Jump to content

Recommended Posts

Well, this was lovely coming home to find after a nice, romantic dinner. I removed all the files found (and further research suggests I MIGHT have gotten it all just doing that but I'm not certain), rebooted, and did a quick scan. Nothing is coming up now but I want to make sure I have gotten everything. Most of it is VisualBee but mixed in with it is some SearchProtect.A and a few other things. Please help because I've never tackled anything like this before.

 

***

*attempt at posting log*

 

So... it says my post is too long. Let me see if I can give you the short version.

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Austin :: AUSTIN-PC [administrator]

Protection: Disabled

1/8/2014 7:50:55 PM
mbam-log-2014-01-08 (19-50-55).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 460420
Time elapsed: 1 hour(s), 8 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 24
C:\Users\Austin\AppData\Local\BenchUpdater (PUP.Optional.BenchUpdater.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\Dic-Eng (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\GuideFiles (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeClient (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeClient\Domain (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.

Files Detected: 762
C:\Program Files (x86)\pcreginst\file_to_run.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389234320386 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\Temp\nskD689.tmp\StartSavin.exe (PUP.Optional.Adwareplugin) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\BenchUpdater\products.xml (PUP.Optional.BenchUpdater.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\StartupList.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Optimizer Pro\unins000.msg (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\VBeeClient.vsto (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\Dic-Eng\adj.exc (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\Dic-Eng\adv.exc (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\Dic-Eng\cntlist (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.
C:\Users\Austin\AppData\Local\VisualBeeExe\Dic-Eng\cntlist.rev (PUP.Optional.Visualbee) -> Quarantined and deleted successfully.

 

...

 

Yes, there is more.Help?

Link to post
Share on other sites

Hello AustinHaworth and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.17.2
Run by Austin at 11:24:37 on 2014-01-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8174.6364 [GMT -8:00]
.
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Austin\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry.exe
C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [NCsoft] <no file>
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\392a21aa-44b9-4a8c-b51b-78240dc3f633.exe /check
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0D90A738-779C-47FE-B7A2-8368C255D2D4} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0D90A738-779C-47FE-B7A2-8368C255D2D4}\D4363416C6C69637475627026596C6C6167656 : DHCPNameServer = 10.128.128.128
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\1tjuo6ra.default\

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Austin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2012-07-13 21:52; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-1 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-1 207904]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-9-3 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-9-3 439648]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-13 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-9-13 422216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-10-8 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-8 344064]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-13 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-23 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-12-23 113704]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-15 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-15 701512]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry.exe [2012-6-22 374112]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe [2012-6-22 451936]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-6-20 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-15 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-20 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-23 79672]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2013-6-6 25832]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-22 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-15 111616]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-9-24 18360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-26 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-26 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-20 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-09 05:26:14    --------    d-----w-    C:\Users\Austin\AppData\Local\{851D33C3-0B5D-4F2F-8098-0C0332717CF9}
2014-01-09 02:48:11    --------    d-s---w-    C:\Windows\SysWow64\Microsoft
2014-01-09 02:30:26    --------    d-----w-    C:\Users\Austin\AppData\Roaming\Optimizer Pro
2014-01-09 02:25:02    --------    d-----w-    C:\Program Files (x86)\Start Savin
2014-01-09 02:24:45    --------    d-----w-    C:\Users\Austin\AppData\Local\Start Savin
2014-01-09 02:24:45    --------    d-----w-    C:\Users\Austin\AppData\Local\SearchProtect
2014-01-09 02:24:45    --------    d-----w-    C:\Program Files (x86)\Bench
2014-01-09 02:24:42    --------    d-----w-    C:\ProgramData\VisualBee
2014-01-09 02:24:35    --------    d-----w-    C:\Program Files\pcreg
2014-01-09 02:24:30    --------    d-----w-    C:\Program Files (x86)\pcreginst
2014-01-08 21:19:13    --------    d-----w-    C:\Users\Austin\AppData\Local\{58AD4F6B-184B-496D-9EC7-7C7F7E39A717}
2014-01-07 21:02:00    --------    d-----w-    C:\Users\Austin\AppData\Local\{6C49CD10-6CCA-450D-8A46-998494626E0C}
2014-01-07 05:45:22    --------    d-----w-    C:\Users\Austin\AppData\Local\{58C511C3-2252-44AE-A74F-A201E5B32A8C}
2014-01-02 23:14:26    --------    d-----w-    C:\Users\Austin\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2014-01-02 23:01:12    --------    d-----w-    C:\Users\Austin\AppData\Roaming\My Battle for Middle-earth II Files
2014-01-01 08:17:24    --------    d-----w-    C:\Users\Austin\AppData\Roaming\My Battle for Middle-earth Files
2014-01-01 07:45:22    --------    d-----w-    C:\Program Files (x86)\EA GAMES
2013-12-26 10:33:26    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D856CD77-7E1F-4089-B12C-DB675FB79CA2}\offreg.dll
2013-12-25 22:33:54    --------    d-----w-    C:\Users\Austin\AppData\Local\{2AD7C114-F3A7-4CF8-BC53-F945EC69C9E0}
2013-12-24 05:17:42    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2013-12-22 23:54:30    --------    d-----w-    C:\Users\Austin\AppData\Local\{54D48635-56D7-4772-AAAB-ABB1B02EBD0E}
2013-12-17 03:29:46    --------    d-----w-    C:\Users\Austin\AppData\Local\{D0B50846-E8B2-4924-99C7-387F639BCAA4}
2013-12-15 16:34:20    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-15 16:34:20    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-15 16:34:19    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
2013-12-15 16:34:19    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2013-12-15 16:30:18    10285968    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D856CD77-7E1F-4089-B12C-DB675FB79CA2}\mpengine.dll
2013-12-15 16:29:00    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-12-15 16:29:00    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-12-15 16:28:58    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-12-15 16:28:58    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-12-15 16:28:54    230400    ----a-w-    C:\Windows\System32\drivers\portcls.sys
2013-12-15 16:28:53    116736    ----a-w-    C:\Windows\System32\drivers\drmk.sys
2013-12-15 16:28:51    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
2013-12-15 16:28:51    3155968    ----a-w-    C:\Windows\System32\win32k.sys
2013-12-15 16:28:51    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2013-12-15 16:28:49    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-12-15 16:28:49    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-12-15 16:27:57    202752    ----a-w-    C:\Windows\System32\scrrun.dll
2013-12-15 16:27:57    156160    ----a-w-    C:\Windows\System32\cscript.exe
2013-12-15 16:27:57    150016    ----a-w-    C:\Windows\System32\wshom.ocx
2013-12-15 16:27:57    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
2013-12-15 16:27:56    168960    ----a-w-    C:\Windows\System32\wscript.exe
2013-12-15 16:27:56    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
2013-12-15 16:27:56    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
2013-12-15 16:27:56    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
.
==================== Find3M  ====================
.
2013-12-24 05:17:20    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-24 05:17:20    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-12-24 05:17:20    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-12-24 05:17:19    43152    ----a-w-    C:\Windows\avastSS.scr
2013-12-24 05:17:12    439648    ----a-w-    C:\Windows\System32\drivers\aswNdisFlt.sys
2013-12-17 12:36:55    291944    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2013-12-17 12:36:55    291944    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2013-12-11 18:09:12    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:09:12    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-28 23:58:02    291944    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2013-11-28 11:08:28    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-19 11:33:38    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-06 21:59:45    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-10-24 06:40:14    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-10-24 06:40:13    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-10-24 06:40:10    28184    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2013-10-14 17:41:56    270824    ----a-w-    C:\Windows\System32\drivers\aswNdis2.sys
2013-10-14 17:41:56    131232    ----a-w-    C:\Windows\System32\drivers\aswFW.sys
2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
.
============= FINISH: 11:24:57.16 ===============
 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/20/2012 10:08:27 PM
System Uptime: 1/9/2014 11:01:55 AM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M5A78L-M LX PLUS
Processor: AMD FX-4100 Quad-Core Processor             | AM3R2 | 3600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 511.275 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP211: 12/31/2013 12:00:02 AM - Scheduled Checkpoint
RP212: 1/2/2014 2:59:56 PM - Installed DirectX
RP213: 1/2/2014 3:13:51 PM - Installed DirectX
RP214: 1/8/2014 6:31:21 PM - Restore Operation
RP215: 1/8/2014 6:42:18 PM - avast! antivirus system restore point
RP216: 1/8/2014 6:46:02 PM - Device Driver Package Install: Avast Network Service
RP217: 1/8/2014 6:47:44 PM - avast! antivirus system restore point
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7-Zip 9.20
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
AIM for Windows
Amazon Cloud Player
Amazon MP3 Downloader 1.0.17
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD AVIVO64 Codecs
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Assassin's Creed
Assassin's Creed Brotherhood
Assassin's Creed II
Assassin's Creed IV Black Flag
Assassin's Creed Revelations
Assassin's Creed® III v1.06
Audacity 2.0.3
avast! Internet Security
Batman: Arkham Asylum GOTY Edition
Batman: Arkham City GOTY
Batman: Arkham City™
Belkin N750 Dual Band Wireless USB Adapter
Bing Bar
Bonjour
BufferChm
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
City of Heroes
Copy
Crusader Kings II
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DJ_AIO_05_F4400_Software_Min
Dragon Age: Origins - Ultimate Edition
Dual-Core Optimizer
EPU-4 Engine
F4400
ffdshow v1.2.4422 [2012-04-09]
Google Chrome
Google Update Helper
GPBaseService2
Guild Wars 2
HP Customer Participation Program 13.0
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
HydraVision
iTunes
Java 7 Update 17
Java 7 Update 45 (64-bit)
Java Auto Updater
Junk Mail filter update
L.A. Noire
LAME v3.99.3 (for Windows)
LEGO Lord of the Rings
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mount & Blade
Mount & Blade: Warband
Mount & Blade: With Fire and Sword
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NCsoft Launcher
Nexus Mod Manager
NVIDIA PhysX
ooVoo
Open Broadcaster Software
OpenOffice.org 3.3
Origin
Overwolf
Paint.NET v3.5.10
Portal
Portal 2
Portal 2 Publishing Tool
PunkBuster Services
QuickTime
realMyst
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Rockstar Games Social Club
Scan
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Security Update for Microsoft .NET Framework 4.5 (KB2861208)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies
Sid Meier's Civilization V
Sid Meier's Pirates!
SimCity™
Skype™ 6.11
SmartWebPrinting
SolutionCenter
Star Wars - Battlefront II
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
Star Wars: The Old Republic
Status
Steam
Team Fortress 2
TeamSpeak 3 Client
The Battle for Middle-earth
The Battle for Middle-earth II
The Elder Scrolls V: Skyrim
The Lord of the Rings, The Rise of the Witch-king
The Sims 3
Tomb Raider
Toolbox
Total War: Shogun 2 - Assembly Kit
Total War: Shogun 2 - TEd
TrayApp
Ubisoft Game Launcher
Unity Web Player
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Uplay
Ventrilo Client for Windows x64
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XCOM: Enemy Unknown
.
==== Event Viewer Messages From Past Week ========
.
1/9/2014 11:07:20 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
1/9/2014 11:07:20 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/8/2014 6:24:36 PM, Error: Service Control Manager [7030]  - The pcregservice Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
1/6/2014 4:51:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010614-19999-01.
1/4/2014 9:25:58 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010414-19515-01.
1/4/2014 9:14:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010414-17035-01.
.
==== End Of File ===========================
 

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Austin on Fri 01/10/2014 at 14:12:38.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4238937527-1574768673-1630040253-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\visualbee"
Successfully deleted: [Folder] "C:\Users\Austin\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Austin\AppData\Roaming\optimizer pro"
Failed to delete: [Folder] "C:\Users\Austin\appdata\local\searchprotect"
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{02D257C3-29E8-4B35-99E3-B7708609DAB1}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{04D03A3A-198D-46BA-8DC0-F8638DD338C0}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{06286F2E-8C72-467D-B963-D67E9D7A78DE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{069FC6B3-4801-4796-92AF-AC49E9C346C6}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{073CD8EE-F236-436B-BA62-C29B5A433EA3}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{0A91C573-7872-45EF-AE8B-5D305C9CD593}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{0B7858B5-8F65-4D2D-8687-B8E863DDE942}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{11F5152B-B726-4A04-B461-EB626688C237}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{1320FEAD-EAAA-4004-8A1D-32E341ACCA9E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{17E715F9-2932-42CB-805B-5513D2928F25}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{18517A33-F07E-4964-AD7A-7B403B7DC43D}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{19940A8B-F87C-4B5B-A431-0A8EA0959DC2}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{1BB48596-7E4C-4FFA-BAC2-BCAF7CA6B5C7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{1DBA16E3-10CB-4EA3-9D58-105DFF9178EE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{23024F51-2E55-48FB-BD10-38713B0982EE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{23E0B329-BC77-4976-9E7E-931D3B278815}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{246A2675-75CD-48C9-B460-F1E6D96365FA}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{25CAB69F-DA4C-400A-830F-4DF4876F5B37}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2700D729-0CCD-4C29-B70F-1BB9A5F79AAE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{276B1D27-FD6D-401A-95AB-C4D971590F90}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{280DF26E-C292-4D30-9670-DB4CA34B58D3}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2AD7C114-F3A7-4CF8-BC53-F945EC69C9E0}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2B07D981-0555-474C-AA1D-32E8CBC22427}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2B4C612D-346D-4DDB-A557-F60B30548B50}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2ED72EB9-C013-4326-8BB9-84D833A7233D}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{2EFAD9C8-18BB-485E-9335-3EF3707BFFD2}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{3141BB2F-E7E4-4259-A1B0-2E42EF6A4D94}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{337ACF7A-2F36-4964-B4B2-E5B6346F1058}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{33A27D42-F19A-4678-9DB9-019371B0D8C6}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{35B2658C-0283-4B6E-8EC9-6F432A633E40}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{35DB7481-B84A-4468-8D3E-36D9AE8D00DA}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{37FE6B79-FF0D-4FFE-98D1-389F70ED5851}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{3A8B992D-2342-4383-A9DF-8E9B8CD328CF}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{40486754-02BD-40E3-BDD1-D82A008091D7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{448A18E7-B39D-40E2-9348-6DED381ECDEE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{4AE24163-FA6B-49BC-809B-E333D637C6AD}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{4CF9B843-66EC-46C2-9D6F-1E28297C4A05}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{52A90DAD-EFBB-4808-A370-D77F2535AA86}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{54D48635-56D7-4772-AAAB-ABB1B02EBD0E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{57226A8D-D922-40B2-BDF5-54C49188E4B6}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{58AD4F6B-184B-496D-9EC7-7C7F7E39A717}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{58C511C3-2252-44AE-A74F-A201E5B32A8C}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{5BB97605-CF95-4975-ADA8-FC13D1199CD1}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{5D971490-7DA2-4CEC-B3E7-4A71F3F082A7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{5EFF8070-707E-4DA7-94C1-94608DE0A4D9}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{63829CF2-4D16-45D2-8EB9-51D1B0A6C29B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{651342B6-50E7-4F7C-92E8-59E89D78B5EB}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{672CAB4E-2C21-436D-9D0C-03B0CAD9D89D}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{69A67B6B-50A5-42C0-8DD0-843A29E85500}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{69C2537C-0912-4D01-A65C-35B732797DE8}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{6A176F0B-8637-4F5F-A1D5-12374722CE50}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{6AEBC520-4187-4AAD-8E24-DFC456EFFD44}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{6B22B863-1722-4E04-9A75-9E795D58A2F5}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{6C49CD10-6CCA-450D-8A46-998494626E0C}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{707D2AAC-4916-4AC7-978B-72D241569211}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{71934D99-FF83-4B0D-9EB6-CD3A49F4E098}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{72AC6E97-D6D6-48F1-8C91-A4F4441A33DB}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7359B72D-18F6-4679-B0CE-8D5A70BCFA39}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7431CD81-DAC6-401C-8938-B466C74C94AF}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{745A3593-396C-400C-BB99-FFF49B9A8343}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{75563727-B6D4-4912-BEDD-7054177BC373}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7821FC06-A8A3-4C6A-933D-9498175FD10E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7A56464C-9FCF-400F-93F4-5B224429A72A}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7A8C4010-8EC6-4298-B33B-C90EC9F6D0B7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7D440DDE-F2CA-4146-AEB1-7293568E56F5}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{7FE30841-881C-49AA-8BF6-EA9D45C43603}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{81AC5CFA-A07C-4851-B849-18BB607EA53B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{835FB4AB-F3DA-4861-A79C-6C2CEC4528E7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{83C729FE-E961-4622-B506-3663FF56E5C3}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{851D33C3-0B5D-4F2F-8098-0C0332717CF9}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{86387FCF-1F88-4276-A3BB-CA578DFF2CB1}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{87A1FCA5-1AB0-4C38-8C6C-B3C0BF9AA099}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{87FE1CF0-1F0D-4740-BA2E-14B0C1769A52}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{88570584-3F4F-4CF7-8315-6731B2FA28AD}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{8981AFB8-6D17-44D7-8FC3-FF5D01FFFD1C}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{8AAE3DB4-6557-495C-B22F-A50355EFE83B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{8B564423-E210-49C6-B5DB-0ACD9A47AA85}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{8EF207BB-567B-4920-B346-08A5BD053303}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{90044446-8352-414E-96A2-AF485A38813E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{90BE6DAC-54DB-40A8-A4CB-C030D03C13E7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{919B568F-4304-4D1E-B2F1-4F14DA31E292}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{9268A8E4-B29E-4968-B7AC-B1E557D34140}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{94A24F0F-4AD6-4A8F-9D49-16594014E0E8}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{9A2C2835-9B4B-423D-ACED-2AAE038BEF48}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{9CC0662E-3323-491D-9DFA-320228AF2AC1}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{9E825D8B-2DBC-4ADF-A734-FE37CB69329E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{9F5FE55A-8BBD-4C81-899F-EDA4F891A896}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A2CDF715-A829-44F9-AC4D-4A2E5108218D}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A456EE34-9154-4F9F-AB15-C322508F7B2E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A59A1B3F-346E-40C9-B7D9-4C290A15F7FA}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A7A3D196-F3D9-4B72-86CD-D618892FC647}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A98B48CA-97A3-4932-B2BC-1167DBD2E9FB}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A9DACEEC-E37E-487B-9700-27930D4E3CD7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{A9E01461-5993-492A-A816-A82C201F32AA}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{ADF0AD10-99D7-4626-AB5F-1E3D786FA69E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B067DA6F-84E8-4ADA-9339-F1DBA42CD0CF}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B288715B-78B9-4111-8384-93EB3C217A9E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B3D1FCDE-4643-4E46-9388-B82A84F592CD}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B4BE7659-4855-4004-9CE4-820198E7AB7B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B63D782B-87B9-40D5-9E06-281DE522CE8B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B76F0B57-2560-4298-AF21-033BF252DA7A}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{B829EED4-2557-4476-BB87-0460B051103B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{C21C8518-C925-494D-AEDC-19D0563598E4}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{C7DF0565-B9A5-4A5A-B93D-DEBCAFF462DA}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{C7F00D95-058C-4012-9E04-9656AC06E485}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{C88E8C63-F814-49F3-A308-65F1BBB0F894}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{CACA931A-70B9-4359-A9F3-786FC4EB2F45}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{CAD682D4-0D31-4069-8672-B9B87988061E}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{CB202EE5-F8D8-4048-A54E-FAC14BEF8E83}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{CBB857C6-5E50-46CB-8BD9-27EE7297B725}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{CF1ECBDF-4EEC-453C-AA81-832C0E9E182C}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D012F614-5F7D-45D3-83EF-43770348615D}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D0B50846-E8B2-4924-99C7-387F639BCAA4}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D1C53E6C-6557-4EC8-BA68-448EED30C2BF}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D3EB4C97-9EF8-4219-AB83-FE21A23557D4}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D4B15D09-1AE5-4B91-AB5E-A594F52D7F05}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D65F242D-64DD-4F38-B214-51F1CD8D56D1}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{D79580F9-4F8A-4F81-B24A-ACBAEE9AF772}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{DE135C84-40DD-488D-A76C-F707C6C9C477}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{DEFD012E-CE1E-44F9-BE0E-8EBA8896154B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{DF13F7D2-BDFF-4DF3-8B8F-03849F6BBCB7}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{E220A991-6D27-4B50-89CE-42E68C004530}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{E2B96439-9877-4A4E-81AC-84C9FD526938}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{E2C5A42E-C9B0-4EDC-B8DA-1732E015994B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{EAA72BB0-5260-4C34-BC3D-9353DB044CFD}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{EC974707-96CC-4C23-8FBB-309BCFA1DE4B}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{ECD51A49-D5BB-4C1D-8D74-544B5A68F86F}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{EDC12802-6C5F-43BF-9518-BA2AEE707A87}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{EF2D0143-8031-496F-A20B-22DDBCC90CE4}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{EF39C32A-185B-47CB-9B62-FDD731B1B213}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{F0D4C7D1-3DED-483B-BBEC-40D31B52A286}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{F21B49AE-3A6C-46EC-A7E6-DB7E772228A5}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{F251B3F8-E81E-4AC2-9027-53EFA5B9C1D8}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{F3B71DCE-A7B9-4F59-8970-363C90176314}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{FD004B54-AC96-4821-B5AC-7F841B68A2B6}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{FD6F5C54-C55C-4A01-8DDA-EF4627D195FE}
Successfully deleted: [Empty Folder] C:\Users\Austin\appdata\local\{FE752BFC-2CAE-4189-997F-3DC84871EE6B}



~~~ FireFox

Successfully deleted: [File] C:\Users\Austin\AppData\Roaming\mozilla\firefox\profiles\1tjuo6ra.default\searchplugins\youtube-video-search.xml
Emptied folder: C:\Users\Austin\AppData\Roaming\mozilla\firefox\profiles\1tjuo6ra.default\minidumps [330 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 14:20:54.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

# AdwCleaner v3.016 - Report created 10/01/2014 at 14:26:05
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Austin - AUSTIN-PC
# Running from : C:\Users\Austin\Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Users\Austin\AppData\Local\Searchprotect
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Austin\AppData\Roaming\Mozilla\Firefox\Profiles\1tjuo6ra.default\prefs.js ]

Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1579 octets] - [10/01/2014 14:24:52]
AdwCleaner[s0].txt - [1518 octets] - [10/01/2014 14:26:05]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1578 octets] ##########
 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.10.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Austin :: AUSTIN-PC [administrator]

Protection: Enabled

1/10/2014 2:31:15 PM
mbam-log-2014-01-10 (14-31-15).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221253
Time elapsed: 4 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

If everything is fine now, last steps:

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner .

Step 4

Malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.