282 ____H C:\Users\David\Documents\Default.rdp

2013-10-29 15:49 - 2013-02-22 20:16 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-10-29 14:27 - 2009-12-05 21:47 - 00178478 _____ C:\Windows\PFRO.log

2013-10-29 12:41 - 2013-10-29 12:19 - 00000000 ____D C:\AdwCleaner

2013-10-29 12:18 - 2013-10-29 12:18 - 01060070 _____ C:\Users\David\Desktop\AdwCleaner.exe

2013-10-29 09:02 - 2013-07-27 01:02 - 00000113 _____ C:\Users\David\AppData\Roaming\WB.CFG

2013-10-29 09:02 - 2013-07-04 19:02 - 00000006 _____ C:\Users\David\AppData\Roaming\WBPU-TTL.DAT

2013-10-28 17:48 - 2013-10-28 17:48 - 00688992 ____R (Swearware) C:\Users\David\Downloads\dds.scr

2013-10-28 17:40 - 2013-10-28 17:39 - 04012032 _____ C:\Users\David\Desktop\RogueKillerX64.exe

2013-10-28 17:17 - 2013-10-28 17:17 - 00000000 ____D C:\Windows\pss

2013-10-28 17:06 - 2013-02-23 01:26 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-10-28 17:03 - 2010-08-08 02:59 - 00030528 _____ C:\Windows\GVTDrv64.sys

2013-10-28 16:56 - 2013-05-21 21:51 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps

2013-10-25 10:15 - 2010-04-21 22:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-10-25 10:15 - 2010-04-21 22:41 - 00000000 ____D C:\ProgramData\Skype

2013-10-24 15:36 - 2013-10-24 15:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-24 15:36 - 2013-10-24 15:35 - 00000000 ____D C:\Program Files\iTunes

2013-10-24 15:36 - 2013-10-24 15:35 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-24 15:35 - 2013-10-24 15:35 - 00000000 ____D C:\Program Files\iPod

2013-10-24 12:59 - 2013-09-19 21:37 - 00000000 ____D C:\Users\David\Documents\Outlook Files

2013-10-23 11:34 - 2009-07-14 01:13 - 00007032 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-22 21:22 - 2013-10-22 21:22 - 00000000 _____ C:\Users\David\Sti_Trace.log

2013-10-22 21:22 - 2013-02-22 20:15 - 00000000 ____D C:\Users\David

2013-10-21 18:39 - 2010-07-13 23:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-10-21 18:39 - 2009-12-14 21:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-10-21 18:38 - 2013-10-21 18:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2013-10-21 18:38 - 2009-12-14 21:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-10-21 18:35 - 2013-10-21 18:35 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini

2013-10-21 17:20 - 2013-10-21 17:19 - 209610296 _____ (NVIDIA Corporation) C:\Users\David\Downloads\331.58-desktop-win8-win7-winvista-64bit-english-whql.exe

2013-10-20 21:02 - 2013-10-20 21:02 - 00000000 ____D C:\ProgramData\Oracle

2013-10-20 21:00 - 2013-10-20 20:59 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log

2013-10-20 21:00 - 2009-12-05 18:22 - 00000000 ____D C:\Program Files (x86)\Java

2013-10-17 00:42 - 2013-10-17 00:42 - 36004630 _____ C:\Users\David\Downloads\101413_DnD_Next_Public_Playtest.zip

2013-10-15 23:02 - 2011-02-04 23:54 - 00001945 _____ C:\Windows\epplauncher.mif

2013-10-15 23:01 - 2012-05-02 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-10-15 23:01 - 2011-02-04 23:53 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-10-15 20:48 - 2013-10-21 18:32 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-15 20:48 - 2013-10-21 18:32 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-10-15 20:48 - 2013-10-21 18:32 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-10-15 20:48 - 2013-02-18 18:45 - 00023287 _____ C:\Windows\system32\nvinfo.pb

2013-10-15 20:48 - 2012-10-10 22:23 - 01435504 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-10-15 20:48 - 2009-12-14 21:47 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-10-15 20:48 - 2009-07-13 17:59 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-10-15 17:47 - 2010-07-09 16:27 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-10-15 17:47 - 2010-07-09 16:27 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-10-15 17:47 - 2010-07-09 16:27 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-10-15 17:47 - 2010-07-09 16:27 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-10-15 17:47 - 2009-11-20 22:31 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-10-15 16:54 - 2013-10-15 16:54 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2013-10-14 13:53 - 2013-10-14 13:53 - 00011471 ____H C:\Users\David\Desktop\~WRL3898.tmp

2013-10-13 15:09 - 2013-10-13 15:09 - 470548440 _____ C:\Windows\MEMORY.DMP

2013-10-13 15:09 - 2013-10-13 15:09 - 00540640 _____ C:\Windows\Minidump\101313-32463-01.dmp

2013-10-13 15:09 - 2009-12-10 07:24 - 00000000 ____D C:\Windows\Minidump

2013-10-11 14:13 - 2013-10-11 14:13 - 00184597 _____ C:\Users\David\Downloads\hepmonaland.zip

2013-10-10 19:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache

2013-10-10 09:49 - 2010-01-19 22:11 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-10-10 09:49 - 2010-01-19 22:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-10-10 09:24 - 2013-02-17 14:46 - 00000000 ____D C:\Program Files\Microsoft Office 15

2013-10-10 09:03 - 2009-07-14 00:45 - 05100232 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-10 08:58 - 2013-09-09 21:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-10-10 08:58 - 2013-09-09 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-10-10 00:31 - 2013-07-12 11:34 - 00000000 ____D C:\Windows\system32\MRT

2013-10-10 00:28 - 2009-12-05 18:30 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-10-09 21:54 - 2013-10-09 21:54 - 00000222 _____ C:\Users\David\Desktop\Kerbal Space Program.url

2013-10-09 11:34 - 2012-07-31 21:09 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-10-09 11:34 - 2012-04-12 06:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-10-09 11:34 - 2011-05-19 13:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-10-08 15:14 - 2012-11-18 04:02 - 03398914 _____ C:\Windows\system32\nvcoproc.bin

2013-10-08 07:50 - 2013-10-20 21:00 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-08 07:46 - 2013-10-20 21:01 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-10-08 07:46 - 2013-10-20 21:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-10-08 07:46 - 2013-10-20 21:00 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-10-06 13:58 - 2013-10-06 13:58 - 08420211 _____ (Macrovision Corporation) C:\Users\David\Downloads\20070813082717640_Samsung_USB_Driver_Installer.exe

2013-10-05 10:02 - 2013-04-06 15:37 - 00000000 ____D C:\Users\David\AppData\Local\Deployment

2013-10-04 22:00 - 2009-07-14 01:08 - 00032646 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-04 12:27 - 2013-10-04 12:27 - 00000000 ____D C:\Users\David\AppData\Roaming\TeamViewer

2013-10-02 17:13 - 2013-10-02 17:13 - 00003520 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Bender-PC-Administrator

2013-10-02 17:13 - 2013-06-29 13:52 - 00122528 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

 

Some content of TEMP:

====================

C:\Users\David\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\David\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\David\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\David\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\David\AppData\Local\Temp\ntdll_dump.dll

C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\David\AppData\Local\Temp\nvStInst.exe

C:\Users\David\AppData\Local\Temp\nvstlink.exe

C:\Users\David\AppData\Local\Temp\Quarantine.exe

C:\Users\David\AppData\Local\Temp\SkypeSetup.exe

C:\Users\David\AppData\Local\Temp\uninst1.exe

C:\Users\David\AppData\Local\Temp\vlc-2.0.8-win32.exe

C:\Users\Duncan\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe

C:\Users\Duncan\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Duncan\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Duncan\AppData\Local\Temp\nvStInst.exe

C:\Users\Duncan\AppData\Local\Temp\OfficeSetup.exe

C:\Users\Duncan\AppData\Local\Temp\Strongvault.exe

C:\Users\Duncan\AppData\Local\Temp\swt-win32-3740.dll

C:\Users\Duncan\AppData\Local\Temp\uninst1.exe

C:\Users\Duncan\AppData\Local\Temp\vpnclient_setup.exe

C:\Users\Duncan\AppData\Local\Temp\_is17D4.exe

C:\Users\Duncan\AppData\Local\Temp\_is8D3F.exe

C:\Users\Duncan\AppData\Local\Temp\_isC34F.exe

C:\Users\Duncan\AppData\Local\Temp\_isD049.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-31 09:28

 

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 
Then......
 

These are you Chrome extensions, I would disable them all and see how it is especially the ones in red.
Add them back one at a time to see if you can spot the problems one:
 

CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Picky Wallpapers) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_0
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\David\AppData\Local\RealSummerSale.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\David\AppData\Local\RealSummerSale.crx

 

Let me know.......MrC

Link to post
Share on other sites

There still don't appear to be any extensions in the Chrome setting screens.

I can't explain that.....check to make sure you have the latest version of Chrome:

Open up Chrome > Click on the 3 bars in the upper right hand corner

Click on About Google Chrome

If there's an update available it will automatically update

MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.