Jump to content

Do-search not removing.


Recommended Posts

So I ran the quick scan and it found some other viruses but it didn't find the do-search one that I was originally trying to find. When ever I open up my Google chrome "http://do-search.com/?type=sc&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8" comes up as the home page and it's set to Google. I already went into the settings and changed everything but it still opens to that website.

 

Please help!

Link to post
Share on other sites

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Attach.txt

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 9/6/2013 1:56:10 PM

System Uptime: 11/19/2013 9:44:43 AM (8 hours ago)

.

Motherboard: Hewlett-Packard |  | 144E

Processor: AMD Turion II P520 Dual-Core Processor | Socket S1G4 | 2300/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 282 GiB total, 223.232 GiB free.

D: is FIXED (NTFS) - 16 GiB total, 2.295 GiB free.

E: is FIXED (FAT32) - 0 GiB total, 0.091 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP40: 11/9/2013 3:00:15 AM - Windows Update

RP41: 11/12/2013 5:40:12 PM - Windows Update

RP42: 11/15/2013 9:50:53 AM - Windows Update

RP43: 11/17/2013 9:09:46 AM - Windows Update

RP44: 11/18/2013 6:18:42 PM - avast! antivirus system restore point

RP45: 11/18/2013 6:38:14 PM - Installed SpyHunter

RP46: 11/18/2013 7:06:47 PM - Installed SpyHunter

RP47: 11/18/2013 7:08:00 PM - Installed SpyHunter

RP48: 11/18/2013 7:22:23 PM - Removed SpyHunter

RP49: 11/18/2013 7:33:59 PM - Installed SpyHunter

RP50: 11/18/2013 7:41:29 PM - Installed SpyHunter

RP51: 11/18/2013 7:47:44 PM - Installed SpyHunter

RP52: 11/18/2013 7:58:58 PM - Removed SpyHunter

RP53: 11/19/2013 3:00:15 AM - Windows Update

RP54: 11/19/2013 4:38:15 PM - Installed AVG 2014

RP55: 11/19/2013 4:39:18 PM - Installed AVG 2014

RP56: 11/19/2013 5:40:51 PM - avast! antivirus system restore point

.

==== Installed Programs ======================

.

Acrobat.com

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.05)

Adobe Shockwave Player

Adobe Shockwave Player 12.0

Alcor Micro USB Card Reader

AMD USB Filter Driver

Atheros Driver Installation Program

ATI Catalyst Install Manager

AVG 2014

Battle.net

Bejeweled 2 Deluxe

Blackhawk Striker 2

Blasterball 3

Build-a-lot 2

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

CinemaNow Media Manager

Compatibility Pack for the 2007 Office system

CyberLink DVD Suite

Diner Dash 2 Restaurant Rescue

Dora's Carnival Adventure

DVD Menu Pack for HP MediaSmart Video

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

Faerie Solitaire

FATE

Google Chrome

Google Update Helper

Hearthstone

HP 3D DriveGuard

HP Advisor

HP Customer Experience Enhancements

HP Game Console

HP Games

HP MediaSmart CinemaNow 2.0

HP MediaSmart DVD

HP MediaSmart Internet TV

HP MediaSmart Movies and TV

HP MediaSmart Music

HP MediaSmart Photo

HP MediaSmart SmartMenu

HP MediaSmart Video

HP MediaSmart Webcam

HP MediaSmart/TouchSmart Netflix

HP Photo Creations

HP Power Plan Utility

HP Quick Launch

HP QuickWeb Installer

HP Setup

HP Software Framework

HP Update

HP User Guides 0182

HP Wireless Assistant

HPAsset component for HP Active Support Library

Hulu Desktop

IDT Audio

Java 7 Update 25

Java 7 Update 25 (64-bit)

Java Auto Updater

Java 6 Update 18

Java 6 Update 18 (64-bit)

Jewel Quest 3

Jewel Quest Solitaire 2

Junk Mail filter update

LabelPrint

League of Legends

LightScribe System Software

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Microsoft WSE 3.0 Runtime

Movie Theme Pack for HP MediaSmart Video

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - The New York Fortune

Pando Media Booster

Penguins!

PhotoNow!

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

Realtek Ethernet Controller Driver For Windows Vista and Later

Recovery Manager

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 

Skype™ 6.10

swMSM

Synaptics Pointing Device Driver

TextTwist 2

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Virtual Families

Virtual Villagers - The Secret City

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

Wheel of Fortune 2

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

WinRAR 5.00 (32-bit)

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

11/19/2013 3:49:00 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

11/18/2013 7:22:07 PM, Error: Service Control Manager [7034]  - The Anvi Cloud System Booster Speed Service service terminated unexpectedly.  It has done this 1 time(s).

11/18/2013 7:11:23 PM, Error: Service Control Manager [7000]  - The esgiguard service failed to start due to the following error:  This driver has been blocked from loading

11/18/2013 7:11:23 PM, Error: Application Popup [1060]  - \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgi has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

11/18/2013 6:21:09 PM, Error: Service Control Manager [7030]  - The avast! Antivirus service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

.

==== End Of File ===========================

 

 

 

DDS.txt

 

 


DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.25.2

Run by Owner at 17:42:49 on 2013-11-19

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files (x86)\Battle.net\Battle.net.3891\Battle.net.exe

C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Owner\Downloads\RogueKillerX64.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files\AVAST Software\Avast\Setup\Instup.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.







mWinlogon: Userinit = userinit.exe,

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:181

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: SynchronousUserGroupPolicy = dword:0

mPolicies-System: SynchronousMachineGroupPolicy = dword:0

mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}




TCP: NameServer = 192.168.0.1

TCP: Interfaces\{F40DD199-3F98-4790-BFB2-9215E10093DF} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{F40DD199-3F98-4790-BFB2-9215E10093DF}\46C696E6B6 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{F40DD199-3F98-4790-BFB2-9215E10093DF}\F4E6C6970225564602F4E696F6E637 : DHCPNameServer = 192.168.0.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome





x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey




x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? esgiguard;esgiguard

R? IEEtwCollectorService;Internet Explorer ETW Collector Service

R? netr28x;Ralink 802.11n Wireless Driver for Windows Vista

R? netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit

R? RdpVideoMiniport;Remote Desktop Video Miniport Driver

R? RTL8167;Realtek 8167 NT Driver

R? SkypeUpdate;Skype Updater

R? SrvHsfHDA;SrvHsfHDA

R? SrvHsfV92;SrvHsfV92

R? SrvHsfWinac;SrvHsfWinac

R? TsUsbFlt;TsUsbFlt

R? WatAdminSvc;Windows Activation Technologies Service

R? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller

S? AESTFilters;Andrea ST Filters Service

S? AMD External Events Utility;AMD External Events Utility

S? aswFsBlk;aswFsBlk

S? aswMonFlt;aswMonFlt

S? aswRvrt;avast! Revert

S? aswSnx;aswSnx

S? aswSP;aswSP

S? aswVmm;avast! VM Monitor

S? Avgdiska;AVG Disk Driver

S? AVGIDSAgent;AVGIDSAgent

S? AVGIDSDriver;AVGIDSDriver

S? AVGIDSHA;AVGIDSHA

S? Avgldx64;AVG AVI Loader Driver

S? Avgloga;AVG Logging Driver

S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield

S? Avgrkx64;AVG Anti-Rootkit Driver

S? Avgtdia;AVG TDI Driver

S? avgwd;AVG WatchDog

S? CinemaNow Service;CinemaNow Service

S? DVMIO;DeviceVM IO Service

S? DvmMDES;DeviceVM Meta Data Export Service

S? HP Wireless Assistant Service;HP Wireless Assistant Service

S? hpsrv;HP Service

S? HPWMISVC;HPWMISVC

S? MBAMProtector;MBAMProtector

S? MBAMScheduler;MBAMScheduler

S? MBAMService;MBAMService

S? MpFilter;Microsoft Malware Protection Driver

S? NisDrv;Microsoft Network Inspection System

S? NisSrv;Microsoft Network Inspection

S? usbfilter;AMD USB Filter Driver

.

=============== Created Last 30 ================

.

2013-11-19 21:48:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\AVG2014

2013-11-19 21:42:46 -------- d-----w- C:\Users\Owner\AppData\Roaming\TuneUp Software

2013-11-19 21:40:46 -------- d--h--w- C:\$AVG

2013-11-19 21:40:46 -------- d-----w- C:\ProgramData\AVG2014

2013-11-19 21:38:53 -------- d-----w- C:\Program Files (x86)\AVG

2013-11-19 21:26:53 -------- d--h--w- C:\ProgramData\Common Files

2013-11-19 21:26:53 -------- d-----w- C:\Users\Owner\AppData\Local\MFAData

2013-11-19 21:26:53 -------- d-----w- C:\Users\Owner\AppData\Local\Avg2014

2013-11-19 21:26:53 -------- d-----w- C:\ProgramData\MFAData

2013-11-19 01:00:49 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes

2013-11-19 01:00:30 -------- d-----w- C:\ProgramData\Malwarebytes

2013-11-19 01:00:18 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-11-19 01:00:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-19 00:34:33 -------- d-----w- C:\Program Files (x86)\Enigma Software Group

2013-11-19 00:11:11 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DABE6335-D3D0-4CA3-92A3-61D9139D375E}\mpengine.dll

2013-11-19 00:07:43 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP

2013-11-18 23:38:58 -------- d-----w- C:\Program Files\Enigma Software Group

2013-11-18 23:37:43 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP

2013-11-18 23:37:40 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2013-11-18 23:22:41 -------- d-----w- C:\Users\Owner\AppData\Roaming\AVAST Software

2013-11-18 23:20:51 43152 ----a-w- C:\Windows\avastSS.scr

2013-11-18 23:19:32 -------- d-----w- C:\Program Files\AVAST Software

2013-11-18 23:18:02 -------- d-----w- C:\ProgramData\AVAST Software

2013-11-18 22:57:21 -------- d-----w- C:\Program Files (x86)\Anvisoft

2013-11-18 20:31:57 -------- d-----w- C:\Program Files (x86)\Common Files\337

2013-11-18 20:29:33 -------- d-----w- C:\Users\Owner\.config

2013-11-18 20:29:07 -------- d-----w- C:\Users\Owner\AppData\Local\Programs

2013-11-18 20:29:07 -------- d-----w- C:\Users\Owner\AppData\Local\Oxy

2013-11-18 20:29:07 -------- d-----w- C:\Users\Owner\AppData\Local\Chromium

2013-11-18 20:27:38 -------- d-----w- C:\Users\Owner\AppData\Roaming\Oxy

2013-11-17 14:22:56 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-11-16 23:23:28 -------- d-----w- C:\Users\Owner\AppData\Local\Blizzard

2013-11-16 22:57:27 -------- d-----w- C:\Program Files (x86)\Hearthstone

2013-11-16 22:56:21 -------- d-----w- C:\Users\Owner\AppData\Local\Blizzard Entertainment

2013-11-16 22:56:20 -------- d-----w- C:\Users\Owner\AppData\Roaming\Battle.net

2013-11-16 22:56:19 -------- d-----w- C:\Users\Owner\AppData\Local\Battle.net

2013-11-16 22:56:02 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2013-11-16 22:56:01 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2013-11-16 22:56:01 -------- d-----w- C:\Program Files (x86)\Battle.net

2013-11-16 22:55:02 -------- d-----w- C:\ProgramData\Battle.net

2013-11-14 22:54:57 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-14 22:54:57 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-11-14 22:54:56 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-14 22:54:55 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-11-14 22:54:55 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-11-14 22:54:55 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-14 22:54:55 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-11-08 20:13:29 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-11-08 20:13:29 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-11-08 20:13:29 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-11-08 20:13:29 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-11-08 20:13:29 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-11-08 20:13:29 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-11-08 20:13:28 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-11-07 00:48:04 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B246809-B0D0-4FC1-80BB-F0D544370C9C}\gapaengine.dll

2013-11-07 00:29:36 -------- d-----w- C:\Users\Owner\AppData\Local\ElevatedDiagnostics

2013-11-01 00:30:50 -------- d-----r- C:\Program Files (x86)\Skype

2013-10-31 02:23:18 -------- d-----w- C:\Users\Owner\AppData\Roaming\LolClient

.

==================== Find3M  ====================

.

2013-11-18 20:31:25 773712 ----a-w- C:\Windows\SysWow64\msvcr100.dll

2013-11-18 20:31:25 420944 ----a-w- C:\Windows\SysWow64\msvcp100.dll

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-09-27 14:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2013-09-27 14:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2013-09-26 02:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys

2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll

2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll

2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe

2013-09-09 03:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll

2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll

2013-09-07 16:37:25 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-09-07 16:37:22 972712 ----a-w- C:\Windows\System32\deployJava1.dll

2013-09-07 16:37:22 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-09-07 16:33:44 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-09-07 16:33:41 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-09-07 16:33:40 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-09-06 23:37:03 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-09-06 23:37:03 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-09-06 20:20:57 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-06 20:20:57 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-09-06 19:50:37 175616 ----a-w- C:\Windows\System32\msclmd.dll

2013-09-06 19:50:37 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2013-09-06 17:21:46 0 ----a-w- C:\Windows\ativpsrm.bin

2013-09-02 15:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2013-09-02 15:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2013-09-02 15:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2013-09-02 15:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll

2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll

2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll

2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll

.

============= FINISH: 17:45:14.99 ===============

 


 

 

I downloaded Rogue killer and I'll run that and reply with the log in a minute.

Link to post
Share on other sites

Rogue killer

 

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 11/19/2013 18:02:37
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 1 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS ATA Device +++++
--- User ---
[MBR] 7ac1bd11f990990ff6b023c5fafc5f0d
[bSP] 76d1cb2e50710023cab2d65125a7eee1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 288517 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 591292416 | Size: 16424 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_11192013_180237.txt >>
Link to post
Share on other sites

Give this a try to start with:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

AdwCleaner[s0].txt

 

# AdwCleaner v3.012 - Report created 19/11/2013 at 21:29:57

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Owner - OWNER-PC

# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Program Files (x86)\Common Files\337

Folder Deleted : C:\Users\Owner\AppData\Local\Oxy

Folder Deleted : C:\Users\Owner\AppData\Local\Temp\boost_interprocess

Folder Deleted : C:\Users\Owner\AppData\Local\Temp\Desk365

Folder Deleted : C:\Users\Owner\AppData\Roaming\Oxy

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\DeviceVM

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\V9

Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16428

 

 

*************************

 

AdwCleaner[R0].txt - [1648 octets] - [19/11/2013 21:25:21]

AdwCleaner[R1].txt - [1706 octets] - [19/11/2013 21:27:49]

AdwCleaner[s0].txt - [1663 octets] - [19/11/2013 21:29:57]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1723 octets] ##########

 

 

I notice under the browsers section that only internet explorer was in there. I use Google chrome will that matter at all or will it do the same thing to all of my internet browsers?
Link to post
Share on other sites

Sometimes we have to manually delete it in Chrome.

For Chrome...........

First make sure you have the latest version of Chrome:

Open up Chrome > Click on the 3 bars in the upper right hand corner

Click on About Google Chrome

If there's an update available it will automatically update

Next:

Go to Tools > Clear Browser Data

Put a check next to all of these:

  • Clear browsing history
  • Clear download history
  • Delete cookies and other site and plug-in data
  • Empty the cache
Click "Clear Browsing Data"

-------------------------------

Next:

Click the Chrome menu on the browser toolbar.

Select Settings.

In the "Search" section, click Manage search engines.

Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.

Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.

-------------------------------------

Click the Chrome menu .

Select Settings.

In the "On startup" section, select Open a specific page or set of pages.

Click Set pages. (in blue to the right)

Remove any unfamiliar pages.

-----------------------

Click the Chrome menu .

Select Settings.

In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.

If the page isn't the home page you'd like to use, click Change and select your preferred page.

-------------------------

Carefully check for any odd extensions or plugins: (it's a good idea to disable them all and see if you're still redirected and then add each one back until you find the culprit)

Type the following into the address box and hit Enter:

chrome:plugins

Do the same for:

chrome:extensions

Let me know.....MrC

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look like this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Owner (administrator) on OWNER-PC on 19-11-2013 22:02:54
Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(DeviceVM, Inc.) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-17] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-01] (IDT, Inc.)
HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKCU\...\Policies\Explorer: [NoInstrumentation] 0
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com/?type=hp&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com/?type=hp&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com/?type=sc&ts=1384806610&from=mp3&uid=ST9320325AS_6VDHYDS8XXXX6VDHYDS8
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {2A010908-E98B-43A2-B629-DA628517A999} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
==================== Services (Whitelisted) =================
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 DvmMDES; C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-03-12] (DeviceVM, Inc.)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe [244736 2010-02-01] (IDT, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2010-01-29] (DeviceVM, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-19 22:02 - 2013-11-19 22:03 - 00012787 _____ C:\Users\Owner\Desktop\FRST.txt
2013-11-19 22:02 - 2013-11-19 22:02 - 00000000 ____D C:\FRST
2013-11-19 22:01 - 2013-11-19 22:02 - 01957964 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2013-11-19 21:33 - 2013-11-19 21:33 - 00000012 ____H C:\dvmexp.idx
2013-11-19 21:33 - 2013-11-19 21:33 - 00000000 ___HD C:\dvmexp
2013-11-19 21:25 - 2013-11-19 21:30 - 00000000 ____D C:\AdwCleaner
2013-11-19 21:24 - 2013-11-19 21:24 - 01085542 _____ C:\Users\Owner\Desktop\AdwCleaner.exe
2013-11-19 18:02 - 2013-11-19 18:02 - 00001983 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11192013_180237.txt
2013-11-19 17:45 - 2013-11-19 17:45 - 00022463 _____ C:\Users\Owner\Desktop\dds.txt
2013-11-19 17:45 - 2013-11-19 17:45 - 00011146 _____ C:\Users\Owner\Desktop\attach.txt
2013-11-19 17:41 - 2013-11-19 17:42 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2013-11-19 17:38 - 2013-11-19 18:05 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine
2013-11-19 17:30 - 2013-11-19 17:37 - 04161024 _____ C:\Users\Owner\Downloads\RogueKillerX64.exe
2013-11-19 16:48 - 2013-11-19 16:48 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVG2014
2013-11-19 16:47 - 2013-11-19 16:47 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-11-19 16:42 - 2013-11-19 16:42 - 00000965 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-19 16:42 - 2013-11-19 16:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software
2013-11-19 16:40 - 2013-11-19 16:43 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-19 16:40 - 2013-11-19 16:40 - 00000000 ___HD C:\$AVG
2013-11-19 16:38 - 2013-11-19 16:38 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-19 16:26 - 2013-11-19 19:27 - 00000000 ____D C:\ProgramData\MFAData
2013-11-19 16:26 - 2013-11-19 17:24 - 00000000 ____D C:\Users\Owner\AppData\Local\Avg2014
2013-11-19 16:26 - 2013-11-19 16:26 - 04424240 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_avct_stb_all_2014_4116_comppg_23.exe
2013-11-19 16:26 - 2013-11-19 16:26 - 00000000 ____D C:\Users\Owner\AppData\Local\MFAData
2013-11-19 15:13 - 2013-11-19 15:13 - 00000322 _____ C:\Users\Owner\AppData\Roaming\mbam.context.scan
2013-11-19 03:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-19 03:03 - 2013-11-19 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:03 - 2013-11-19 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:03 - 2013-11-19 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:03 - 2013-11-19 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:03 - 2013-11-19 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:03 - 2013-11-19 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:03 - 2013-11-19 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:03 - 2013-11-19 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:03 - 2013-11-19 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:03 - 2013-11-19 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:03 - 2013-11-19 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-19 03:00 - 2013-11-19 03:06 - 00007424 _____ C:\Windows\IE11_main.log
2013-11-18 20:00 - 2013-11-18 20:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 20:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-18 19:34 - 2013-11-19 17:27 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-18 19:07 - 2013-11-18 20:00 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-18 18:39 - 2013-11-18 18:39 - 00000000 _____ C:\autoexec.bat
2013-11-18 18:38 - 2013-11-19 17:27 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-18 18:37 - 2013-11-18 19:08 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-18 18:26 - 2013-11-19 21:32 - 00315062 _____ C:\Windows\PFRO.log
2013-11-18 18:26 - 2013-11-19 21:32 - 00000168 _____ C:\Windows\setupact.log
2013-11-18 18:26 - 2013-11-18 18:26 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 18:22 - 2013-11-18 18:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2013-11-18 18:21 - 2013-11-18 18:20 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-18 18:18 - 2013-11-19 21:32 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-18 17:59 - 2013-11-18 17:59 - 00000000 ____D C:\Users\Public\Anvisoft
2013-11-18 17:57 - 2013-11-18 19:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-11-18 17:57 - 2013-11-18 19:22 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-11-18 15:29 - 2013-11-18 15:29 - 00003506 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-11-18 15:29 - 2013-11-18 15:29 - 00000000 ____D C:\Users\Owner\AppData\Local\Chromium
2013-11-16 18:23 - 2013-11-16 18:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Blizzard
2013-11-16 17:57 - 2013-11-16 18:23 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-11-16 17:57 - 2013-11-16 17:57 - 00001187 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-16 17:56 - 2013-11-19 21:28 - 00000000 ____D C:\Users\Owner\AppData\Local\Battle.net
2013-11-16 17:56 - 2013-11-18 15:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Battle.net
2013-11-16 17:56 - 2013-11-16 17:56 - 00001150 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Blizzard Entertainment
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-11-16 17:55 - 2013-11-16 17:55 - 00000000 ____D C:\ProgramData\Battle.net
2013-11-14 17:55 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 17:55 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 17:55 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 17:55 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 17:55 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 17:55 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 17:55 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 17:55 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 17:55 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 17:55 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 17:55 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 17:55 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 17:55 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 17:55 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 17:55 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 17:55 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 17:55 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 17:55 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 17:55 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 17:55 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 17:55 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 17:55 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 17:55 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 17:54 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 17:54 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 17:54 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 17:54 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 17:54 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 17:54 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 17:54 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-08 15:13 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-08 15:13 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\WinRAR
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-10-31 19:30 - 2013-10-31 19:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-31 18:13 - 2013-11-19 21:26 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2013-10-31 18:12 - 2013-10-31 19:31 - 00000000 ____D C:\ProgramData\Skype
2013-10-31 18:12 - 2013-10-31 19:30 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-30 21:23 - 2013-10-30 21:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\LolClient
 
==================== One Month Modified Files and Folders =======
 
2013-11-19 22:03 - 2013-11-19 22:02 - 00012787 _____ C:\Users\Owner\Desktop\FRST.txt
2013-11-19 22:02 - 2013-11-19 22:02 - 00000000 ____D C:\FRST
2013-11-19 22:02 - 2013-11-19 22:01 - 01957964 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2013-11-19 21:55 - 2013-09-06 15:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-19 21:48 - 2013-09-06 12:14 - 01469462 _____ C:\Windows\WindowsUpdate.log
2013-11-19 21:40 - 2009-07-13 23:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-19 21:40 - 2009-07-13 23:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-19 21:33 - 2013-11-19 21:33 - 00000012 ____H C:\dvmexp.idx
2013-11-19 21:33 - 2013-11-19 21:33 - 00000000 ___HD C:\dvmexp
2013-11-19 21:33 - 2013-09-19 17:56 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 21:32 - 2013-11-18 18:26 - 00315062 _____ C:\Windows\PFRO.log
2013-11-19 21:32 - 2013-11-18 18:26 - 00000168 _____ C:\Windows\setupact.log
2013-11-19 21:32 - 2013-11-18 18:18 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-19 21:32 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 21:30 - 2013-11-19 21:25 - 00000000 ____D C:\AdwCleaner
2013-11-19 21:28 - 2013-11-16 17:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Battle.net
2013-11-19 21:26 - 2013-10-31 18:13 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2013-11-19 21:24 - 2013-11-19 21:24 - 01085542 _____ C:\Users\Owner\Desktop\AdwCleaner.exe
2013-11-19 21:23 - 2013-09-19 18:02 - 00000000 ____D C:\Users\Owner\AppData\Local\PMB Files
2013-11-19 21:23 - 2013-09-19 18:02 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-19 21:06 - 2013-09-19 17:56 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-19 19:27 - 2013-11-19 16:26 - 00000000 ____D C:\ProgramData\MFAData
2013-11-19 18:05 - 2013-11-19 17:38 - 00000000 ____D C:\Users\Owner\Desktop\RK_Quarantine
2013-11-19 18:02 - 2013-11-19 18:02 - 00001983 _____ C:\Users\Owner\Desktop\RKreport[0]_S_11192013_180237.txt
2013-11-19 17:45 - 2013-11-19 17:45 - 00022463 _____ C:\Users\Owner\Desktop\dds.txt
2013-11-19 17:45 - 2013-11-19 17:45 - 00011146 _____ C:\Users\Owner\Desktop\attach.txt
2013-11-19 17:42 - 2013-11-19 17:41 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2013-11-19 17:37 - 2013-11-19 17:30 - 04161024 _____ C:\Users\Owner\Downloads\RogueKillerX64.exe
2013-11-19 17:27 - 2013-11-18 19:34 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2013-11-19 17:27 - 2013-11-18 18:38 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-19 17:24 - 2013-11-19 16:26 - 00000000 ____D C:\Users\Owner\AppData\Local\Avg2014
2013-11-19 16:48 - 2013-11-19 16:48 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVG2014
2013-11-19 16:47 - 2013-11-19 16:47 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-11-19 16:43 - 2013-11-19 16:40 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-19 16:42 - 2013-11-19 16:42 - 00000965 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-19 16:42 - 2013-11-19 16:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TuneUp Software
2013-11-19 16:40 - 2013-11-19 16:40 - 00000000 ___HD C:\$AVG
2013-11-19 16:38 - 2013-11-19 16:38 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-19 16:26 - 2013-11-19 16:26 - 04424240 _____ (AVG Technologies) C:\Users\Owner\Downloads\avg_avct_stb_all_2014_4116_comppg_23.exe
2013-11-19 16:26 - 2013-11-19 16:26 - 00000000 ____D C:\Users\Owner\AppData\Local\MFAData
2013-11-19 15:13 - 2013-11-19 15:13 - 00000322 _____ C:\Users\Owner\AppData\Roaming\mbam.context.scan
2013-11-19 05:21 - 2013-09-06 13:50 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 03:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-11-19 03:26 - 2013-09-06 13:23 - 00001597 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-19 03:25 - 2009-09-06 20:57 - 00000000 ____D C:\Windows\Panther
2013-11-19 03:22 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-19 03:06 - 2013-11-19 03:00 - 00007424 _____ C:\Windows\IE11_main.log
2013-11-19 03:03 - 2013-11-19 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-19 03:03 - 2013-11-19 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-19 03:03 - 2013-11-19 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-19 03:03 - 2013-11-19 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-19 03:03 - 2013-11-19 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 03:03 - 2013-11-19 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 03:03 - 2013-11-19 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 03:03 - 2013-11-19 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 03:03 - 2013-11-19 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 03:03 - 2013-11-19 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 03:03 - 2013-11-19 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 03:03 - 2013-11-19 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-19 03:03 - 2013-11-19 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 20:00 - 2013-11-18 20:00 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Malwarebytes
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 20:00 - 2013-11-18 20:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 20:00 - 2013-11-18 19:07 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-18 19:22 - 2013-11-18 17:57 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
2013-11-18 19:22 - 2013-11-18 17:57 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2013-11-18 19:08 - 2013-11-18 18:37 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-18 18:39 - 2013-11-18 18:39 - 00000000 _____ C:\autoexec.bat
2013-11-18 18:26 - 2013-11-18 18:26 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 18:22 - 2013-11-18 18:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2013-11-18 18:20 - 2013-11-18 18:21 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-18 18:10 - 2013-09-19 17:57 - 00002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-18 17:59 - 2013-11-18 17:59 - 00000000 ____D C:\Users\Public\Anvisoft
2013-11-18 15:32 - 2013-09-06 13:23 - 00000000 ___RD C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-18 15:31 - 2011-02-19 23:03 - 00420944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-11-18 15:31 - 2011-02-19 00:40 - 00773712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-11-18 15:29 - 2013-11-18 15:29 - 00003506 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-11-18 15:29 - 2013-11-18 15:29 - 00000000 ____D C:\Users\Owner\AppData\Local\Chromium
2013-11-18 15:29 - 2013-09-06 12:56 - 00000000 ____D C:\Users\Owner
2013-11-18 15:23 - 2013-11-16 17:56 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Battle.net
2013-11-17 21:51 - 2013-09-06 13:04 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-17 09:12 - 2013-09-07 11:11 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-17 09:12 - 2013-09-07 11:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-17 09:11 - 2013-09-07 11:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-16 18:23 - 2013-11-16 18:23 - 00000000 ____D C:\Users\Owner\AppData\Local\Blizzard
2013-11-16 18:23 - 2013-11-16 17:57 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-11-16 17:57 - 2013-11-16 17:57 - 00001187 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-16 17:56 - 2013-11-16 17:56 - 00001150 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\Users\Owner\AppData\Local\Blizzard Entertainment
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-11-16 17:56 - 2013-11-16 17:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-11-16 17:55 - 2013-11-16 17:55 - 00000000 ____D C:\ProgramData\Battle.net
2013-11-15 09:56 - 2010-04-07 14:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 09:55 - 2013-09-06 20:04 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 09:51 - 2013-09-06 20:04 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-07 13:52 - 2009-09-06 19:40 - 00000000 ____D C:\SwSetup
2013-11-06 19:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-06 19:28 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-01 13:54 - 2013-11-01 13:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\WinRAR
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-01 13:53 - 2013-11-01 13:53 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-10-31 19:31 - 2013-10-31 18:12 - 00000000 ____D C:\ProgramData\Skype
2013-10-31 19:30 - 2013-10-31 19:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-31 19:30 - 2013-10-31 18:12 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-30 21:23 - 2013-10-30 21:23 - 00000000 ____D C:\Users\Owner\AppData\Roaming\LolClient
2013-10-30 20:55 - 2009-07-14 00:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Owner\AppData\Local\Temp\oi_{50A95149-64D3-4AE9-B973-90E8E9C5945D}.exe
C:\Users\Owner\AppData\Local\Temp\oi_{5C1F3A53-F69E-421B-9E4F-2BBD67DC3372}.exe
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\SHSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-19 03:46
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Owner at 2013-11-19 22:03:52
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
Acrobat.com (x32 Version: 1.6.65)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Adobe Shockwave Player (x32 Version: 11.5.1.601)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Alcor Micro USB Card Reader (x32 Version: 1.1.517.35203)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
Atheros Driver Installation Program (x32 Version: 5.2)
ATI Catalyst Install Manager (Version: 3.0.765.0)
AVG 2014 (Version: 14.0.3629)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
Battle.net (x32)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82)
Blackhawk Striker 2 (x32 Version: 2.2.0.82)
Blasterball 3 (x32 Version: 2.2.0.82)
Build-a-lot 2 (x32 Version: 2.2.0.82)
Cake Mania (x32 Version: 2.2.0.82)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412)
Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412)
CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412)
CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412)
CCC Help Czech (x32 Version: 2010.0302.2232.40412)
CCC Help Danish (x32 Version: 2010.0302.2232.40412)
CCC Help Dutch (x32 Version: 2010.0302.2232.40412)
CCC Help English (x32 Version: 2010.0302.2232.40412)
CCC Help Finnish (x32 Version: 2010.0302.2232.40412)
CCC Help French (x32 Version: 2010.0302.2232.40412)
CCC Help German (x32 Version: 2010.0302.2232.40412)
CCC Help Greek (x32 Version: 2010.0302.2232.40412)
CCC Help Hungarian (x32 Version: 2010.0302.2232.40412)
CCC Help Italian (x32 Version: 2010.0302.2232.40412)
CCC Help Japanese (x32 Version: 2010.0302.2232.40412)
CCC Help Korean (x32 Version: 2010.0302.2232.40412)
CCC Help Norwegian (x32 Version: 2010.0302.2232.40412)
CCC Help Polish (x32 Version: 2010.0302.2232.40412)
CCC Help Portuguese (x32 Version: 2010.0302.2232.40412)
CCC Help Russian (x32 Version: 2010.0302.2232.40412)
CCC Help Spanish (x32 Version: 2010.0302.2232.40412)
CCC Help Swedish (x32 Version: 2010.0302.2232.40412)
CCC Help Thai (x32 Version: 2010.0302.2232.40412)
CCC Help Turkish (x32 Version: 2010.0302.2232.40412)
ccc-core-static (x32 Version: 2010.0302.2233.40412)
ccc-utility64 (Version: 2010.0302.2233.40412)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
CinemaNow Media Manager (x32 Version: 1.9.1.105)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
CyberLink DVD Suite (x32 Version: 7.0.2527)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
Dora's Carnival Adventure (x32 Version: 2.2.0.82)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715)
Energy Star Digital Logo (x32 Version: 1.0.1)
Escape Rosecliff Island (x32 Version: 2.2.0.82)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0)
Faerie Solitaire (x32 Version: 2.2.0.82)
FATE (x32 Version: 2.2.0.82)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Hearthstone (x32)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (x32 Version: 3.4.10262.3295)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4)
HP Game Console (x32)
HP Games (x32 Version: 1.0.0.80)
HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0)
HP MediaSmart DVD (x32 Version: 4.0.3822)
HP MediaSmart Internet TV (x32 Version: 3.2.2513)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (x32 Version: 4.0.3903)
HP MediaSmart Photo (x32 Version: 4.0.3911)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (x32 Version: 4.0.3911)
HP MediaSmart Webcam (x32 Version: 4.0.2511)
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.2.0)
HP Photo Creations (x32 Version: 1.0.0.2261)
HP Power Plan Utility (x32 Version: 1.0.6)
HP Quick Launch (Version: 1.0.18)
HP QuickWeb Installer (x32 Version: 1.2.13.0)
HP Setup (x32 Version: 1.2.3988.3281)
HP Software Framework (x32 Version: 3.5.17.1)
HP Update (x32 Version: 5.001.000.014)
HP User Guides 0182 (x32 Version: 1.01.0000)
HP Wireless Assistant (Version: 4.0.4.2)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3)
Hulu Desktop (HKCU Version: 0.9.11)
IDT Audio (x32 Version: 1.0.6269.0)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java 6 Update 18 (64-bit) (Version: 6.0.180)
Java 6 Update 18 (x32 Version: 6.0.180)
Jewel Quest 3 (x32 Version: 2.2.0.82)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 14.0.8089.726)
LabelPrint (x32 Version: 2.5.2515)
League of Legends (x32 Version: 3.0.0)
LightScribe System Software (x32 Version: 1.18.12.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82)
Pando Media Booster (x32 Version: 2.6.0.7)
Penguins! (x32 Version: 2.2.0.82)
PhotoNow! (x32 Version: 1.1.6904)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poker Superstars III (x32 Version: 2.2.0.82)
Polar Bowler (x32 Version: 2.2.0.82)
Polar Golfer (x32 Version: 2.2.0.82)
Power2Go (x32 Version: 6.1.3715)
PowerDirector (x32 Version: 8.0.2514)
Realtek Ethernet Controller Driver For Windows Vista and Later (x32 Version: 1.00.0011)
Recovery Manager (x32 Version: 5.5.2512)
Roxio CinemaNow 2.0 (x32 Version: 1.0.262)
Skype™ 6.10 (x32 Version: 6.10.104)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
TextTwist 2 (x32 Version: 2.2.0.82)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Virtual Families (x32 Version: 2.2.0.82)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Wheel of Fortune 2 (x32 Version: 2.2.0.82)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Photo Gallery (x32 Version: 14.0.8081.709)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029)
Windows Live Writer (x32 Version: 14.0.8089.0726)
WinRAR 5.00 (32-bit) (x32 Version: 5.00.0)
Zuma's Revenge (x32 Version: 2.2.0.82)
 
==================== Restore Points  =========================
 
12-11-2013 22:40:12 Windows Update
15-11-2013 14:50:53 Windows Update
17-11-2013 14:09:46 Windows Update
18-11-2013 23:18:42 avast! antivirus system restore point
18-11-2013 23:38:14 Installed SpyHunter
19-11-2013 00:06:47 Installed SpyHunter
19-11-2013 00:08:00 Installed SpyHunter
19-11-2013 00:22:23 Removed SpyHunter
19-11-2013 00:33:59 Installed SpyHunter
19-11-2013 00:41:29 Installed SpyHunter
19-11-2013 00:47:44 Installed SpyHunter
19-11-2013 00:58:58 Removed SpyHunter
19-11-2013 08:00:15 Windows Update
19-11-2013 21:38:15 Installed AVG 2014
19-11-2013 21:39:18 Installed AVG 2014
19-11-2013 22:40:51 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2013-11-18 19:42 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {26AA5B5C-D4C5-42C0-875A-83214BFFC008} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-06] (Adobe Systems Incorporated)
Task: {965F795B-727D-415B-88BB-59F68FEAB774} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)
Task: {ACA4AC05-DC4C-4AFA-9FC1-720482319DD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-19] (Google Inc.)
Task: {AD88F9CB-A13A-4381-80D5-B96E8B96F61B} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard)
Task: {B3B67750-9141-4DA0-8EFD-D7054777F96F} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-02] ()
Task: {C7C7C00B-BC8A-40A5-805F-96C48080A3B2} - \Desk 365 RunAsStdUser No Task File
Task: {D3B6F564-B9CF-42F1-AAAF-F5A01D90185A} - System32\Tasks\RunAsStdUser Task => C:\Users\Owner\AppData\Local\Oxy\Application\oxy.exe
Task: {E88A9BBA-437D-4030-9A02-38086210F7BD} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard)
Task: {ED57AC23-1DC9-4D5E-A000-D9683DE56304} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {F470518B-6A19-4ECE-BB2E-7CA1A224D6B0} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-02-11 13:47 - 2010-02-11 13:47 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-09-06 12:18 - 2013-09-06 12:18 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-27 16:01 - 2010-01-27 16:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-27 16:01 - 2010-01-27 16:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-01-27 16:01 - 2010-01-27 16:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-02-22 13:19 - 2010-02-22 13:19 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-02-22 13:19 - 2010-02-22 13:19 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-02-22 13:19 - 2010-02-22 13:19 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-11-16 19:08 - 2013-11-14 06:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-16 19:08 - 2013-11-14 06:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-16 19:08 - 2013-11-14 06:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-16 19:08 - 2013-11-14 06:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-16 19:08 - 2013-11-14 06:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/19/2013 03:48:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (11/18/2013 09:53:02 PM) (Source: Application Hang) (User: )
Description: The program HPSF.exe version 4.3.1.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 840
 
Start Time: 01cee4cf0c1f480d
 
Termination Time: 210
 
Application Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
 
Report Id: a7989110-50c5-11e3-9833-91b52d70b8e8
 
Error: (11/18/2013 06:19:05 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary jnjzugek.
 
System Error:
The system cannot find the file specified.
.
 
Error: (11/17/2013 09:10:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: rads_user_kernel.exe, version: 0.0.0.0, time stamp: 0x4e65c1ac
Faulting module name: rads_user_kernel.exe, version: 0.0.0.0, time stamp: 0x4e65c1ac
Exception code: 0xc0000005
Fault offset: 0x000b8554
Faulting process id: 0x2360
Faulting application start time: 0xrads_user_kernel.exe0
Faulting application path: rads_user_kernel.exe1
Faulting module path: rads_user_kernel.exe2
Report Id: rads_user_kernel.exe3
 
Error: (11/06/2013 05:04:42 PM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.
 
Context:  Application, SystemIndex Catalog
 
Error: (11/05/2013 09:06:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp: 0x515663e0
Faulting module name: Adobe AIR.dll, version: 3.7.0.1530, time stamp: 0x5156646c
Exception code: 0xc0000005
Fault offset: 0x0006dd76
Faulting process id: 0x23d0
Faulting application start time: 0xLolClient.exe0
Faulting application path: LolClient.exe1
Faulting module path: LolClient.exe2
Report Id: LolClient.exe3
 
Error: (10/17/2013 00:49:02 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16720 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 23ac
 
Start Time: 01cecafac45af094
 
Termination Time: 35
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id:
 
Error: (10/06/2013 01:24:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (09/29/2013 04:46:10 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
 
Error: (09/25/2013 07:15:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
 
System errors:
=============
Error: (11/19/2013 09:32:49 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:31:33 PM on ‎11/‎19/‎2013 was unexpected.
 
Error: (11/19/2013 03:49:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (11/19/2013 03:03:44 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (11/19/2013 02:58:06 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (11/18/2013 07:22:07 PM) (Source: Service Control Manager) (User: )
Description: The Anvi Cloud System Booster Speed Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/18/2013 07:11:23 PM) (Source: Service Control Manager) (User: )
Description: The esgiguard service failed to start due to the following error: 
%%1275
 
Error: (11/18/2013 07:11:23 PM) (Source: Application Popup) (User: )
Description: \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgi has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (11/18/2013 06:21:09 PM) (Source: Service Control Manager) (User: )
Description: The avast! Antivirus service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (11/18/2013 03:45:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (11/16/2013 02:16:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:14:47 PM on ‎11/‎16/‎2013 was unexpected.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-11-18 19:11:23.781
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-18 19:11:23.638
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 46%
Total physical RAM: 3834.9 MB
Available physical RAM: 2057.27 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 5438.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:281.75 GB) (Free:223.62 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.04 GB) (Free:2.29 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CE444256)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=282 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================
Link to post
Share on other sites

There's no Chrome listed????

You can always reset it:

https://support.google.com/chrome/answer/3296214?hl=en

Lets fix Internet Explorer though:

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Let me know....MrC

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2013

Ran by Owner at 2013-11-19 22:21:35 Run:1

Running from C:\Users\Owner\Desktop\New folder

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com...XXXX6VDHYDS8&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com...DS8XXXX6VDHYDS8

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com...DS8XXXX6VDHYDS8

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com...XXXX6VDHYDS8&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com...XXXX6VDHYDS8&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://do-search.com...DS8XXXX6VDHYDS8

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com...DS8XXXX6VDHYDS8

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com...XXXX6VDHYDS8&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com...DS8XXXX6VDHYDS8

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

 

*****************

 

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.

 

==== End of Fixlog ====

 

 

Should I reset my Chrome right now?

Link to post
Share on other sites

zoek-results.txt

 

 
Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by Owner on Tue 11/19/2013 at 22:41:28.68.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\AppData\Local\Temp\Rar$EXa0.591\zoek.exe  [Checkboxes used]
 
==== Older Logs ======================
 
C:\zoek-results2013-11-20-034034.log 751 bytes
 
==== Reset Google Chrome ======================
 
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
 
==== EOF on Tue 11/19/2013 at 22:43:00.15 ======================
 
 
Still do-search
Link to post
Share on other sites

zoek-results.txt

 

 
Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by Owner on Tue 11/19/2013 at 22:53:19.04.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Owner\AppData\Local\Temp\Rar$EXa0.664\zoek.exe  [Checkboxes used]
 
==== Older Logs ======================
 
C:\zoek-results2013-11-20-034034.log 751 bytes
C:\zoek-results2013-11-20-034300.log 713 bytes
 
==== Chrome Look ======================
 
Google Docs - Owner - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Wallet - Owner - Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
==== Reset Google Chrome ======================
 
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
 
==== EOF on Tue 11/19/2013 at 22:54:46.95 ======================
 
 
Nothing... Thanks for trying. This kinda sucks
Link to post
Share on other sites

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://www.itxassociates.com/OT-Tools/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC (be back in the AM)

Link to post
Share on other sites

Chrome doesn't show up in this log or any others.

Try this:

Right-click your browser’s shortcut. Choose Properties. Go to Shortcut tab and navigate to Target line. There should be only your browser’s directory in the Targetline:

Internet Explorer – C:Program Files Internet Explorer iexplore.exe

Mozilla Firefox –C:Program FilesMozilla Firefoxfirefox.exe

Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe

-------------------------------------

Run shortcut cleaner if needed also:

http://www.bleepingcomputer.com/download/shortcut-cleaner/

MrC

Link to post
Share on other sites

Great!

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.