Jump to content

Recommended Posts

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)

(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 9.0.8112.16455

Run by Eugene at 17:38:00 on 2014-02-02

Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.4086.1887 [GMT -5:00]

.

AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

C:\Program Files (x86)\MyPC Backup\BackupStack.exe

C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\Eugene\AppData\Local\Akamai\netsession_win.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXE

C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Eugene\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.



uProxyOverride = <local>;*.local

mWinlogon: Userinit = userinit.exe

BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>

BHO: SaveSense: {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll

BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>

BHO: Privacy Safeguard BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [AdobeBridge] <no file>

mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"

mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"

mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

mRun: [updateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [updatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

mRun: [updatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

StartupFolder: C:\Users\Eugene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

TCP: NameServer = 207.69.188.185 207.69.188.186 207.69.188.187 192.168.1.1

TCP: Interfaces\{A6F96CD4-D251-4457-A585-11382A3C1DB3} : DHCPNameServer = 207.69.188.185 207.69.188.186 207.69.188.187 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll

AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome



x64-BHO: Privacy Safeguard BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [HP Remote Software] C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe

x64-Run: [iAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

x64-Run: [smartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Eugene\AppData\Roaming\Mozilla\Firefox\Profiles\94f37clq.default\

FF - prefs.js: browser.search.selectedEngine - Conduit Search


FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Users\Eugene\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

FF - ExtSQL: 2014-02-02 00:41; {2fab2e94-d6f9-42de-8839-3510cef6424b}; C:\Users\Eugene\AppData\Roaming\Mozilla\Firefox\Profiles\94f37clq.default\extensions\{2fab2e94-d6f9-42de-8839-3510cef6424b}

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]

R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-3-7 46368]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]

R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-1-27 36392]

R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-1-29 2301216]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-2 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-2 701512]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-8 1771544]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-2 25928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-19 1255736]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2014-02-02 17:43:52 -------- d-----w- C:\Users\Eugene\AppData\Roaming\Malwarebytes

2014-02-02 17:43:46 -------- d-----w- C:\ProgramData\Malwarebytes

2014-02-02 17:43:45 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-02 17:43:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-02 17:43:33 -------- d-----w- C:\Users\Eugene\AppData\Local\Programs

2014-02-02 05:41:51 -------- d-----w- C:\Program Files (x86)\SaveSense

2014-02-02 05:41:19 -------- d-----w- C:\Users\Eugene\AppData\Local\SearchProtect

2014-02-02 05:41:19 -------- d-----w- C:\Program Files (x86)\SearchProtect

2014-02-02 05:41:06 -------- d-----w- C:\Program Files (x86)\MyPC Backup

2014-02-02 05:41:01 -------- d-----w- C:\ProgramData\Deskshare

2014-02-02 05:40:56 -------- d-----w- C:\Users\Eugene\AppData\Local\DeskShare Data

2014-02-02 05:40:50 -------- d-----w- C:\Users\Eugene\AppData\Local\Spoon

2014-02-02 05:40:46 -------- d-----w- C:\Program Files (x86)\Deskshare

2014-01-13 22:23:23 -------- d-----w- C:\Users\Eugene\AppData\Local\ElevatedDiagnostics

2014-01-06 07:47:30 -------- d-----w- C:\Users\Eugene\AppData\Local\Blizzard Entertainment

2014-01-05 06:25:49 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2014-01-05 06:25:49 -------- d-----w- C:\Program Files (x86)\World of Warcraft

2014-01-05 06:25:49 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2014-01-05 06:23:40 -------- d-----w- C:\ProgramData\Battle.net

.

==================== Find3M  ====================

.

2014-01-22 18:12:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-22 18:12:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-11-10 18:09:43 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-11-06 02:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys

2013-11-05 02:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

.

============= FINISH: 17:38:22.62 ===============

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 11/17/2012 10:08:39 PM

System Uptime: 2/2/2014 5:13:43 PM (0 hours ago)

.

Motherboard: PEGATRON CORPORATION |  | Benicia

Processor: Pentium® Dual-Core  CPU      E5200  @ 2.50GHz | CPU 1 | 2400/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 284 GiB total, 176.48 GiB free.

D: is FIXED (NTFS) - 14 GiB total, 1.878 GiB free.

E: is CDROM ()

F: is Removable

G: is FIXED (NTFS) - 466 GiB total, 89.919 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP83: 12/29/2013 1:10:49 PM - Scheduled Checkpoint

RP84: 1/5/2014 2:52:25 PM - Scheduled Checkpoint

RP85: 1/12/2014 3:11:34 PM - Scheduled Checkpoint

RP86: 1/22/2014 7:40:47 PM - Scheduled Checkpoint

RP87: 2/1/2014 12:46:29 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Dreamweaver CS5.5

Adobe Flash Player 11 ActiveX

Adobe Flash Player 12 Plugin

Adobe Help Manager

Adobe Reader XI (11.0.06)

Adobe Widget Browser

AIM for Windows

Akamai NetSession Interface

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Asoftech Photo Recovery

AVG 2014

AVG Security Toolbar

Bonjour

CCleaner

Compatibility Pack for the 2007 Office system

CyberLink DVD Suite Deluxe

DirectX for Managed Code Update (Summer 2004)

Download Updater (AOL Inc.)

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

HP Active Support Library

HP Advisor

HP Customer Experience Enhancements

HP Games

HP MediaSmart Demo

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP Odometer

HP Picasso Media Center Add-In

HP Recovery Manager RSS

HP Remote Software

HP Support Information

HP Total Care Setup

HP Update

HPAsset component for HP Active Support Library

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

iTunes

LabelPrint

League of Legends

LightScribe System Software

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Mozilla Firefox 26.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Screen Recorder 4

MyPC Backup 

OpenOffice.org 3.4.1

Pando Media Booster

ParetoLogic Data Recovery

PictureMover

Power2Go

PowerDirector

Privacy SafeGuard version 1.1

Python 2.6 pywin32-212

Python 2.6.1

Realtek High Definition Audio Driver

Recuva

SaveSense (remove only)

Search Protect

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Skype Click to Call

Skype™ 6.11

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Visual Studio 2010 x64 Redistributables

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

VLC media player 2.0.8

WinRAR 4.20 (32-bit)

World of Warcraft

.

==== Event Viewer Messages From Past Week ========

.

2/2/2014 5:02:59 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

2/2/2014 5:02:59 PM, Error: Service Control Manager [7000]  - The Computer Backup (MyPC Backup) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

1/26/2014 3:28:14 AM, Error: Service Control Manager [7023]  - The Windows Time service terminated with the following error:  A system shutdown is in progress.

.

==== End Of File ===========================

 

 

I tried scanning with rogue killer by the way but it freezes at chrome.exe

Link to post
Share on other sites

OK, please do this scan:

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.