Jump to content

PUP infection ? harmful ? false

George_S

By George_S
in Resolved Malware Removal Logs

 Share

Recommended Posts

George_S

George_S

Posted
Posted

Hi,

Dell Latitude E6430  Win 7 64 bit  FIrewall and Antivirus  EMI Soft On-Line Armor

On-Line Armor did not detect anything on deep scan.

MalwareBytesquick scan detected 35 PUP problems - scan with /developer attached

Have been encountering some problems with OS apparently hanging when trying to open eg Log files using notepad.  Hangs and only way out is a hard reset.

I have NOT removed the reported problems as I do not know if they are valid or false positives.

 

I ran Security Check 317 with following results:

 

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
Emsisoft Anti-Malware   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Tall Emu Online Armor OAcat.exe 
 Tall Emu Online Armor oasrv.exe 
 Tall Emu Online Armor oaui.exe 
 Tall Emu Online Armor OAhlp.exe 
 Emsisoft Anti-Malware a2service.exe   
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Emsisoft Anti-Malware a2guard.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 

 

 

Please help

George_S

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello George_S! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
They are not false positives. Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites
George_S

George_S

Posted
  • Author
Posted

Hi Borislav, Tx for your reply.

I have downloaded and installed theMalwareBytes and updated it and have run a Quick Scan.

 

Note that the number of  entries has increased by about 20 since my last scan.

I have been having problems with Outlook 2010 Not responding and everything else freezing - only way out is hard reset

 

I have NOT attempted to remove any of the infected files found by MBAM   - do you want me to??

 

Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.06.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
George :: XXXXXXXX  administrator]
 
2013/12/06 06:40:05 PM
MBAM-log-2013-12-06 (18-43-43)_after New MBAM install.txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203736
Time elapsed: 2 minute(s), 29 second(s)
 
Memory Processes Detected: 1
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (PUP.Optional.DefaultTab.A) -> 1028 -> No action taken.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 26
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> No action taken.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
 
Registry Values Detected: 2
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.3.3.0 -> No action taken.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.3.3.0 -> No action taken.
 
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchResults) -> Bad: (http://www.mysearchresults.com/?c=3523&t=01) Good: (http://www.google.com) -> No action taken.
 
Folders Detected: 2
C:\Program Files (x86)\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab (PUP.Optional.DefaultTab.A) -> No action taken.
 
Files Detected: 24
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> No action taken.
C:\Users\George\AppData\Local\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\Downloads\SoftonicDownloader_for_peazip.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Program Files (x86)\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Program Files (x86)\DefaultTab\uid (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\addon.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\amazon_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\defaulttabuninstaller.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DT.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\ebay_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\facebook_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\searchhere.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\search_here_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\twitter_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\update.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\wikipedia_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.
 
(end)
 

 

Link to post
Share on other sites
George_S

George_S

Posted
  • Author
Posted

Hi, Apologies,  I did the DDS run and then on reading the instruction you referred to in your first reply followed the instruction there "

  • Then post a new topic here."   altho I could not see why this was required

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16428
Run by George at 13:24:02 on 2013-12-07
Microsoft Windows 7 Professional   6.1.7601.1.1252.27.1033.18.8133.5858 [GMT 2:00]
.
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\nvservice.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Online Armor\OAcat.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files (x86)\Password Safe\pwsafe.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\MEDITECH\MTAppDwn.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2guard.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
mRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PASSWO~1.LNK - C:\Program Files (x86)\Password Safe\pwsafe.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{3FC68F6B-411D-465A-A524-84B6160E5939} : DHCPNameServer = 172.16.8.105 172.16.9.105
TCP: Interfaces\{4C1259B8-827F-47F7-8151-4A69C327F07E} : DHCPNameServer = 192.168.1.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [@OnlineArmor GUI] "C:\Program Files (x86)\Online Armor\OAui.exe"
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-11-12 108832]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-11-17 317808]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-11-8 22128]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-11-12 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-11-12 183224]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-11-12 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-11-12 117024]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-11-11 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2013-11-11 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2013-11-11 17384]
R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2013-11-11 64720]
R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2013-11-11 52360]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-11-17 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-11-11 4161512]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-11-12 3783672]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-5 107520]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376]
R2 MTAppManager;MEDITECH Application Manager;C:\Program Files (x86)\MEDITECH\MTAppDwn.exe [2013-11-8 96712]
R2 nvservice;NVIDIA GuardService;C:\Windows\System32\nvservice.exe [2013-11-18 192800]
R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\OAcat.exe [2013-11-12 584864]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-10 383264]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-3-20 7084696]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-11-11 70960]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-11-12 367200]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-11-8 135720]
R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-11-11 57024]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-11-8 47752]
R3 d554gps;Dell Wireless  HSPA Mini-Card GPS Port;C:\Windows\System32\drivers\d554gps64.sys [2013-11-8 103184]
R3 d554scard;Dell Wireless  HSPA Mini-Card USIM Port;C:\Windows\System32\drivers\d554scard.sys [2013-11-8 61992]
R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2013-11-8 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2013-11-8 29736]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-8 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-8 788760]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]
R3 Mbm3CBus;Dell Wireless 5560 HSPA+ Mini-Card Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2013-11-8 443208]
R3 Mbm3DevMt;Dell Wireless  HSPA Mini-Card Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2013-11-8 453960]
R3 Mbm3mdfl;Dell Wireless  HSPA Mini-Card Modem Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2013-11-8 21832]
R3 Mbm3Mdm;Dell Wireless  HSPA Mini-Card Modem Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2013-11-8 506184]
R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2013-11-11 35368]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_Accel.sys [2013-11-8 89312]
R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2013-11-8 280448]
S1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2013-11-11 62008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-7 573952]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512]
S2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\OAsrv.exe [2013-11-12 4457688]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-18 111616]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-18 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-18 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-18 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-12 1255736]
.
=============== Created Last 30 ================
.
2013-12-07 06:40:43 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B6BC5A9-968C-4FC4-97F1-EE7ABB91BBDD}\mpengine.dll
2013-12-06 13:53:00 -------- d-----w- C:\Users\George\AppData\Local\Diagnostics
2013-12-05 05:51:59 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-12-05 05:51:45 -------- d-----w- C:\Users\George\AppData\Roaming\defaulttab
2013-12-04 08:13:34 -------- d-----w- C:\Users\George\.RippleDown
2013-12-04 08:08:15 -------- d-----w- C:\RippleDown 6.37
2013-12-03 09:59:32 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2013-12-03 09:59:06 -------- d-----w- C:\Windows\PCHEALTH
2013-12-03 09:59:06 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2013-12-03 09:56:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-03 09:55:13 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-12-03 09:55:13 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-11-24 06:39:00 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp4v2.dll
2013-11-24 06:38:26 130048 ----a-w- C:\Windows\System32\hpz3l4v2.dll
2013-11-23 10:32:16 -------- d-----w- C:\Users\George\AppData\Roaming\HpUpdate
2013-11-23 10:31:50 -------- d-----w- C:\Windows\Hewlett-Packard
2013-11-18 21:03:25 192800 ----a-w- C:\Windows\System32\nvservice.exe
2013-11-18 20:34:04 -------- d-----w- C:\Program Files\Speccy
2013-11-18 20:33:01 -------- d-----w- C:\Program Files\CCleaner
2013-11-18 17:58:27 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-11-18 17:58:26 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-11-18 17:36:29 -------- d--h--w- C:\Windows\msdownld.tmp
2013-11-18 04:53:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-11-17 06:19:15 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-11-17 06:17:14 -------- d-----w- C:\Users\George\AppData\Local\Trusteer
2013-11-17 06:17:05 -------- d-----w- C:\Program Files (x86)\Trusteer
2013-11-17 06:14:15 -------- d-----w- C:\ProgramData\Trusteer
2013-11-17 05:53:43 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-17 05:53:43 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-17 05:53:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-17 05:53:43 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-17 05:53:43 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-17 05:53:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-17 05:53:43 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-15 20:14:51 114688 ----a-w- C:\Windows\keymail.dll
2013-11-15 14:10:49 -------- d-----w- C:\UniScan
2013-11-15 14:09:14 803840 ----a-w- C:\Windows\System32\hpxp2436.dll
2013-11-15 14:09:14 728064 ----a-w- C:\Windows\System32\hp2436co.dll
2013-11-15 14:09:14 561664 ----a-w- C:\Windows\System32\hpgt2436.dll
2013-11-15 11:36:52 -------- d-----w- C:\ProgramData\WEBREG
2013-11-15 11:28:06 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2013-11-15 11:23:04 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2013-11-15 11:22:46 -------- d-----w- C:\Program Files (x86)\HP
2013-11-12 19:59:45 -------- d-----w- C:\Windows\SysWow64\Wat
2013-11-12 19:59:45 -------- d-----w- C:\Windows\System32\Wat
2013-11-12 08:32:38 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2013-11-12 08:32:32 1462560 ----a-w- C:\Windows\System32\drivers\tdrpman.sys
2013-11-12 08:32:25 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys
2013-11-12 08:32:24 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys
2013-11-12 08:32:17 161568 ----a-w- C:\Windows\System32\drivers\vididr.sys
2013-11-12 08:32:15 117024 ----a-w- C:\Windows\System32\drivers\vidsflt.sys
2013-11-12 08:32:13 233760 ----a-w- C:\Windows\System32\drivers\snapman.sys
2013-11-12 08:32:09 108832 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
2013-11-11 19:56:18 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Games
2013-11-11 19:55:18 -------- d-----w- C:\Program Files\Microsoft Games
2013-11-11 16:56:08 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2013-11-11 16:32:19 -------- d-----w- C:\Users\George\AppData\Local\Apps
2013-11-11 16:32:18 -------- d-----w- C:\Users\George\AppData\Local\Deployment
2013-11-11 13:09:50 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-11-11 13:09:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-11-11 13:09:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-11-11 13:09:50 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-11-11 13:09:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-11-11 13:09:50 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-11-11 13:09:50 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-11-11 12:51:36 -------- d-----w- C:\Windows\System32\MRT
2013-11-11 12:45:24 -------- d-----w- C:\Program Files (x86)\cGPSmapper
2013-11-11 12:40:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-11-11 12:40:35 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-11-11 12:40:35 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-11-11 12:40:35 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-11-11 12:40:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-11-11 12:39:30 -------- d-----w- C:\Users\George\T4A Previewer
2013-11-11 12:02:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-11-11 12:01:33 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-11-11 12:00:49 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-11 11:59:51 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-11-11 11:59:51 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-11-11 11:59:46 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-11-11 11:59:46 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-11-11 11:59:45 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-11-11 11:59:45 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-11-11 11:59:31 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-11-11 11:59:31 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2013-11-11 11:59:31 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-11-11 11:59:31 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-11-11 11:59:31 102400 ----a-w- C:\Windows\System32\davclnt.dll
2013-11-11 11:59:00 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-11-11 11:57:36 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-11-11 11:56:59 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2013-11-11 11:53:31 -------- d-----w- C:\Users\George\AppData\Roaming\NVIDIA
2013-11-11 11:53:29 -------- d-----w- C:\Users\George\AppData\Local\Garmin
2013-11-11 11:53:28 -------- d-----w- C:\ProgramData\Garmin
2013-11-11 11:53:00 -------- d-----w- C:\Users\George\AppData\Local\GARMIN_Corp
2013-11-11 11:48:08 -------- d-----w- C:\Program Files (x86)\Garmin
2013-11-11 11:48:07 -------- d-----w- C:\Users\George\AppData\Roaming\Garmin
2013-11-11 11:38:16 -------- d-----w- C:\Users\George\AppData\Roaming\Malwarebytes
2013-11-11 11:38:04 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-11 11:38:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-11 11:38:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 11:25:45 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-11 11:21:26 77312 ----a-w- C:\Windows\System32\packager.dll
2013-11-11 11:21:26 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-11-11 11:14:23 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-11-11 11:14:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-11-11 11:14:23 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-11-11 11:03:40 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-11-11 11:03:31 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-11-11 11:03:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-11-11 11:03:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-11-11 08:26:05 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2013-11-11 06:49:31 -------- d-----w- C:\Users\George\AppData\Local\Adobe
2013-11-11 06:45:03 -------- d-----w- C:\Users\George\AppData\Local\PasswordSafe
2013-11-11 06:38:25 -------- d-----w- C:\Users\George\AppData\Roaming\OnlineArmor
2013-11-11 06:38:25 -------- d-----w- C:\ProgramData\OnlineArmor
2013-11-11 06:37:01 64720 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys
2013-11-11 06:37:01 62008 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys
2013-11-11 06:37:01 52360 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys
2013-11-11 06:37:01 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys
2013-11-11 06:36:52 -------- d-----w- C:\Program Files (x86)\Online Armor
2013-11-11 06:34:21 -------- d-----w- C:\Users\George\AppData\Roaming\IrfanView
2013-11-11 06:34:18 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-11-11 06:26:22 -------- d-----w- C:\Program Files (x86)\Password Safe
2013-11-08 16:21:32 -------- d-----w- C:\Windows\Panther
2013-11-08 16:20:53 -------- d-----w- C:\Windows\System32\OEM
2013-11-08 16:20:53 -------- d-----w- C:\Hotfix
2013-11-08 09:54:13 -------- d-----w- C:\GEORGE
2013-11-08 08:45:10 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Help
2013-11-08 08:23:21 -------- d-----w- C:\Users\George\AppData\Roaming\Vodafone
2013-11-08 08:20:17 -------- d-----w- C:\Users\George\AppData\Local\Programs
2013-11-08 08:20:05 -------- d-----w- C:\ProgramData\Vodafone
2013-11-08 08:19:57 -------- d-----w- C:\Program Files (x86)\Vodafone
2013-11-08 08:19:26 8464 ----a-w- C:\Windows\SysWow64\SpOrder.dll
2013-11-08 08:19:10 -------- d-----w- C:\Users\George\AppData\Local\{F27ACCDD-3291-41C8-B815-948CA954C05F}
2013-11-08 08:17:47 -------- d-----w- C:\Program Files (x86)\Quest Software
2013-11-08 08:16:42 -------- d-----w- C:\Windows\System32\log
2013-11-08 08:16:21 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-11-08 08:15:58 -------- d-----w- C:\Users\George\AppData\Local\Trend Micro
2013-11-08 08:14:28 -------- d-----w- C:\Users\George\AppData\Local\Google
2013-11-08 08:13:20 -------- d-----w- C:\Program Files\MEDITECH
2013-11-08 08:13:15 -------- d-----w- C:\ProgramData\MEDITECH
2013-11-08 08:13:14 -------- d-----w- C:\Program Files (x86)\MEDITECH
2013-11-08 08:01:26 -------- d-----w- C:\Program Files\DellTPad
2013-11-08 07:59:58 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-08 07:59:26 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-08 07:59:26 6382880 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-08 07:59:26 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-08 07:59:26 3460896 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-08 07:59:26 2558240 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-08 07:59:26 118560 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-08 07:59:14 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-11-08 07:59:14 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-11-08 07:59:14 -------- d-----w- C:\temp
2013-11-08 07:59:09 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-11-08 07:58:54 31080 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-08 07:58:54 2824504 ----a-w- C:\Windows\System32\nvapi64.dll
2013-11-08 07:58:54 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-08 07:58:54 1814304 ----a-w- C:\Windows\System32\nvdispco64.dll
2013-11-08 07:58:54 1510176 ----a-w- C:\Windows\System32\nvdispgenco64.dll
2013-11-08 07:58:54 15052728 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2013-11-08 07:58:54 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-11-08 07:58:44 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-11-08 07:58:24 135720 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-11-08 07:58:00 113048 ----a-w- C:\Windows\System32\Vxdif.dll
2013-11-08 07:57:58 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2013-11-08 07:57:54 47752 ----a-w- C:\Windows\System32\drivers\cvusbdrv.sys
2013-11-08 07:57:46 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2013-11-08 07:57:46 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-11-08 07:57:46 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2013-11-08 07:53:30 22128 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys
2013-11-08 07:52:54 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-11-08 07:52:54 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-11-08 07:52:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-11-08 07:52:46 -------- d-----w- C:\Program Files\STMicroelectronics
2013-11-08 07:52:44 89312 ----a-w- C:\Windows\System32\drivers\ST_Accel.sys
2013-11-08 07:52:44 66640 ----a-w- C:\Windows\System32\stdcfltnco05.dll
2013-11-08 07:52:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2013-11-08 07:52:06 -------- d-----w- C:\Program Files (x86)\ST Microelectronics
2013-11-08 07:48:07 -------- d-sh--w- C:\Windows\Installer
2013-11-08 07:47:47 -------- d-----w- C:\Users\George\AppData\Local\Dell
2013-11-08 07:47:04 544568 ----a-w- C:\Windows\System32\PROUnstl.exe
2013-11-08 07:46:32 73032 ----a-w- C:\Windows\System32\e1cmsg.dll
2013-11-08 07:46:32 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2013-11-08 07:46:32 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2013-11-08 07:46:32 101224 ----a-w- C:\Windows\System32\NicInstC.dll
2013-11-08 07:45:47 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-11-08 07:45:34 -------- d-----w- C:\Intel
2013-11-08 07:45:32 -------- d-----w- C:\Dell
2013-11-08 06:30:07 -------- d-----w- C:\Users\George\AppData\Local\VirtualStore
.
==================== Find3M  ====================
.
2013-11-12 19:43:59 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-11 03:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
 
============= FINISH: 13:24:48.20 ===============
 
ATTACH
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 2013/11/08 08:29:52 AM
System Uptime: 2013/12/06 05:02:54 PM (20 hours ago)
.
Motherboard: Dell Inc. |  | 0H3MT5
Processor: Intel® Core i5-3320M CPU @ 2.60GHz | SOCKET 0 | 2601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 178.456 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP54: 2013/12/05 07:00:12 AM - Windows Update
RP55: 2013/12/05 07:22:34 AM - Restore point (PeaZip Setup)
RP56: 2013/12/05 06:06:43 PM - Windows Update
RP57: 2013/12/05 10:27:32 PM - Windows Update
RP58: 2013/12/06 07:00:16 AM - Windows Update
RP59: 2013/12/06 10:20:46 AM - Windows Update
RP60: 2013/12/06 03:56:40 PM - Windows Update
RP61: 2013/12/07 08:30:30 AM - Windows Update
RP62: 2013/12/07 09:42:55 AM - Restore point (C:\Users\George\Downloads\-1266489332TemplateDisk
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.8)
BufferChm
CCleaner
cGPSmapper Free 0100d
DefaultTab
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell Touchpad
Dell Wireless HSPA Mini-Card Drivers
Destinations
DocProc
DW WLAN Card Utility
Emsisoft Anti-Malware
Garmin BaseCamp
Garmin MapInstall
Garmin MapSource
Garmin MapSource Beta
Garmin USB Drivers
Google Chrome
Google Update Helper
GPBaseService2
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Scanjet 2400
HP Solution Center 13.0
HP Update
hpg2410
HPPhotosmartEssential
HPProductAssistant
Intel® Network Connections Drivers
IrfanView (remove only)
Malwarebytes Anti-Malware version 1.75.0.1300
MEDITECH Workstation3.x
MEDITECH Workstation4.x
Microsoft .NET Framework 4 Client Profile
Microsoft Mouse and Keyboard Center
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notepad++
NVIDIA 3D Vision Driver 311.00
NVIDIA Control Panel 311.00
NVIDIA Graphics Driver 311.00
NVIDIA Guard Service 1.0
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA nView 136.53
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0613
NVIDIA Stereoscopic 3D Driver
OCR Software by I.R.I.S. 13.0
Online Armor 6.0
Password Safe
Quest PuTTY 0.60_q1.129
Rapport
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 64-Bit Edition
SolutionCenter
Speccy
ST Microelectronics 3 Axis Digital Accelerometer Solution
Striata Reader
T4A Maps Botswana 
T4A Maps Free State/Eastern Cape/KZN
T4A Maps Gauteng and North
T4A Maps Namibia 
T4A Maps Western /Northern Cape 
True Image 2013
Trusteer Endpoint Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Vodafone Mobile Connect
WebReg
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0)
.
==== Event Viewer Messages From Past Week ========
.
2013/12/07 08:38:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition.
2013/12/07 08:30:14 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the syncagentsrv service.
2013/12/06 05:05:55 PM, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
2013/12/06 02:55:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2013/12/06 02:54:39 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2013/12/06 02:54:38 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2013/12/06 02:53:33 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2013/12/06 02:53:32 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
2013/12/06 02:53:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2013/12/06 02:53:15 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  a2injectiondriver discache OADevice oahlpXX RapportKE64 snapman spldr Wanarpv6
2013/12/05 07:52:15 AM, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
2013/12/05 06:29:30 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
2013/12/05 06:24:45 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.
2013/12/05 06:24:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
2013/12/05 06:23:45 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
2013/12/05 06:23:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [616]  - Reader monitor 'Mobile Broadband SIM Card Reader 0' received uncaught error code:  The device does not recognize the command.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [612]  - Reader insertion monitor error retry threshold reached:  The device does not recognize the command.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610]  - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL POWER: The device does not recognize the command.  If this error persists, your smart card or reader may not be functioning correctly. Command Header: 00 00 00 00
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610]  - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL GET_STATE: The device does not recognize the command.  If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX
2013/12/02 08:20:14 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Step 1

Please uninstall this application: DefaultTab

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites
George_S

George_S

Posted
  • Author
Posted

Ok - Done

 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by George on 2013/12/08 at 12:09:26.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013/12/08 at 12:22:11.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
ADW Log
 
# AdwCleaner v3.014 - Report created 08/12/2013 at 12:29:19
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : George - JNB-ELB-SOLG
# Running from : C:\Users\George\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [857 octets] - [08/12/2013 12:27:55]
AdwCleaner[s0].txt - [777 octets] - [08/12/2013 12:29:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [836 octets] ##########
 
 
MBAM
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.08.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
George :: JNB-ELB-SOLG [administrator]
 
2013/12/08 12:35:17 PM
mbam-log-2013-12-08 (12-35-17).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203819
Time elapsed: 3 minute(s), 9 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\Users\George\AppData\Local\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\George\Downloads\SoftonicDownloader_for_peazip.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
 
(end)
 
 
Tx - I presume all is well again.
 
Have you any idea where I might have picked up the Default Tab program?
 
Regards and Tx again :D
George_S
 
 
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

I have picked up Default Tab by clicking OK while installing a free program. :P

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Let me know how are things then.
Link to post
Share on other sites
  • 3 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.