Jump to content

Recommended Posts

: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll

mWinlogon: Userinit = userinit.exe

BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll

BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: : {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 -

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -

x64-SSODL: WebCheck -

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\txh6odg7.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]

R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-31 46368]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]

R2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2012-11-21 42504]

R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-9 1771544]

R3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-12-26 36680]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-5 111616]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-19 59392]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-31 1255736]

.

=============== Created Last 30 ================

.

2013-12-27 03:31:40 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2013-12-27 02:57:52 -------- d-----w- C:\Users\Karla\AppData\Roaming\Malwarebytes

2013-12-27 02:57:47 -------- d-----w- C:\ProgramData\Malwarebytes

2013-12-27 02:57:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-12-27 02:57:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-27 02:57:13 -------- d-----w- C:\Users\Karla\AppData\Local\Programs

2013-12-14 17:25:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-12-14 04:14:18 -------- d-----w- C:\Users\Karla\AppData\Local\Diagnostics

2013-12-14 02:39:51 -------- d-sh--w- C:\found.001

2013-12-10 01:08:15 -------- d-sh--w- C:\found.000

.

==================== Find3M ====================

.

2013-12-14 05:11:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-14 05:11:19 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-12-07 09:16:11 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-11-06 03:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys

2013-11-05 03:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-11-01 05:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2013-11-01 04:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2013-10-25 04:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll

2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll

2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll

2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-10-01 06:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

.

============= FINISH: 21:51:04.68 ===============

AVG 2014 AntiVirus command line scanner

Copyright © 1992 - 2013 AVG Technologies

Program version 2014.0.4259, engine 2014.0.3658

Virus Database: Version 3658/6952 2013-12-26

03:08:31 Error 0xc007045d:

C:\$Recycle.Bin\S-1-5-21-3674322388-2709349281-2945842304-1001\$RTTOD7B\AVG 2012 Internet Security - 3 Users - 1 Year Keys.html

C:\Documents and Settings\ Locked file. Not tested.

C:\hiberfil.sys Locked file. Not tested.

C:\pagefile.sys Locked file. Not tested.

03:08:52 Error 0xc007045d:

C:\Program Files\Common Files\System\msadc\handler.reg

C:\ProgramData\Desktop\ Locked file. Not tested.

C:\ProgramData\Documents\ Locked file. Not tested.

C:\ProgramData\Favorites\ Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\05013015696c794a85852784a4b30a5c_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0b4a29edf406920a9b8a702069fda8b8_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\16764038a1a095ab049269e4c6386150_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\281600ef5f1267dd3321649a1f2a7684_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\28c41b2546e4188519b66f9e01ebd594_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2e58c635301001a8940bf92e228bd5bb_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\34ea72c786142614cce55691eac8eccf_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3904db3b4157b5509a0d7f141c27c477_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\393d3f19316b717a6d39f5b65f97ff66_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\43989a9732243b5933f7544b890f97ad_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5009ccee3be8cf43cf5eca8c83527e9c_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5085ae0e1a5591b8fd305719c313e12a_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5843d576556a57d0c09332b30b7def39_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\619c4d20f73dbd255bd617a5444c4d8b_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\637d2c37aa25c5518c40b747e8b450e9_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\686ff3b2c6189f79364d7a4ffed664e7_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\70e07525ba77d7ecb5530d0257351c69_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8af655f779d3deb7fa5a35ed61166e8f_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8e4d66f514c429a01587d792b1322375_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\97df1a42f173670647972796610aec42_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9822ee983e01aa7d70f0a39b382ddef3_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a691f00d39c14ec05d522df6fb8a0558_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\abf712a529fd79f78f4cb7beac7fa592_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ad6e3d433fd906653fca9655c2353ceb_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\affc5e51bdaf2f64ef1d44d2b714fed0_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b4f8b4daab3cb946c852485af79a7ccb_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c0973d782603ffa879c08822e0ae7da7_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c379e81fb70a43313cf24bd55f7f4830_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c4879bd3c595e551a0fff3448c36deca_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d13274a00c9d6e382fe8ec01832bb6b4_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\da994a46df1a2a97b731a5a0db6b5ea6_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\de3cf613e6f43d2df8732acb8fc18a38_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e805e30f753f970a7000c4f4e97bf359_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f3fdb9b22a0583436536bc7d2e0d3d70_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f658a8c5af612fce596181456063b720_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fdaf3b8d6e1ae7543274c1f0c09b7e77_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fdc6db89a7b2be8c2c795afd30bce6a2_15cd8ca9-d29d-4fc9-91ca-183ed4f136c5 Locked file. Not tested.

C:\ProgramData\Templates\ Locked file. Not tested.

C:\System Volume Information\ Locked file. Not tested.

C:\Users\Default\AppData\Local\History\ Locked file. Not tested.

C:\Users\Default\AppData\Local\Temporary Internet Files\ Locked file. Not tested.

C:\Users\Default\Cookies\ Locked file. Not tested.

C:\Users\Default\Documents\My Music\ Locked file. Not tested.

C:\Users\Default\Documents\My Pictures\ Locked file. Not tested.

C:\Users\Default\Documents\My Videos\ Locked file. Not tested.

C:\Users\Default\NetHood\ Locked file. Not tested.

C:\Users\Default\PrintHood\ Locked file. Not tested.

C:\Users\Default\Recent\ Locked file. Not tested.

C:\Users\Default\Templates\ Locked file. Not tested.

03:11:07 Error 0xc007045d:

C:\Users\Karla\AppData\Local\Diagnostics\2551478646\2013121417.000\

C:\Users\Karla\AppData\Local\History\ Locked file. Not tested.

03:11:10 Error 0xc007045d:

C:\Users\Karla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDYNWLZP\ErrorPageTemplate[2]

03:11:19 Error 0xc007045d:

C:\Users\Karla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1O0WFJUQ\ots_omniture_code[1].js

03:11:19 Error 0xc007045d:

C:\Users\Karla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1O0WFJUQ\pCAP6ILP1.gif

C:\Users\Karla\AppData\Local\Microsoft\Windows\UsrClass.dat Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\WebCache\V01.log Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp Locked file. Not tested.

C:\Users\Karla\AppData\Local\Microsoft\Windows\WebCacheLock.dat Locked file. Not tested.

03:12:10 Error 0xc007045d:

C:\Users\Karla\AppData\Roaming\Microsoft\Windows\Cookies\Low\OG9S5C2O.txt

C:\Users\Karla\Documents\My Music\ Locked file. Not tested.

C:\Users\Karla\Documents\My Pictures\ Locked file. Not tested.

C:\Users\Karla\Documents\My Videos\ Locked file. Not tested.

C:\Users\Karla\NetHood\ Locked file. Not tested.

C:\Users\Karla\NTUSER.DAT Locked file. Not tested.

C:\Users\Karla\ntuser.dat.LOG1 Locked file. Not tested.

C:\Users\Karla\ntuser.dat.LOG2 Locked file. Not tested.

C:\Users\Karla\PrintHood\ Locked file. Not tested.

C:\Users\Karla\Templates\ Locked file. Not tested.

C:\Users\Public\Documents\My Music\ Locked file. Not tested.

C:\Users\Public\Documents\My Pictures\ Locked file. Not tested.

C:\Users\Public\Documents\My Videos\ Locked file. Not tested.

03:12:31 Error 0xc007045d:

C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Locked file. Not tested.

C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Locked file. Not tested.

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Locked file. Not tested.

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 Locked file. Not tested.

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 Locked file. Not tested.

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Locked file. Not tested.

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 Locked file. Not tested.

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 Locked file. Not tested.

03:14:19 Error 0xc007045d:

C:\Windows\servicing\Sessions\

C:\Windows\System32\catroot2\edb.log Locked file. Not tested.

C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Locked file. Not tested.

C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Locked file. Not tested.

C:\Windows\System32\config\DEFAULT Locked file. Not tested.

C:\Windows\System32\config\DEFAULT.LOG1 Locked file. Not tested.

C:\Windows\System32\config\DEFAULT.LOG2 Locked file. Not tested.

C:\Windows\System32\config\RegBack\DEFAULT Locked file. Not tested.

C:\Windows\System32\config\RegBack\SAM Locked file. Not tested.

C:\Windows\System32\config\RegBack\SECURITY Locked file. Not tested.

C:\Windows\System32\config\RegBack\SOFTWARE Locked file. Not tested.

C:\Windows\System32\config\RegBack\SYSTEM Locked file. Not tested.

C:\Windows\System32\config\SAM Locked file. Not tested.

C:\Windows\System32\config\SAM.LOG1 Locked file. Not tested.

C:\Windows\System32\config\SAM.LOG2 Locked file. Not tested.

C:\Windows\System32\config\SECURITY Locked file. Not tested.

C:\Windows\System32\config\SECURITY.LOG1 Locked file. Not tested.

C:\Windows\System32\config\SECURITY.LOG2 Locked file. Not tested.

C:\Windows\System32\config\SOFTWARE Locked file. Not tested.

C:\Windows\System32\config\SOFTWARE.LOG1 Locked file. Not tested.

C:\Windows\System32\config\SOFTWARE.LOG2 Locked file. Not tested.

C:\Windows\System32\config\SYSTEM Locked file. Not tested.

C:\Windows\System32\config\SYSTEM.LOG1 Locked file. Not tested.

C:\Windows\System32\config\SYSTEM.LOG2 Locked file. Not tested.

03:14:49 Error 0xc007045d:

C:\Windows\System32\en-US\getmac.exe.mui

C:\Windows\System32\LogFiles\WMI\RtBackup\ Locked file. Not tested.

03:15:20 Error 0xc007045d:

C:\Windows\SysWOW64\en-US\aeevts.dll.mui

Link to post
Share on other sites

Hello dmtdaveo and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

attach file:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/31/2012 8:28:31 AM
System Uptime: 12/30/2013 5:48:23 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0G848F
Processor: Intel® Pentium® Dual  CPU  T3400  @ 2.16GHz | Microprocessor | 2167/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 71.27 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.05)
AVG 2014
AVG Security Toolbar
Google Chrome
Google Update Helper
Java 7 Update 45
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
TelevisionFanatic Toolbar
Tiny Media Player v1.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
.
==== Event Viewer Messages From Past Week ========
.
12/30/2013 6:06:25 PM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort0.
12/30/2013 5:48:55 PM, Error: cdrom [15]  - The device, \Device\CdRom0, is not ready for access yet.
12/30/2013 5:48:55 PM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort1.
12/30/2013 5:48:36 PM, Error: Ntfs [137]  - The default transaction resource manager on volume C: encountered a non-retryable error and could not start.  The data contains the error code.
12/26/2013 9:39:58 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:39:55 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:39:55 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/26/2013 9:39:55 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/26/2013 9:39:53 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/26/2013 9:39:48 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/26/2013 9:39:42 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgdiska AVGIDSDriver Avgldx64 discache ElbyCDIO spldr Wanarpv6
12/26/2013 9:39:42 PM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:37:18 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:17 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/26/2013 9:37:17 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/26/2013 9:37:04 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:37:04 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/26/2013 9:25:46 PM, Error: Service Control Manager [7024]  - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023779.
12/26/2013 9:25:46 PM, Error: Microsoft-Windows-Bits-Client [16392]  - The BITS service failed to start.  Error 0x8007045D.
12/26/2013 9:25:38 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the TelevisionFanaticService service to connect.
12/26/2013 9:25:38 PM, Error: Service Control Manager [7000]  - The TelevisionFanaticService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/26/2013 9:02:50 PM, Error: cdrom [15]  - The device, \Device\CdRom1, is not ready for access yet.
12/26/2013 9:01:52 PM, Error: Service Control Manager [7043]  - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
12/26/2013 8:57:16 PM, Error: cdrom [15]  - The device, \Device\CdRom2, is not ready for access yet.
12/26/2013 8:52:33 PM, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{BE2DECF0-5CD7-48D1-B931-A9092B1CC739} because another computer on the network has the same name.  The server could not start.
.
==== End Of File ===========================
 

dds file:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Karla at 18:06:17 on 2013-12-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4058.2484 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Karla\Downloads\mbam-setup-1.75.0.1300(1).exe
C:\Users\Karla\AppData\Local\Temp\is-QV6EQ.tmp\mbam-setup-1.75.0.1300(1).tmp
C:\Users\Karla\Downloads\mbam-setup-1.75.0.1300(1).exe
C:\Users\Karla\AppData\Local\Temp\is-AHOJA.tmp\mbam-setup-1.75.0.1300(1).tmp
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
mWinlogon: Userinit = userinit.exe
BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
mRun: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BE2DECF0-5CD7-48D1-B931-A9092B1CC739} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BE2DECF0-5CD7-48D1-B931-A9092B1CC739}\2375942554631313 : DHCPNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Karla\AppData\Roaming\Mozilla\Firefox\Profiles\txh6odg7.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-31 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2012-11-21 42504]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-9 1771544]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-5 111616]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-12-26 36680]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-19 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-31 1255736]
.
=============== Created Last 30 ================
.
2013-12-27 03:31:40    36680    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-27 02:57:52    --------    d-----w-    C:\Users\Karla\AppData\Roaming\Malwarebytes
2013-12-27 02:57:47    --------    d-----w-    C:\ProgramData\Malwarebytes
2013-12-27 02:57:46    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-12-27 02:57:46    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 02:57:13    --------    d-----w-    C:\Users\Karla\AppData\Local\Programs
2013-12-14 17:25:06    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-14 04:14:18    --------    d-----w-    C:\Users\Karla\AppData\Local\Diagnostics
2013-12-14 02:39:51    --------    d-sh--w-    C:\found.001
2013-12-10 01:08:15    --------    d-sh--w-    C:\found.000
.
==================== Find3M  ====================
.
2013-12-14 05:11:19    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-14 05:11:19    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-07 09:16:11    46368    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2013-11-06 03:55:48    150808    ----a-w-    C:\Windows\System32\drivers\avgdiska.sys
2013-11-05 03:52:42    240920    ----a-w-    C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-01 05:00:18    212280    ----a-w-    C:\Windows\System32\drivers\avgldx64.sys
2013-11-01 04:49:46    294712    ----a-w-    C:\Windows\System32\drivers\avgloga.sys
2013-10-25 04:25:58    194872    ----a-w-    C:\Windows\System32\drivers\avgidsha.sys
2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35    1474048    ----a-w-    C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25    1168384    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31    190464    ----a-w-    C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17    197120    ----a-w-    C:\Windows\System32\credui.dll
2013-10-04 02:24:49    1930752    ----a-w-    C:\Windows\System32\authui.dll
2013-10-04 01:58:50    152576    ----a-w-    C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25    168960    ----a-w-    C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00    1796096    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
.
============= FINISH: 18:06:34.19 ===============
 

Link to post
Share on other sites

Step 1

Please uninstall the following applications:

AVG Security Toolbar

TelevisionFanatic Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 6

  • Download on the desktop RogueKiller (32-bit version) or RogueKiller (64-bit version)
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.
  • Note: Don't fix anything without my instructions

    In your next reply, post the following log files:

    • Junkware Removal Tool log
    • AdwCleaner log
    • Malwarebytes' Anti-Malware log
    • RogueKiller log
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.