Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Spigot malware


Fish09
 Share

Recommended Posts

I recently downloaded Overwolf on the 16th and I think it may have installed Spigot onto my computer because everytime I use chrome and try to open a new tab it takes it to some yahoo page and then I look in settings and my default search is some weird yahoo page.  I was wondering if this program is a keylogger and if I'll have to change all my passwords, and if just doing a system reset before I downloaded Overwolf would erase this program entirely. I also did a sweep using Malware and it found 17 things and I deleted them but the program is still there and when I did another scan it didn't mark the Spigot file as malware.  Both of the scans were full sweeps and they are attach to this post as well.

 

Here are the request files via the pinned post I read

 

Attach:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 6/28/2013 4:48:19 PM
System Uptime: 2/20/2014 8:05:52 AM (9 hours ago)
.
Motherboard: ECS |  | A75F2-A2
Processor: AMD A10-6800K APU with Radeon HD Graphics   | P0 | 4100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 977 GiB total, 674.122 GiB free.
D: is CDROM ()
R: is FIXED (NTFS) - 866 GiB total, 841.625 GiB free.
Z: is FIXED (NTFS) - 20 GiB total, 19.433 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP40: 2/4/2014 8:46:48 PM - Windows Update
RP41: 2/11/2014 10:06:06 PM - Windows Update
RP42: 2/16/2014 1:08:27 PM - Driver Booster : NVIDIA GeForce GTX 660
RP43: 2/20/2014 12:54:41 AM - Removed WinZip 18.0
.
==== Installed Programs ======================
.
7 Days to Die
7 Days to Die - Alpha version 0.9.1
A Game of Thrones version 0.4.7.2
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Alan Wake
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG SafeGuard toolbar
BioShock
BioShock 2
BioShock Infinite
Bonjour
Borderlands 2
CCleaner
CDBurnerXP
CleanUp!
Crusader Kings II
DayZ
DEFCON
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Democracy 3
Desura
Desura: Dominions 4: Thrones of Ascension
Desura: Project Zomboid
Dishonored
Don't Starve
Driver Booster
Endless Space
Europa Universalis IV
f.lux
Fallout
Godus
GOG.com Downloader version 3.5.8
Google Chrome
Google Update Helper
Guild Wars 2
IObit Apps Toolbar v8.7
IObit Malware Fighter
IObit Uninstaller
iTunes
Java 7 Update 17
Java 7 Update 25
Java Auto Updater
Just Cause 2
Kenshi
Launchpad Enhanced
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Miasmata
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mount & Blade: Warband
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
Nether Launcher
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.5
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Update 4.11.9
NVIDIA Update Components
Origin
Overwolf
Pando Media Booster
PerformanceTest v8.0
Prison Architect
Realtek High Definition Audio Driver
Rust
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SimCity™
Smart Defrag 3
SpywareBlaster 5.0
Star Wars Galaxies: Complete Online Adventures
Starbound
StarForge Alpha
Start Menu 8
State of Decay
Steam
Surfing Protection
TeamSpeak 3 Client
TeamViewer 8
Terraria
The Age of Decadence
The Elder Scrolls V: Skyrim
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
The Wolf Among Us
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Victoria II
VIPRE Antivirus
VLC media player 2.0.7
.
==== Event Viewer Messages From Past Week ========
.
2/20/2014 8:07:45 AM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
2/20/2014 12:19:46 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/20/2014 12:19:46 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/16/2014 9:24:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {7022A3B3-D004-4F52-AF11-E9E987FEE25F}  and APPID  {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}  to the user PIKE\User SID (S-1-5-21-2073002033-1629563174-664864982-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16798  BrowserJavaVersion: 10.25.2
Run by User at 17:24:43 on 2014-02-20
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8131.6311 [GMT -5:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
R:\Desura\desura.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Desura] R:\Desura\desura.exe -autostart
uRun: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0D5B9003-E766-4B20-9A4C-83470DDD5E41} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Slick Savings: {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - 
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2013-12-31 80640]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2013-12-31 25344]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-31 21184]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-31 881440]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-2-7 807800]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-7-3 341824]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-20 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-20 701512]
R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;C:\Windows\System32\Drivers\sbapifs.sys [2011-11-29 74872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2011-12-19 173424]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-3 4150112]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-2-1 1772056]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-7-3 23048]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-20 25928]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-7-3 34848]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-2-16 838872]
R3 sbwtis;sbwtis;C:\Windows\System32\Drivers\sbwtis.sys [2011-12-19 84600]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-7-3 23016]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S1 SBRE;SBRE;C:\Windows\System32\Drivers\sbredrv.sys [2013-7-23 57976]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-31 2151200]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-8-11 131912]
S3 DIRECTIO;DIRECTIO;C:\Program Files\PerformanceTest\DirectIo64.sys [2013-7-3 25704]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-2-13 98560]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
.
=============== Created Last 30 ================
.
2014-02-20 05:48:37 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 05:48:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-20 05:48:12 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-20 05:48:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 05:31:55 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-02-20 05:31:37 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-17 05:34:07 -------- d-----w- C:\Users\User\AppData\Local\Introversion
2014-02-16 22:42:04 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2014-02-16 21:31:08 257200 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10233.bin
2014-02-16 18:02:18 -------- d-----w- C:\ProgramData\Overwolf
2014-02-14 01:49:38 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2014-02-14 01:49:37 -------- d-----w- C:\Program Files (x86)\Overwolf
2014-02-14 01:47:42 -------- d-----w- C:\Users\User\AppData\Local\Overwolf
2014-02-12 02:04:03 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-12 02:02:37 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 02:02:37 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 02:02:36 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 02:02:35 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-01 19:11:38 -------- d-----w- C:\Users\User\AppData\Local\AVG SafeGuard toolbar
2014-02-01 19:10:28 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-02-01 19:10:19 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-02-01 19:10:17 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-02-01 19:10:17 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-28 21:19:05 -------- d-----w- C:\Program Files\iPod
2014-01-28 21:19:04 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 21:19:04 -------- d-----w- C:\Program Files\iTunes
2014-01-28 21:19:04 -------- d-----w- C:\Program Files (x86)\iTunes
2014-01-28 06:12:09 -------- d-----w- C:\Users\User\AppData\Roaming\TS3Client
2014-01-28 06:11:05 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-01-25 17:55:15 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2014-01-25 17:55:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2014-01-25 17:55:15 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2014-01-25 17:55:15 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2014-01-25 17:55:14 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-01-25 17:55:14 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2014-01-25 17:55:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-01-25 17:55:14 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-01-25 17:55:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2014-01-25 17:55:13 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-01-25 17:55:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2014-01-25 17:55:13 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-01-25 17:54:34 -------- d-----w- C:\Nether
2014-01-25 17:31:52 -------- d-----w- C:\Program Files\NetherLauncher
2014-01-22 03:18:44 -------- d-----w- C:\Users\User\AppData\Local\FluxSoftware
.
==================== Find3M  ====================
.
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 15:40:32 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-11-25 23:17:47 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
============= FINISH: 17:25:31.82 ===============

I recently downloaded Overwolf on the 16th and I think it may have installed Spigot onto my computer because everytime I use chrome and try to open a new tab it takes it to some yahoo page and then I look in settings and my default search is some weird yahoo page.  I was wondering if this program is a keylogger and if I'll have to change all my passwords, and if just doing a system reset before I downloaded Overwolf would erase this program entirely. I also did a sweep using Malware and it found 17 things and I deleted them but the program is still there and when I did another scan it didn't mark the Spigot file as malware.  Both of the scans were full sweeps and they are attach to this post as well.

 

Here are the request files via the pinned post I read

 

Attach:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 6/28/2013 4:48:19 PM
System Uptime: 2/20/2014 8:05:52 AM (9 hours ago)
.
Motherboard: ECS |  | A75F2-A2
Processor: AMD A10-6800K APU with Radeon HD Graphics   | P0 | 4100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 977 GiB total, 674.122 GiB free.
D: is CDROM ()
R: is FIXED (NTFS) - 866 GiB total, 841.625 GiB free.
Z: is FIXED (NTFS) - 20 GiB total, 19.433 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP40: 2/4/2014 8:46:48 PM - Windows Update
RP41: 2/11/2014 10:06:06 PM - Windows Update
RP42: 2/16/2014 1:08:27 PM - Driver Booster : NVIDIA GeForce GTX 660
RP43: 2/20/2014 12:54:41 AM - Removed WinZip 18.0
.
==== Installed Programs ======================
.
7 Days to Die
7 Days to Die - Alpha version 0.9.1
A Game of Thrones version 0.4.7.2
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Alan Wake
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG SafeGuard toolbar
BioShock
BioShock 2
BioShock Infinite
Bonjour
Borderlands 2
CCleaner
CDBurnerXP
CleanUp!
Crusader Kings II
DayZ
DEFCON
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Democracy 3
Desura
Desura: Dominions 4: Thrones of Ascension
Desura: Project Zomboid
Dishonored
Don't Starve
Driver Booster
Endless Space
Europa Universalis IV
f.lux
Fallout
Godus
GOG.com Downloader version 3.5.8
Google Chrome
Google Update Helper
Guild Wars 2
IObit Apps Toolbar v8.7
IObit Malware Fighter
IObit Uninstaller
iTunes
Java 7 Update 17
Java 7 Update 25
Java Auto Updater
Just Cause 2
Kenshi
Launchpad Enhanced
League of Legends
Malwarebytes Anti-Malware version 1.75.0.1300
Miasmata
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Mount & Blade: Warband
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
Nether Launcher
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 320.49
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.5
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Update 4.11.9
NVIDIA Update Components
Origin
Overwolf
Pando Media Booster
PerformanceTest v8.0
Prison Architect
Realtek High Definition Audio Driver
Rust
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SimCity™
Smart Defrag 3
SpywareBlaster 5.0
Star Wars Galaxies: Complete Online Adventures
Starbound
StarForge Alpha
Start Menu 8
State of Decay
Steam
Surfing Protection
TeamSpeak 3 Client
TeamViewer 8
Terraria
The Age of Decadence
The Elder Scrolls V: Skyrim
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
The Wolf Among Us
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Victoria II
VIPRE Antivirus
VLC media player 2.0.7
.
==== Event Viewer Messages From Past Week ========
.
2/20/2014 8:07:45 AM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
2/20/2014 12:19:46 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/20/2014 12:19:46 AM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/16/2014 9:24:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {7022A3B3-D004-4F52-AF11-E9E987FEE25F}  and APPID  {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}  to the user PIKE\User SID (S-1-5-21-2073002033-1629563174-664864982-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16798  BrowserJavaVersion: 10.25.2
Run by User at 17:24:43 on 2014-02-20
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8131.6311 [GMT -5:00]
.
AV: GFI Software VIPRE *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: GFI Software VIPRE *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
R:\Desura\desura.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
mWinlogon: Userinit = userinit.exe,
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE.dll
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Desura] R:\Desura\desura.exe -autostart
uRun: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [sBAMTray] "C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0D5B9003-E766-4B20-9A4C-83470DDD5E41} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Slick Savings: {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - 
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.7\iobitappsToolbarIE64.dll
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [sBRegRebootCleaner] "C:\Program Files (x86)\GFI Software\VIPRE\SBRC.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2013-12-31 80640]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2013-12-31 25344]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-31 21184]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-31 881440]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-2-7 807800]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-7-3 341824]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-20 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-20 701512]
R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;C:\Windows\System32\Drivers\sbapifs.sys [2011-11-29 74872]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2011-12-19 173424]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-7-3 4150112]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-2-1 1772056]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-7-3 23048]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-20 25928]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-7-3 34848]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2014-2-16 838872]
R3 sbwtis;sbwtis;C:\Windows\System32\Drivers\sbwtis.sys [2011-12-19 84600]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-7-3 23016]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S1 SBRE;SBRE;C:\Windows\System32\Drivers\sbredrv.sys [2013-7-23 57976]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-31 2151200]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-8-11 131912]
S3 DIRECTIO;DIRECTIO;C:\Program Files\PerformanceTest\DirectIo64.sys [2013-7-3 25704]
S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-2-13 98560]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
.
=============== Created Last 30 ================
.
2014-02-20 05:48:37 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 05:48:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-20 05:48:12 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-20 05:48:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 05:31:55 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-02-20 05:31:37 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-17 05:34:07 -------- d-----w- C:\Users\User\AppData\Local\Introversion
2014-02-16 22:42:04 -------- d-----w- C:\Program Files (x86)\Application Updater
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2014-02-16 22:42:03 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2014-02-16 21:31:08 257200 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10233.bin
2014-02-16 18:02:18 -------- d-----w- C:\ProgramData\Overwolf
2014-02-14 01:49:38 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2014-02-14 01:49:37 -------- d-----w- C:\Program Files (x86)\Overwolf
2014-02-14 01:47:42 -------- d-----w- C:\Users\User\AppData\Local\Overwolf
2014-02-12 02:04:03 2232664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-02-12 02:02:37 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-12 02:02:37 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-12 02:02:36 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-12 02:02:35 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-01 19:11:38 -------- d-----w- C:\Users\User\AppData\Local\AVG SafeGuard toolbar
2014-02-01 19:10:28 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-02-01 19:10:19 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-02-01 19:10:17 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-02-01 19:10:17 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-28 21:19:05 -------- d-----w- C:\Program Files\iPod
2014-01-28 21:19:04 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 21:19:04 -------- d-----w- C:\Program Files\iTunes
2014-01-28 21:19:04 -------- d-----w- C:\Program Files (x86)\iTunes
2014-01-28 06:12:09 -------- d-----w- C:\Users\User\AppData\Roaming\TS3Client
2014-01-28 06:11:05 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-01-25 17:55:15 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2014-01-25 17:55:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2014-01-25 17:55:15 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2014-01-25 17:55:15 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2014-01-25 17:55:14 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-01-25 17:55:14 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2014-01-25 17:55:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-01-25 17:55:14 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-01-25 17:55:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2014-01-25 17:55:13 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-01-25 17:55:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2014-01-25 17:55:13 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-01-25 17:54:34 -------- d-----w- C:\Nether
2014-01-25 17:31:52 -------- d-----w- C:\Program Files\NetherLauncher
2014-01-22 03:18:44 -------- d-----w- C:\Users\User\AppData\Local\FluxSoftware
.
==================== Find3M  ====================
.
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-01-30 21:10:35 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 21:10:35 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-24 15:40:32 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-11-25 23:17:47 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
.
============= FINISH: 17:25:31.82 ===============
 

 

mbam-log-2014-02-20 (08-08-56).txt

mbam-log-2014-02-20 (08-08-56).txt

Link to post
Share on other sites

Here is the RogueKiller report:

 

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 8 (6.2.9200 ) 64 bits version

Started in : Normal mode

User : User [Admin rights]

Mode : Scan -- Date : 02/20/2014 19:04:29

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 4 ¤¤¤

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD20 EFRX-68AX9N0 SATA Disk Device +++++

--- User ---

[MBR] 0d53da561e6eb5fdefe2aed1c5877456

[bSP] 8b5b45faa5496755c76cc27a90b6a5e2 : Empty MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_02202014_190429.txt >>
Link to post
Share on other sites

Hi and Welcome!!   

 

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

 

  • The fixes are specific to your problem and should only be used for the issues on this machine.

It's often worth reading through these instructions and printing them for ease of reference.

If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.

Please reply to this thread. Do not start a new topic.

If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.

Please be sure to subscribe to the topic if you have not already done so.


IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 

Having said that....   YBCQLm4.gif   Let's get going!!  

----------

Link to post
Share on other sites

81mYIKe.jpg  AdwCleaner
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------
 

LlJESjW.jpgMalwarebytes Anti-Rootkit
 
Please download Malwarebytes Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
  • If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If there is no malware found, please let me know as well.
----------

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.