Jump to content

Spigot malware

Fish09

By Fish09
in Resolved Malware Removal Logs

 Share

Recommended Posts

Fish09

Fish09

Posted
Posted

I recently downloaded Overwolf on the 16th and I think it may have installed Spigot onto my computer because everytime I use chrome and try to open a new tab it takes it to some yahoo page and then I look in settings and my default search is some weird yahoo page.  I was wondering if this program is a keylogger and if I'll have to change all my passwords, and if just doing a system reset before I downloaded Overwolf would erase this program entirely. I also did a sweep using Malware and it found 17 things and I deleted them but the program is still there and when I did another scan it didn't mark the Spigot file as malware.  Both of the scans were full sweeps and they are attach to this post as well.

 

Here are the request files via the pinned post I read

 

Attach:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 6/28/2013 4:48:19 PM
System Uptime: 2/20/2014 8:05:52 AM (9 hours ago)
.
Motherboard: ECS |  | A75F2-A2
Processor: AMD A10-6800K APU with Radeon HD Graphics   | P0 | 4100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 977 GiB total, 674.122 GiB free.
D: is CDROM ()
R: is FIXED (NTFS) - 866 GiB total, 841.625 GiB free.
Z: is FIXED (NTFS) - 20 GiB total, 19.433 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP40: 2/4/2014 8:46:48 PM - Windows Update
RP41: 2/11/2014 10:06:06 PM - Windows Update
RP42: 2/16/2014 1:08:27 PM - Driver Booster : NVIDIA GeForce GTX 660
RP43: 2/20/2014 12:54:41 AM - Removed WinZip 18.0
.
==== Installed Programs ======================
.
7 Days to Die
7 Days to Die - Alpha version 0.9.1
A Game of Thrones version 0.4.7.2
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Alan Wake
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG SafeGuard toolbar
BioShock
BioShock 2
BioShock Infinite
Bonjour
Borderlands 2
CCleaner
CDBurnerXP
CleanUp!
Crusader Kings II
DayZ
DEFCON
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Democracy 3
Desura
Desura: Dominions 4: Thrones of Ascension
Desura: Project Zomboid
Dishonored
Don't Starve
Driver Booster
Endless Space
Europa Universalis IV
f.lux
Fallout
Godus
GOG.com Downloader version 3.5.8
Google Chrome
Google Update Helper
Guild Wars 2
IObit Apps Toolbar v8.7
IObit Malware Fighter
IObit Uninstaller
iTunes
Java 7 Update 17
Java 7 Update 25
Java Auto Updater
Just Cause 2
Kenshi
Launchpad Enhanced
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Miasmata
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mount & Blade: Warband
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
Nether Launcher
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.5
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Update 4.11.9
NVIDIA Update Components
Origin
Overwolf
Pando Media Booster
PerformanceTest v8.0
Prison Architect
Realtek High Definition Audio Driver
Rust
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SimCity™
Smart Defrag 3
SpywareBlaster 5.0
Star Wars Galaxies: Complete Online Adventures
Starbound
StarForge Alpha
Start Menu 8
State of Decay
Steam
Surfing Protection
TeamSpeak 3 Client
TeamViewer 8
Terraria
The Age of Decadence
The Elder Scrolls V: Skyrim
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
The Wolf Among Us
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Victoria II
VIPRE Antivirus
VLC media player 2.0.7
.
==== Event Viewer Messages From Past Week ========
.
2/20/2014 8:07:45 AM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
2/20/2014 12:19:46 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/20/2014 12:19:46 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/16/2014 9:24:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {7022A3B3-D004-4F52-AF11-E9E987FEE25F}  and APPID  {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}  to the user PIKE\User SID (S-1-5-21-2073002033-1629563174-664864982-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16798  BrowserJavaVersion: 10.25.2
Run by User at 17:24:43 on 2014-02-20
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8131.6311 [GMT -5:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
R:\Desura\desura.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Desura] R:\Desura\desura.exe -autostart
uRun: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0D5B9003-E766-4B20-9A4C-83470DDD5E41} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Slick Savings: {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - 
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2013-12-31 80640]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2013-12-31 25344]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-31 21184]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-31 881440]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-2-7 807800]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-7-3 341824]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-20 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-20 701512]
R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;C:\Windows\System32\Drivers\sbapifs.sys [2011-11-29 74872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2011-12-19 173424]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-3 4150112]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-2-1 1772056]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-7-3 23048]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-20 25928]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-7-3 34848]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-2-16 838872]
R3 sbwtis;sbwtis;C:\Windows\System32\Drivers\sbwtis.sys [2011-12-19 84600]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-7-3 23016]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S1 SBRE;SBRE;C:\Windows\System32\Drivers\sbredrv.sys [2013-7-23 57976]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-31 2151200]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-8-11 131912]
S3 DIRECTIO;DIRECTIO;C:\Program Files\PerformanceTest\DirectIo64.sys [2013-7-3 25704]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-2-13 98560]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
.
=============== Created Last 30 ================
.
2014-02-20 05:48:37 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 05:48:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-20 05:48:12 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-20 05:48:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 05:31:55 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-02-20 05:31:37 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-17 05:34:07 -------- d-----w- C:\Users\User\AppData\Local\Introversion
2014-02-16 22:42:04 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2014-02-16 21:31:08 257200 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10233.bin
2014-02-16 18:02:18 -------- d-----w- C:\ProgramData\Overwolf
2014-02-14 01:49:38 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2014-02-14 01:49:37 -------- d-----w- C:\Program Files (x86)\Overwolf
2014-02-14 01:47:42 -------- d-----w- C:\Users\User\AppData\Local\Overwolf
2014-02-12 02:04:03 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-12 02:02:37 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 02:02:37 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 02:02:36 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 02:02:35 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-01 19:11:38 -------- d-----w- C:\Users\User\AppData\Local\AVG SafeGuard toolbar
2014-02-01 19:10:28 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-02-01 19:10:19 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-02-01 19:10:17 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-02-01 19:10:17 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-28 21:19:05 -------- d-----w- C:\Program Files\iPod
2014-01-28 21:19:04 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 21:19:04 -------- d-----w- C:\Program Files\iTunes
2014-01-28 21:19:04 -------- d-----w- C:\Program Files (x86)\iTunes
2014-01-28 06:12:09 -------- d-----w- C:\Users\User\AppData\Roaming\TS3Client
2014-01-28 06:11:05 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-01-25 17:55:15 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2014-01-25 17:55:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2014-01-25 17:55:15 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2014-01-25 17:55:15 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2014-01-25 17:55:14 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-01-25 17:55:14 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2014-01-25 17:55:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-01-25 17:55:14 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-01-25 17:55:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2014-01-25 17:55:13 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-01-25 17:55:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2014-01-25 17:55:13 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-01-25 17:54:34 -------- d-----w- C:\Nether
2014-01-25 17:31:52 -------- d-----w- C:\Program Files\NetherLauncher
2014-01-22 03:18:44 -------- d-----w- C:\Users\User\AppData\Local\FluxSoftware
.
==================== Find3M  ====================
.
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 15:40:32 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-11-25 23:17:47 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
============= FINISH: 17:25:31.82 ===============
 

 

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum.

Please run a Quick Scan with Malwarebytes and post the log:

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

---------------------

Then please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)

(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites
Fish09

Fish09

Posted
  • Author
Posted

OK here are the logs 

 

---------------------------------

 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.20.01
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
User :: PIKE [administrator]
 
Protection: Enabled
 
2/20/2014 7:48:13 PM
mbam-log-2014-02-20 (19-48-13).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 235245
Time elapsed: 3 minute(s), 42 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 6/28/2013 4:48:19 PM
System Uptime: 2/20/2014 8:05:52 AM (11 hours ago)
.
Motherboard: ECS |  | A75F2-A2
Processor: AMD A10-6800K APU with Radeon HD Graphics   | P0 | 4100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 977 GiB total, 673.872 GiB free.
D: is CDROM ()
R: is FIXED (NTFS) - 866 GiB total, 841.625 GiB free.
Z: is FIXED (NTFS) - 20 GiB total, 19.433 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP40: 2/4/2014 8:46:48 PM - Windows Update
RP41: 2/11/2014 10:06:06 PM - Windows Update
RP42: 2/16/2014 1:08:27 PM - Driver Booster : NVIDIA GeForce GTX 660
RP43: 2/20/2014 12:54:41 AM - Removed WinZip 18.0
.
==== Installed Programs ======================
.
7 Days to Die
7 Days to Die - Alpha version 0.9.1
A Game of Thrones version 0.4.7.2
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Alan Wake
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG SafeGuard toolbar
BioShock
BioShock 2
BioShock Infinite
Bonjour
Borderlands 2
CCleaner
CDBurnerXP
CleanUp!
Crusader Kings II
DayZ
DEFCON
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Democracy 3
Desura
Desura: Dominions 4: Thrones of Ascension
Desura: Project Zomboid
Dishonored
Don't Starve
Driver Booster
Endless Space
Europa Universalis IV
f.lux
Fallout
Godus
GOG.com Downloader version 3.5.8
Google Chrome
Google Update Helper
Guild Wars 2
IObit Apps Toolbar v8.7
IObit Malware Fighter
IObit Uninstaller
iTunes
Java 7 Update 17
Java 7 Update 25
Java Auto Updater
Just Cause 2
Kenshi
Launchpad Enhanced
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Miasmata
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mount & Blade: Warband
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
Nether Launcher
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.5
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Update 4.11.9
NVIDIA Update Components
Origin
Overwolf
Pando Media Booster
PerformanceTest v8.0
Prison Architect
Realtek High Definition Audio Driver
Rust
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SimCity™
Smart Defrag 3
SpywareBlaster 5.0
Star Wars Galaxies: Complete Online Adventures
Starbound
StarForge Alpha
Start Menu 8
State of Decay
Steam
Surfing Protection
TeamSpeak 3 Client
TeamViewer 8
Terraria
The Age of Decadence
The Elder Scrolls V: Skyrim
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
The Wolf Among Us
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Victoria II
VIPRE Antivirus
VLC media player 2.0.7
.
==== Event Viewer Messages From Past Week ========
.
2/20/2014 8:07:45 AM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
2/20/2014 12:19:46 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/20/2014 12:19:46 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/16/2014 9:24:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {7022A3B3-D004-4F52-AF11-E9E987FEE25F}  and APPID  {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}  to the user PIKE\User SID (S-1-5-21-2073002033-1629563174-664864982-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16798  BrowserJavaVersion: 10.25.2
Run by User at 19:53:13 on 2014-02-20
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8131.6109 [GMT -5:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Desura] R:\Desura\desura.exe -autostart
uRun: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0D5B9003-E766-4B20-9A4C-83470DDD5E41} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Slick Savings: {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - 
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-02-20 22:44:58 255664 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10234.bin
2014-02-20 05:48:37 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 05:48:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-20 05:48:12 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-20 05:48:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 05:31:55 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-02-20 05:31:37 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-17 05:34:07 -------- d-----w- C:\Users\User\AppData\Local\Introversion
2014-02-16 22:42:04 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2014-02-16 18:02:18 -------- d-----w- C:\ProgramData\Overwolf
2014-02-14 01:49:38 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2014-02-14 01:49:37 -------- d-----w- C:\Program Files (x86)\Overwolf
2014-02-14 01:47:42 -------- d-----w- C:\Users\User\AppData\Local\Overwolf
2014-02-12 02:04:03 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-12 02:02:37 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 02:02:37 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 02:02:36 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 02:02:35 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-01 19:11:38 -------- d-----w- C:\Users\User\AppData\Local\AVG SafeGuard toolbar
2014-02-01 19:10:28 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-02-01 19:10:19 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-02-01 19:10:17 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-02-01 19:10:17 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-28 21:19:05 -------- d-----w- C:\Program Files\iPod
2014-01-28 21:19:04 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 21:19:04 -------- d-----w- C:\Program Files\iTunes
2014-01-28 21:19:04 -------- d-----w- C:\Program Files (x86)\iTunes
2014-01-28 06:12:09 -------- d-----w- C:\Users\User\AppData\Roaming\TS3Client
2014-01-28 06:11:05 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-01-25 17:55:15 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2014-01-25 17:55:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2014-01-25 17:55:15 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2014-01-25 17:55:15 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2014-01-25 17:55:14 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-01-25 17:55:14 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2014-01-25 17:55:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-01-25 17:55:14 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-01-25 17:55:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2014-01-25 17:55:13 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-01-25 17:55:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2014-01-25 17:55:13 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-01-25 17:54:34 -------- d-----w- C:\Nether
2014-01-25 17:31:52 -------- d-----w- C:\Program Files\NetherLauncher
2014-01-22 03:18:44 -------- d-----w- C:\Users\User\AppData\Local\FluxSoftware
.
==================== Find3M  ====================
.
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 15:40:32 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-11-25 23:17:47 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
============= FINISH: 19:53:32.83 ===============
 
 
 
 
RogueKiller V8.8.8 _x64_ [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : User [Admin rights]
Mode : Scan -- Date : 02/20/2014 19:57:22
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD20 EFRX-68AX9N0 SATA Disk Device +++++
--- User ---
[MBR] 0d53da561e6eb5fdefe2aed1c5877456
[bSP] 8b5b45faa5496755c76cc27a90b6a5e2 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_02202014_195722.txt >>
 
 
 
 
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Start with this:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then........

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Last........

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites
Fish09

Fish09

Posted
  • Author
Posted
# AdwCleaner v3.019 - Report created 20/02/2014 at 20:28:31

# Updated 17/02/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : User - PIKE

# Running from : C:\Users\User\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : Application Updater

[#] Service Deleted : vToolbarUpdater17.3.0

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Program Files (x86)\Application Updater

Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\Common Files\Spigot

Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin

Folder Deleted : C:\Users\User\AppData\Local\AVG SafeGuard toolbar

Folder Deleted : C:\Users\User\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\User\AppData\LocalLow\AVG SafeGuard toolbar

Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\User\AppData\LocalLow\Search Settings

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchSettings]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\AVG SafeGuard toolbar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Search Settings

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\Software\Application Updater

Key Deleted : HKLM\Software\AVG SafeGuard toolbar

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\caphyon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Search Settings

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16798

 

 

-\\ Google Chrome v32.0.1700.107

 

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [8122 octets] - [20/02/2014 20:25:39]

AdwCleaner[s0].txt - [7959 octets] - [20/02/2014 20:28:31]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8019 octets] ##########

 

 

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.2 (02.20.2014:1)

OS: Windows 8 x64

Ran by User on Thu 02/20/2014 at 20:34:19.55

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{120C34D1-4624-41E7-899E-0FD6DA9D279E}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FB72EDE0-A7CC-4099-8208-ECAAEA5470B0}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 02/20/2014 at 21:00:35.97

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014

Ran by User (administrator) on PIKE on 20-02-2014 21:02:08

Running from C:\Users\User\Downloads

Windows 8 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Microsoft Corporation) C:\Windows\system32\dashost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Flux Software LLC) C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe

(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

(Desura Pty Ltd) R:\Desura\desura.exe

(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe

(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(GFI Software) C:\Program Files (x86)\GFI Software\VIPRE\SBAMUI.exe

(Thisisu) C:\Users\User\Downloads\JRT.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)

HKLM\...\Run: [sBRegRebootCleaner] - C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe [200560 2011-12-19] (GFI Software)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-31] (Realtek Semiconductor)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)

HKLM-x32\...\Run: [sBAMTray] - C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe [3050352 2011-12-19] (GFI Software)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)

HKLM-x32\...\Run: [] - [X]

HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1822400 2014-02-19] (Valve Corporation)

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\Run: [Desura] - R:\Desura\desura.exe [2529096 2013-08-11] (Desura Pty Ltd)

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\Run: [f.lux] - C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-02-16] (Overwolf LTD)

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\MountPoints2: {2c2149ea-fe2a-11e2-be6f-7427ea4594ef} - "E:\StartBackup.exe" 

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\MountPoints2: {7931bc06-e030-11e2-be66-806e6f6e6963} - "D:\SETUP.EXE" 

HKU\S-1-5-21-2073002033-1629563174-664864982-1001\...\MountPoints2: {ccbbe756-558d-11e3-be7e-7427ea4594ef} - "E:\LaunchU3.exe" -a

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=402027&fr=spigot-yhp-ie

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE1E682904174CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

SearchScopes: HKCU - DefaultScope {BACB1836-BE89-4911-BCF2-09316F8D1C98} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

SearchScopes: HKCU - {BACB1836-BE89-4911-BCF2-09316F8D1C98} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

Chrome: 

=======


CHR DefaultSearchKeyword: yahoo.com search

CHR DefaultSearchProvider: Yahoo


CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-15]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-28]

CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-28]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-20]

CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-28]

CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-06-28]

CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-06-28]

CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-12-31]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)

R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)

R2 SBAMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [3289032 2011-12-19] (GFI Software)

R2 SBPIMSvc; C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [173424 2011-12-19] (GFI Software)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()

R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)

S3 GENERICDRV; C:\utils\bios\afuwin64\amifldrv64.sys [15640 2012-08-17] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)

S1 SBRE; C:\Windows\SysWOW64\drivers\SBREdrv.sys [101112 2011-10-26] (GFI Software)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)

R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)

S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-20 21:02 - 2014-02-20 21:02 - 00013559 _____ () C:\Users\User\Downloads\FRST.txt

2014-02-20 21:02 - 2014-02-20 21:02 - 00000000 ____D () C:\FRST

2014-02-20 21:01 - 2014-02-20 21:01 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-02-20 21:00 - 2014-02-20 21:00 - 00001012 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-20 20:34 - 2014-02-20 20:34 - 00000000 ____D () C:\Windows\ERUNT

2014-02-20 20:32 - 2014-02-20 20:32 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-20 20:25 - 2014-02-20 20:28 - 00000000 ____D () C:\AdwCleaner

2014-02-20 20:25 - 2014-02-20 20:25 - 01241834 _____ () C:\Users\User\Downloads\AdwCleaner.exe

2014-02-20 19:57 - 2014-02-20 19:57 - 00001627 _____ () C:\Users\User\Desktop\RKreport[0]_S_02202014_195722.txt

2014-02-20 19:55 - 2014-02-20 19:57 - 00000000 ____D () C:\Users\User\Desktop\RK_Quarantine

2014-02-20 19:54 - 2014-02-20 19:55 - 04413952 _____ () C:\Users\User\Downloads\RogueKillerX64.exe

2014-02-20 19:53 - 2014-02-20 19:53 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds (1).com

2014-02-20 19:53 - 2014-02-20 19:53 - 00015467 _____ () C:\Users\User\Desktop\dds.txt

2014-02-20 19:53 - 2014-02-20 19:53 - 00007107 _____ () C:\Users\User\Desktop\attach.txt

2014-02-20 19:00 - 2014-02-20 19:00 - 03817984 _____ () C:\Users\User\Downloads\RogueKiller.exe

2014-02-20 17:24 - 2014-02-20 17:24 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.com

2014-02-20 00:48 - 2014-02-20 00:48 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-20 00:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-20 00:46 - 2014-02-20 00:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-consumer.exe

2014-02-20 00:31 - 2014-02-20 00:31 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-02-20 00:31 - 2014-02-20 00:31 - 00001098 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk

2014-02-20 00:31 - 2014-01-08 15:54 - 00121856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll

2014-02-20 00:31 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe

2014-02-20 00:11 - 2014-02-20 00:11 - 00372224 _____ () C:\Users\User\Downloads\Understanding the Dominant Culture REVISED2(1).ppt

2014-02-20 00:11 - 2014-02-20 00:11 - 00307712 _____ () C:\Users\User\Downloads\Men & Women(1).ppt

2014-02-20 00:11 - 2014-02-20 00:11 - 00244736 _____ () C:\Users\User\Downloads\Stereotyping & Prejudice(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00314880 _____ () C:\Users\User\Downloads\INTRO DEMO DIMENSIONS CULTURE(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00235008 _____ () C:\Users\User\Downloads\NEW Culture & Ethnocentricism(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00193024 _____ () C:\Users\User\Downloads\NEW Dimensions of Diversity(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00168448 _____ () C:\Users\User\Downloads\Communication(1).ppt

2014-02-17 00:34 - 2014-02-17 00:34 - 00000000 ____D () C:\Users\User\AppData\Local\Introversion

2014-02-16 13:15 - 2014-02-16 13:15 - 00000000 ____D () C:\Users\User\Desktop\game

2014-02-16 13:09 - 2014-02-16 13:09 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00838872 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-02-16 13:02 - 2014-02-16 16:31 - 00000000 ____D () C:\ProgramData\Overwolf

2014-02-13 20:49 - 2014-02-16 17:42 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk

2014-02-13 20:49 - 2014-02-16 17:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf

2014-02-13 20:49 - 2014-02-13 20:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf

2014-02-13 20:47 - 2014-02-20 20:31 - 00000000 ____D () C:\Users\User\AppData\Local\Overwolf

2014-02-13 02:30 - 2014-02-13 02:30 - 00001738 _____ () C:\Windows\SysWOW64\EmailAVConfig.xml

2014-02-13 02:30 - 2014-02-13 02:30 - 00000334 _____ () C:\Windows\SysWOW64\CountScans.XML

2014-02-11 21:04 - 2013-11-01 00:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-02-11 21:03 - 2014-02-01 04:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-11 21:03 - 2014-02-01 04:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-11 21:03 - 2014-02-01 04:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-11 21:03 - 2014-02-01 04:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2014-02-11 21:03 - 2014-02-01 04:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-11 21:03 - 2014-02-01 04:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-11 21:03 - 2014-02-01 02:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-11 21:03 - 2014-02-01 02:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-11 21:03 - 2014-02-01 02:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-11 21:03 - 2014-02-01 02:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-11 21:03 - 2014-02-01 02:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-11 21:03 - 2014-02-01 02:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-11 21:03 - 2014-02-01 00:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2014-02-11 21:03 - 2013-12-08 19:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-11 21:03 - 2013-12-08 18:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-11 21:03 - 2013-12-04 18:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-11 21:03 - 2013-12-04 18:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-02-11 21:03 - 2013-12-04 18:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-11 21:03 - 2013-12-04 18:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-02-11 21:03 - 2013-11-26 19:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml

2014-02-11 21:03 - 2013-11-25 18:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-02-11 21:02 - 2014-01-12 18:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-02-11 21:02 - 2014-01-12 18:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-02-11 21:02 - 2013-11-19 19:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-02-11 21:02 - 2013-11-19 18:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-02-01 14:10 - 2014-02-10 23:13 - 00003748 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml

2014-02-01 14:10 - 2014-02-01 14:10 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-01-28 16:19 - 2014-01-28 16:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files\iTunes

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files\iPod

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-01-28 01:12 - 2014-02-13 20:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client

2014-01-28 01:11 - 2014-01-28 01:11 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

2014-01-28 01:11 - 2014-01-28 01:11 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client

2014-01-27 19:49 - 2014-01-27 20:25 - 00000121 _____ () C:\Users\User\Desktop\starbound cords.txt

2014-01-25 12:55 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll

2014-01-25 12:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll

2014-01-25 12:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll

2014-01-25 12:55 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2014-01-25 12:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll

2014-01-25 12:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2014-01-25 12:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2014-01-25 12:54 - 2014-01-25 12:54 - 00000000 ____D () C:\Nether

2014-01-25 12:31 - 2014-01-25 12:56 - 00000000 ____D () C:\Program Files\NetherLauncher

2014-01-25 12:31 - 2014-01-25 12:32 - 00000772 _____ () C:\Users\Public\Desktop\Nether.lnk

2014-01-25 12:26 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\User\Desktop\Nether- Watcher (Online Game Code)

2014-01-21 22:18 - 2014-01-21 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux

2014-01-21 22:18 - 2014-01-21 22:18 - 00000000 ____D () C:\Users\User\AppData\Local\FluxSoftware

2014-01-21 21:38 - 2014-01-25 13:36 - 00026621 ____H () C:\Users\User\Desktop\~WRL0006.tmp

2014-01-21 21:38 - 2014-01-21 23:30 - 00028716 ____H () C:\Users\User\Desktop\~WRL0005.tmp

 

==================== One Month Modified Files and Folders =======

 

2014-02-20 21:02 - 2014-02-20 21:02 - 00013559 _____ () C:\Users\User\Downloads\FRST.txt

2014-02-20 21:02 - 2014-02-20 21:02 - 00000000 ____D () C:\FRST

2014-02-20 21:01 - 2014-02-20 21:01 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-02-20 21:00 - 2014-02-20 21:00 - 00001012 _____ () C:\Users\User\Desktop\JRT.txt

2014-02-20 21:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru

2014-02-20 20:40 - 2013-06-28 15:54 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2073002033-1629563174-664864982-1001

2014-02-20 20:34 - 2014-02-20 20:34 - 00000000 ____D () C:\Windows\ERUNT

2014-02-20 20:32 - 2014-02-20 20:32 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe

2014-02-20 20:31 - 2014-02-13 20:47 - 00000000 ____D () C:\Users\User\AppData\Local\Overwolf

2014-02-20 20:31 - 2013-07-23 11:46 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-02-20 20:30 - 2013-12-31 00:05 - 00000292 _____ () C:\Windows\Tasks\Driver Booster Update.job

2014-02-20 20:30 - 2013-06-28 15:58 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-20 20:30 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-20 20:29 - 2013-07-03 10:18 - 01504920 _____ () C:\Windows\WindowsUpdate.log

2014-02-20 20:29 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI

2014-02-20 20:28 - 2014-02-20 20:25 - 00000000 ____D () C:\AdwCleaner

2014-02-20 20:25 - 2014-02-20 20:25 - 01241834 _____ () C:\Users\User\Downloads\AdwCleaner.exe

2014-02-20 20:18 - 2013-06-28 16:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-20 20:09 - 2013-06-28 15:58 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-20 19:57 - 2014-02-20 19:57 - 00001627 _____ () C:\Users\User\Desktop\RKreport[0]_S_02202014_195722.txt

2014-02-20 19:57 - 2014-02-20 19:55 - 00000000 ____D () C:\Users\User\Desktop\RK_Quarantine

2014-02-20 19:55 - 2014-02-20 19:54 - 04413952 _____ () C:\Users\User\Downloads\RogueKillerX64.exe

2014-02-20 19:53 - 2014-02-20 19:53 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds (1).com

2014-02-20 19:53 - 2014-02-20 19:53 - 00015467 _____ () C:\Users\User\Desktop\dds.txt

2014-02-20 19:53 - 2014-02-20 19:53 - 00007107 _____ () C:\Users\User\Desktop\attach.txt

2014-02-20 19:00 - 2014-02-20 19:00 - 03817984 _____ () C:\Users\User\Downloads\RogueKiller.exe

2014-02-20 18:18 - 2013-06-28 16:10 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-20 17:24 - 2014-02-20 17:24 - 00688992 ____R (Swearware) C:\Users\User\Downloads\dds.com

2014-02-20 08:06 - 2013-07-23 11:33 - 00048322 _____ () C:\Windows\PFRO.log

2014-02-20 00:54 - 2013-12-31 00:06 - 00000000 ____D () C:\ProgramData\ProductData

2014-02-20 00:48 - 2014-02-20 00:48 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-20 00:48 - 2014-02-20 00:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-20 00:47 - 2014-02-20 00:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-consumer.exe

2014-02-20 00:31 - 2014-02-20 00:31 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-02-20 00:31 - 2014-02-20 00:31 - 00001098 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk

2014-02-20 00:31 - 2013-07-03 10:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit

2014-02-20 00:31 - 2013-07-03 10:15 - 00000000 ____D () C:\Program Files (x86)\IObit

2014-02-20 00:11 - 2014-02-20 00:11 - 00372224 _____ () C:\Users\User\Downloads\Understanding the Dominant Culture REVISED2(1).ppt

2014-02-20 00:11 - 2014-02-20 00:11 - 00307712 _____ () C:\Users\User\Downloads\Men & Women(1).ppt

2014-02-20 00:11 - 2014-02-20 00:11 - 00244736 _____ () C:\Users\User\Downloads\Stereotyping & Prejudice(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00314880 _____ () C:\Users\User\Downloads\INTRO DEMO DIMENSIONS CULTURE(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00235008 _____ () C:\Users\User\Downloads\NEW Culture & Ethnocentricism(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00193024 _____ () C:\Users\User\Downloads\NEW Dimensions of Diversity(1).ppt

2014-02-20 00:10 - 2014-02-20 00:10 - 00168448 _____ () C:\Users\User\Downloads\Communication(1).ppt

2014-02-18 16:37 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent

2014-02-17 00:34 - 2014-02-17 00:34 - 00000000 ____D () C:\Users\User\AppData\Local\Introversion

2014-02-16 18:16 - 2013-12-02 02:53 - 00001881 _____ () C:\Windows\setupact.log

2014-02-16 17:42 - 2014-02-13 20:49 - 00001971 _____ () C:\Users\Public\Desktop\Overwolf.lnk

2014-02-16 17:42 - 2014-02-13 20:49 - 00000000 ____D () C:\Program Files (x86)\Overwolf

2014-02-16 17:41 - 2014-01-20 20:28 - 00001180 _____ () C:\Users\Public\Desktop\Driver Booster.lnk

2014-02-16 17:41 - 2013-12-31 00:05 - 00003212 _____ () C:\Windows\System32\Tasks\Driver Booster Scan

2014-02-16 17:41 - 2013-12-31 00:05 - 00002544 _____ () C:\Windows\System32\Tasks\Driver Booster Update

2014-02-16 17:36 - 2013-08-17 01:17 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-16 17:32 - 2013-06-28 16:29 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-02-16 16:31 - 2014-02-16 13:02 - 00000000 ____D () C:\ProgramData\Overwolf

2014-02-16 13:15 - 2014-02-16 13:15 - 00000000 ____D () C:\Users\User\Desktop\game

2014-02-16 13:11 - 2013-06-28 15:58 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-16 13:11 - 2013-06-28 15:54 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-02-16 13:09 - 2014-02-16 13:09 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00838872 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-02-16 13:09 - 2014-02-16 13:09 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-02-16 13:09 - 2014-02-16 13:09 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-02-16 13:09 - 2013-06-28 15:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2014-02-16 13:09 - 2013-06-28 15:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2014-02-16 13:09 - 2013-06-28 15:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-02-16 13:09 - 2013-06-28 15:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2014-02-16 13:09 - 2013-02-26 02:32 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-02-16 13:09 - 2013-02-26 02:32 - 00023754 _____ () C:\Windows\system32\nvinfo.pb

2014-02-16 13:04 - 2013-06-28 15:58 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-16 13:04 - 2013-06-28 15:58 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-14 00:48 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\rescache

2014-02-13 20:51 - 2014-01-28 01:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client

2014-02-13 20:49 - 2014-02-13 20:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf

2014-02-13 02:30 - 2014-02-13 02:30 - 00001738 _____ () C:\Windows\SysWOW64\EmailAVConfig.xml

2014-02-13 02:30 - 2014-02-13 02:30 - 00000334 _____ () C:\Windows\SysWOW64\CountScans.XML

2014-02-11 22:10 - 2013-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-02-10 23:13 - 2014-02-01 14:10 - 00003748 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml

2014-02-04 21:05 - 2013-06-28 15:59 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-01 14:11 - 2013-06-28 15:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-01 14:10 - 2014-02-01 14:10 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-02-01 04:20 - 2014-02-11 21:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-01 04:19 - 2014-02-11 21:03 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-01 04:19 - 2014-02-11 21:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-01 04:19 - 2014-02-11 21:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2014-02-01 04:19 - 2014-02-11 21:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-01 04:18 - 2014-02-11 21:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-01 02:58 - 2014-02-11 21:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-01 02:58 - 2014-02-11 21:03 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-01 02:58 - 2014-02-11 21:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-01 02:57 - 2014-02-11 21:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-01 02:40 - 2014-02-11 21:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-01 02:34 - 2014-02-11 21:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-01 00:08 - 2014-02-11 21:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2014-01-30 16:10 - 2012-07-26 03:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-01-30 16:10 - 2012-07-26 03:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-28 16:19 - 2014-01-28 16:19 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files\iTunes

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files\iPod

2014-01-28 16:19 - 2014-01-28 16:19 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-01-28 16:15 - 2013-08-11 18:58 - 00000000 ____D () C:\ProgramData\Apple

2014-01-28 01:11 - 2014-01-28 01:11 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

2014-01-28 01:11 - 2014-01-28 01:11 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client

2014-01-27 20:25 - 2014-01-27 19:49 - 00000121 _____ () C:\Users\User\Desktop\starbound cords.txt

2014-01-25 15:44 - 2014-01-06 21:16 - 00000000 ____D () C:\Users\User\Documents\DayZ

2014-01-25 13:36 - 2014-01-21 21:38 - 00026621 ____H () C:\Users\User\Desktop\~WRL0006.tmp

2014-01-25 12:57 - 2013-07-23 17:59 - 00000000 ____D () C:\Users\User\Documents\my games

2014-01-25 12:56 - 2014-01-25 12:31 - 00000000 ____D () C:\Program Files\NetherLauncher

2014-01-25 12:55 - 2013-07-23 21:02 - 00271731 _____ () C:\Windows\DirectX.log

2014-01-25 12:54 - 2014-01-25 12:54 - 00000000 ____D () C:\Nether

2014-01-25 12:54 - 2013-12-19 02:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bioshock

2014-01-25 12:32 - 2014-01-25 12:31 - 00000772 _____ () C:\Users\Public\Desktop\Nether.lnk

2014-01-25 12:26 - 2014-01-25 12:26 - 00000000 ____D () C:\Users\User\Desktop\Nether- Watcher (Online Game Code)

2014-01-24 13:11 - 2013-12-19 02:08 - 00000000 ____D () C:\Users\User\Documents\Bioshock

2014-01-23 18:11 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\WinStore

2014-01-21 23:30 - 2014-01-21 21:38 - 00028716 ____H () C:\Users\User\Desktop\~WRL0005.tmp

2014-01-21 22:18 - 2014-01-21 22:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux

2014-01-21 22:18 - 2014-01-21 22:18 - 00000000 ____D () C:\Users\User\AppData\Local\FluxSoftware

 

Some content of TEMP:

====================

C:\Users\User\AppData\Local\Temp\0gp4fczm.dll

C:\Users\User\AppData\Local\Temp\fkhx14g3.dll

C:\Users\User\AppData\Local\Temp\gvhpv00m.dll

C:\Users\User\AppData\Local\Temp\i4jdel0.exe

C:\Users\User\AppData\Local\Temp\mry-z_3o.dll

C:\Users\User\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe

C:\Users\User\AppData\Local\Temp\ntdll_dump.dll

C:\Users\User\AppData\Local\Temp\oi_{2F7DFD58-24E3-4B3D-B3B0-194B70032A7A}.exe

C:\Users\User\AppData\Local\Temp\opcke8mh.dll

C:\Users\User\AppData\Local\Temp\Quarantine.exe

C:\Users\User\AppData\Local\Temp\r67tubdt.dll

C:\Users\User\AppData\Local\Temp\ts-0btgs.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-16 17:33

 

==================== End Of Log ============================

 

 

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2014

Ran by User at 2014-02-20 21:02:31

Running from C:\Users\User\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: GFI Software VIPRE (Disabled - Up to date) {445B48C3-0FA4-6B16-8F07-6506F305D800}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: GFI Software VIPRE (Disabled - Up to date) {FF3AA927-299E-6498-B5B7-5E74888292BD}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

 

==================== Installed Programs ======================

 

7 Days to Die - Alpha version 0.9.1 (x32 Version: 0.9.1 - The Fun Pimps LLC)

7 Days to Die (x32 Version:  - The Fun Pimps)

A Game of Thrones version 0.4.7.2 (x32 Version: 0.4.7.2 - AGOT TEAM)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.70 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)

Advanced SystemCare 7 (x32 Version: 7.1.0 - IObit)

Alan Wake (x32 Version:  - Remedy Entertainment)

Apple Application Support (x32 Version: 3.0 - Apple Inc.)

Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

BioShock (x32 Version:  - 2K Boston)

BioShock 2 (x32 Version:  - 2K Marin)

BioShock Infinite (x32 Version:  - Irrational Games)

Bonjour (Version: 3.0.0.10 - Apple Inc.)

Borderlands 2 (x32 Version:  - Gearbox Software)

CCleaner (Version: 4.03 - Piriform)

CDBurnerXP (x32 Version: 4.5.1.4003 - CDBurnerXP)

CleanUp! (x32 Version:  - )

Crusader Kings II (x32 Version:  - Paradox Development Studio)

DayZ (x32 Version:  - Bohemia Interactive)

DEFCON (x32 Version:  - Introversion Software)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)

Democracy 3 (x32 Version:  - Positech Games)

Desura (x32 Version: 100.53 - Desura)

Desura: Dominions 4: Thrones of Ascension (x32 Version: Full - Illwinter Game Design)

Desura: Project Zomboid (x32 Version: Alpha - The Indie Stone)

Dishonored (x32 Version:  - Arkane Studios)

Don't Starve (x32 Version:  - Klei Entertainment)

Driver Booster (x32 Version: 1.2 - IObit)

Endless Space (x32 Version:  - Amplitude Studios)

Europa Universalis IV (x32 Version:  - Paradox Development Studio)

f.lux (HKCU Version:  - )

Fallout (x32 Version:  - Interplay Inc.)

Godus (x32 Version:  - )

GOG.com Downloader version 3.5.8 (x32 Version: 3.5.8 - GOG.com)

Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)

IObit Apps Toolbar v8.7 (x32 Version: 8.7 - Spigot, Inc.) <==== ATTENTION

IObit Malware Fighter (x32 Version: 2.0 - IObit)

IObit Uninstaller (x32 Version: 3.0.5.1228 - IObit)

iTunes (Version: 11.1.4.62 - Apple Inc.)

Java 7 Update 17 (x32 Version: 7.0.170 - Oracle)

Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Just Cause 2 (x32 Version:  - Avalanche)

Kenshi (x32 Version:  - Lo-Fi Games)

Launchpad Enhanced (x32 Version: 0.05.000 - SWGEmu)

League of Legends (x32 Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

Miasmata (x32 Version: 2.1.0.5 - GOG.com)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)

Mount & Blade: Warband (x32 Version:  - Tale Worlds)

Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 22.0 - Mozilla)

Nether Launcher (Version: 16.20.0.0 - Nether Productions, LLC.)

Nether Launcher (Version: 16.22.0.0 - Nether Productions, LLC.)

Nexus Mod Manager (Version: 0.45.7 - Black Tree Gaming)

NVIDIA 3D Vision Controller Driver 320.49 (Version: 320.49 - NVIDIA Corporation)

NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 1.5 (Version: 1.5 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden

Origin (x32 Version: 9.2.1.4399 - Electronic Arts, Inc.)

Overwolf (x32 Version: 0.50.310 - Overwolf)

Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)

PerformanceTest v8.0 (Version: 8.0.1022.0 - Passmark Software)

Prison Architect (x32 Version:  - Introversion Software)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.7106 - Realtek Semiconductor Corp.)

Rust (x32 Version:  - Facepunch Studios)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

SimCity™ (x32 Version: 1.0.0.0 - Electronic Arts)

Smart Defrag 3 (x32 Version: 3.0 - IObit)

SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC)

Star Wars Galaxies: Complete Online Adventures (x32 Version: 1.00.000 - Sony Online Entertainment)

Starbound (x32 Version:  - )

StarForge Alpha (x32 Version:  - CodeHatch)

Start Menu 8 (x32 Version: 1.4.0.0 - IObit)

State of Decay (x32 Version:  - )

Steam (x32 Version: 1.0.0.0 - Valve Corporation)

Surfing Protection (x32 Version: 1.0 - IObit)

TeamSpeak 3 Client (x32 Version: 3.0.13 - TeamSpeak Systems GmbH)

TeamViewer 8 (x32 Version: 8.0.19045 - TeamViewer)

Terraria (x32 Version:  - Re-Logic)

The Age of Decadence (x32 Version:  - Iron Tower Studio)

The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)

The Walking Dead (x32 Version:  - )

The Walking Dead: Season Two (x32 Version:  - Telltale Games)

The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version:  - CD Projekt RED)

The Wolf Among Us (x32 Version:  - )

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)

Victoria II (x32 Version:  - Paradox Development Studio)

VIPRE Antivirus (x32 Version: 5.0.5116 - GFI Software) Hidden

VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)

 

==================== Restore Points  =========================

 

05-02-2014 01:46:48 Windows Update

12-02-2014 03:06:06 Windows Update

16-02-2014 18:08:27 Driver Booster : NVIDIA GeForce GTX 660

20-02-2014 05:54:41 Removed WinZip 18.0

 

==================== Hosts content: ==========================

 

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {34667D1F-50DB-46DC-8422-71DBC65C583B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {4FA198EE-01A0-4605-A610-FCD19E89B7E3} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)

Task: {8A9BA6E2-2E38-48F4-BB6B-2754D562D3DB} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)

Task: {8C5E5C27-F7B6-4711-BD70-5A93380162FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)

Task: {9BE383C1-6063-472E-A45D-291E296912DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {9E2EF027-0447-4900-A581-B65EC4651DE4} - System32\Tasks\ASC7_SkipUac_User => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-12-16] (IObit)

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {A8414360-3871-4AC9-B5CF-50FF6B3A1A08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)

Task: {B127C060-FA58-4D1A-9AFF-FD962DD36B5A} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)

Task: {B167A104-9D42-46BD-B5AF-AA884E7A3A72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)

Task: {BA2EF8CB-1549-4F6E-8893-A6A0CBBF5ACD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-01-07] (IObit)

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {F2C81C22-9074-451A-A72C-105F52AD0ABB} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-01-10] (IObit)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\ASC7_SkipUac_User.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-06-28 15:58 - 2013-11-11 10:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2013-12-31 00:06 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-07-23 23:05 - 2014-02-07 10:24 - 00190752 _____ () C:\Program Files (x86)\GFI Software\VIPRE\Definitions\libBase64.dll

2013-07-23 23:05 - 2014-02-07 10:24 - 00178464 _____ () C:\Program Files (x86)\GFI Software\VIPRE\Definitions\libMachoUniv.dll

2005-12-22 15:28 - 2005-12-22 15:28 - 00160768 _____ () C:\Program Files (x86)\GFI Software\VIPRE\unrar.dll

2014-01-10 20:35 - 2013-12-12 17:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll

2014-01-10 20:35 - 2013-11-04 20:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll

2013-07-01 07:20 - 2014-02-10 21:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2013-07-09 16:56 - 2014-02-19 18:07 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2013-07-09 12:45 - 2014-01-10 18:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2013-06-14 14:49 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll

2013-06-14 14:49 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll

2013-06-14 14:49 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

2013-07-03 10:15 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl

2013-07-03 10:15 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl

2013-07-03 10:15 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl

2013-07-03 10:15 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll

2013-12-07 14:31 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll

2013-07-03 10:15 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll

2013-07-03 10:15 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll

2013-12-31 00:06 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll

2014-02-04 21:05 - 2014-02-01 18:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll

2014-02-04 21:05 - 2014-02-01 18:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll

2014-02-04 21:05 - 2014-02-01 18:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

2014-02-04 21:05 - 2014-02-01 18:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll

2014-02-04 21:05 - 2014-02-01 18:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service"

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/20/2014 08:32:00 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1326

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1326

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/20/2014 05:20:02 PM) (Source: Application Error) (User: )

Description: Faulting application name: Steam.exe, version: 2.12.33.63, time stamp: 0x5305357d

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000

Faulting process id: 0x1690

Faulting application start time: 0xSteam.exe0

Faulting application path: Steam.exe1

Faulting module path: Steam.exe2

Report Id: Steam.exe3

Faulting package full name: Steam.exe4

Faulting package-relative application ID: Steam.exe5

 

Error: (02/20/2014 05:19:04 PM) (Source: ESENT) (User: )

Description: taskhostex (4200) An attempt to open the file "C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

 

Error: (02/20/2014 05:18:42 PM) (Source: Desktop Window Manager) (User: )

Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

 

Error: (02/20/2014 08:08:28 AM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall

 

Error: (02/20/2014 07:42:39 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14381903

 

Error: (02/20/2014 07:42:39 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14381903

 

 

System errors:

=============

Error: (02/20/2014 08:31:13 PM) (Source: Service Control Manager) (User: )

Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/20/2014 08:30:43 PM) (Source: DCOM) (User: PIKE)

Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PIKEUserS-1-5-21-2073002033-1629563174-664864982-1001LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (02/20/2014 08:30:43 PM) (Source: DCOM) (User: PIKE)

Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PIKEUserS-1-5-21-2073002033-1629563174-664864982-1001LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (02/20/2014 08:30:42 PM) (Source: DCOM) (User: PIKE)

Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PIKEUserS-1-5-21-2073002033-1629563174-664864982-1001LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (02/20/2014 08:30:42 PM) (Source: DCOM) (User: PIKE)

Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PIKEUserS-1-5-21-2073002033-1629563174-664864982-1001LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (02/20/2014 08:30:42 PM) (Source: DCOM) (User: PIKE)

Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PIKEUserS-1-5-21-2073002033-1629563174-664864982-1001LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (02/20/2014 08:07:45 AM) (Source: Service Control Manager) (User: )

Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (02/20/2014 08:06:18 AM) (Source: EventLog) (User: )

Description: The previous system shutdown at 7:59:50 AM on ‎2/‎20/‎2014 was unexpected.

 

Error: (02/20/2014 00:19:46 AM) (Source: Service Control Manager) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

%%1053

 

Error: (02/20/2014 00:19:46 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

 

 

Microsoft Office Sessions:

=========================

Error: (02/20/2014 08:32:00 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1326

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1326

 

Error: (02/20/2014 06:14:44 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (02/20/2014 05:20:02 PM) (Source: Application Error)(User: )

Description: Steam.exe2.12.33.635305357dunknown0.0.0.000000000c000000500000000169001cf2e89c38d0e38C:\Program Files (x86)\Steam\Steam.exeunknown24089e9f-9a7d-11e3-be89-7427ea4594ef

 

Error: (02/20/2014 05:19:04 PM) (Source: ESENT)(User: )

Description: taskhostex4200C:\Users\User\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

 

Error: (02/20/2014 05:18:42 PM) (Source: Desktop Window Manager)(User: )

Description: 0x8898008d

 

Error: (02/20/2014 08:08:28 AM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall

 

Error: (02/20/2014 07:42:39 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14381903

 

Error: (02/20/2014 07:42:39 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14381903

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 26%

Total physical RAM: 8131.37 MB

Available physical RAM: 5937.02 MB

Total Pagefile: 12626.37 MB

Available Pagefile: 10066.43 MB

Total Virtual: 8192 MB

Available Virtual: 8191.77 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:976.56 GB) (Free:673.64 GB) NTFS

Drive r: (Storage) (Fixed) (Total:866.41 GB) (Free:841.62 GB) NTFS

Drive z: (RestoreVolume) (Fixed) (Total:19.53 GB) (Free:19.43 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: EC047A36)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================



 

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Do you realize how much garbage comes with Advanced SystemCare 7 when you install it??

It also has a feature that doesn't allow any changes to your browsers so please disable that before you proceed.

----------------------

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

You should be able to set Chrome and IE to the way you want it now.

Let me know....MrC

Link to post
Share on other sites
Fish09

Fish09

Posted
  • Author
Posted

I did not, I think IObit installed it for me because it just showed up one day. Should i remove IObit from my computer?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-02-2014
Ran by User at 2014-02-20 21:33:46 Run:1
Running from C:\Users\User\Desktop\New folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] - [X]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-06-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - DefaultScope {BACB1836-BE89-4911-BCF2-09316F8D1C98} URL = http://search.yahoo....&type=402027&p={searchTerms}
SearchScopes: HKCU - {BACB1836-BE89-4911-BCF2-09316F8D1C98} URL = http://search.yahoo....&type=402027&p={searchTerms}
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll 
C:\Users\User\AppData\Local\Temp\0gp4fczm.dll
C:\Users\User\AppData\Local\Temp\fkhx14g3.dll
C:\Users\User\AppData\Local\Temp\gvhpv00m.dll
C:\Users\User\AppData\Local\Temp\i4jdel0.exe
C:\Users\User\AppData\Local\Temp\mry-z_3o.dll
C:\Users\User\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll
C:\Users\User\AppData\Local\Temp\oi_{2F7DFD58-24E3-4B3D-B3B0-194B70032A7A}.exe
C:\Users\User\AppData\Local\Temp\opcke8mh.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\r67tubdt.dll
C:\Users\User\AppData\Local\Temp\ts-0btgs.dll
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi => Key deleted successfully.
"C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi => Key deleted successfully.
"C:\Users\User\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BACB1836-BE89-4911-BCF2-09316F8D1C98} => Key deleted successfully.
HKCR\CLSID\{BACB1836-BE89-4911-BCF2-09316F8D1C98} => Key not found.
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll not found.
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll not found.
C:\Users\User\AppData\Local\Temp\0gp4fczm.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\fkhx14g3.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\gvhpv00m.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\mry-z_3o.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\oi_{2F7DFD58-24E3-4B3D-B3B0-194B70032A7A}.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\opcke8mh.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\User\AppData\Local\Temp\r67tubdt.dll => Moved successfully.
C:\Users\User\AppData\Local\Temp\ts-0btgs.dll => Moved successfully.
 
==== End of Fixlog ====
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

I think i'll also uninstall overwolf but i'm not really sure how I got spigot...I feel like it may have been IObit

It was IObit, if you look through the rest of the topics, you'll see other people with the same problem.

 

-------------------------------

 

If there's no other problems....

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC (be back in the AM)
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.