Jump to content

Another laptop in seriously bad shape


Recommended Posts

Hi Guys,

my bro was given a laptop recently and it is incredibly slow, and I'm positive it has some nasty infections.

i downloaded MBAM, updated and ran a threat scan. MBAM found over 70 threats before it froze and wouldn't finish the scan.

 

here are the Farbar results.

 

log was too big to copy and paste so i have attached.
 
thank you
 
Fightthevirus
 

Addition.txt

FRST.txt

Link to post
Share on other sites

Hi & :welcome:
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

Please uninstall some programs:

  • Windows 7w7.png: Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    Search Protect
    RadioRage Internet Explorer Toolbar

  • Reboot your computer.

 

 

2014-07-11 15:36 - 2014-07-11 15:36 - 00581957 _____ () C:\Users\JudyJ\Desktop\adwcleaner-1.606-en.exe

 

 

 

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop. (This is the newest version)

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.
Link to post
Share on other sites

Hello Jurgen! 

 

thank you for your speedy response!

 

i have tried to uninstall these programs as you suggested

 

Search Protect
RadioRage Internet Explorer Toolbar

 

but i cannot find Search protect and when i try to uninstall RadioRage Internet Explorer Toolbar i get this message,

 

"there was a problem starting C:\Program Files(x86)\RadioRage_4j\bar\1.bin\4jbar.dll  the specified module could not be found."

 

any suggestions?

 

fightthevirus

 

there was a problem starting 

Link to post
Share on other sites

Hi,

please try this:

  • Please download and install revouninstaller.pngRevo Uninstaller Free

    note: there is no need to click anything on that page, the download will start automatically

  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:

    Search ProtectRadioRage Internet Explorer Toolbar
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete

    note: you may have to expand some folders by clicking the "+" mark

  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish
Please let me know if it works or not
Link to post
Share on other sites

hi Jurgen

logs from adware cleaner  and frst as requested

thanks

 

# AdwCleaner v3.215 - Report created 17/07/2014 at 20:53:34

# Updated 09/07/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : JudyJ - JUDESCOMPAC

# Running from : C:\Users\JudyJ\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector

Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@RadioRage_4j.com/Plugin

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A2B7C6-7487-4B99-9F6C-1FDF57FE130B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10273591-D084-4328-A7D0-49E051FCDE7B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11D4B723-18CA-48C6-BA13-965488F19A70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48909954-14FB-4971-A7B3-47E7AF10B38A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53855564-CF81-410C-9C1C-321C7E067816}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5848763C-2668-44CA-ADBE-2999A6EE2858}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6562E272-88E1-4DFF-8FF8-FE1A05323D36}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78BA36C9-6036-482B-B48D-ECCA6F964B84}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638B7D6-11F5-4406-B387-327642A11FFB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D740AD89-BAF4-47D5-9B5E-343D30F07A7A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEB941C-8B58-4899-97C3-88FE394E1285}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23760BE-23A3-4CEF-9304-66AF079F53DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6AD866F-EA06-476A-8432-ED943683FAB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECEF0D95-32FA-48D3-8A2D-D6453B5B7361}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F69FE1BE-09C3-460C-AC89-8CCD9D3DF1CC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F706E19B-6C14-4272-BA98-2F16636A898D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48909954-14FB-4971-A7B3-47E7AF10B38A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5848763C-2668-44CA-ADBE-2999A6EE2858}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48909954-14FB-4971-A7B3-47E7AF10B38A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5848763C-2668-44CA-ADBE-2999A6EE2858}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78BA36C9-6036-482B-B48D-ECCA6F964B84}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9638B7D6-11F5-4406-B387-327642A11FFB}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48909954-14FB-4971-A7B3-47E7AF10B38A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5848763C-2668-44CA-ADBE-2999A6EE2858}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78BA36C9-6036-482B-B48D-ECCA6F964B84}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{581C7D7D-F809-4E03-A631-74C069D5F04A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638B7D6-11F5-4406-B387-327642A11FFB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F706E19B-6C14-4272-BA98-2F16636A898D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-CF81-410C-9C1C-321C7E067816}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{110A9EA2-8810-4C04-B916-CFD4E9427FEC}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{110A9EA2-8810-4C04-B916-CFD4E9427FEC}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{78BA36C9-6036-482B-B48D-ECCA6F964B84}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{3C35AD63-AF1D-4E21-B484-B6651A8EFCF9}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\ClickConnect

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\Mega Browse

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\RadioRage_4j

Key Deleted : HKCU\Software\systweak

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Software\RadioRage_4j

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Mega Browse

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\Software\RadioRage_4j

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Firefox

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17207

 

 

-\\ Google Chrome v34.0.1847.116

 

[ File : C:\Users\JudyJ\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=58&CUI=&UM=5&UP=SP848790F4-29ED-44C9-8CFC-D9DA608D7D90&q=UCM_SEARCH_TERM&SSPV=

 

*************************

 

AdwCleaner[R0].txt - [19889 octets] - [17/07/2014 19:09:11]

AdwCleaner[R1].txt - [18499 octets] - [17/07/2014 19:30:43]

AdwCleaner[s0].txt - [2110 octets] - [17/07/2014 19:11:28]

AdwCleaner[s1].txt - [17915 octets] - [17/07/2014 20:53:34]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [17976 octets] ##########
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014

Ran by JudyJ (administrator) on JUDESCOMPAC on 17-07-2014 21:10:09

Running from C:\Users\JudyJ\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-23] (Synaptics Incorporated)

HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-19] (Hewlett-Packard Company)

HKLM\...\Run: [RadioRage Home Page Guard 64 bit] => "C:\PROGRA~2\RADIOR~2\bar\1.bin\AppIntegrator64.exe"

HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-09] (Microsoft Corporation)

HKU\S-1-5-19\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

HKU\S-1-5-20\...\Run: [sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

HKU\S-1-5-21-691438524-3951582167-1808453628-1001\...\MountPoints2: {101a584d-6680-11e2-8c58-78acc04a0edd} - I:\setup_QuickStart.exe

HKU\S-1-5-21-691438524-3951582167-1808453628-1001\...\MountPoints2: {101a5855-6680-11e2-8c58-78acc04a0edd} - I:\setup_QuickStart.exe

HKU\S-1-5-21-691438524-3951582167-1808453628-1001\...\MountPoints2: {e39ce04d-7797-11e2-b014-78acc04a0edd} - I:\setup_QuickStart.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.google.fr

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.google.fr

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {1BF76978-0E2C-420B-8CE0-6E262A0E3854} URL = http://au.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF

SearchScopes: HKLM - {47A753BA-866F-4233-9756-CCE4EEB07EB6} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {1BF76978-0E2C-420B-8CE0-6E262A0E3854} URL = http://au.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF

SearchScopes: HKLM-x32 - {47A753BA-866F-4233-9756-CCE4EEB07EB6} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}



SearchScopes: HKCU - {1BF76978-0E2C-420B-8CE0-6E262A0E3854} URL = http://au.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF

SearchScopes: HKCU - {47A753BA-866F-4233-9756-CCE4EEB07EB6} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKCU - {47CA92E5-E482-4096-B617-9BB367854CA8} URL = http://search.avg.com/?d=4d217f69&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1

SearchScopes: HKCU - {6AFA6E15-CC97-4B3A-A32B-7EAFD2B2B326} URL = https://www.google.com/search?q={searchTerms}

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File

Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

 

FireFox:

========

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension

FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-16]

FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-27]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

 

Chrome: 

=======

CHR HomePage: 

CHR DefaultSearchKeyword: google.com.au

CHR Extension: (RealDownloader) - C:\Users\JudyJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-07-16]

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)

R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-30] ()

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-20] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-07-12] (AVG Technologies)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-17] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)

S1 ssnfd; system32\drivers\ssnfd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-17 20:57 - 2014-07-17 20:57 - 00000314 _____ () C:\Windows\PFRO.log

2014-07-17 19:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-07-17 19:08 - 2014-07-17 20:53 - 00000000 ____D () C:\AdwCleaner

2014-07-17 19:06 - 2014-07-17 19:06 - 01348263 _____ () C:\Users\JudyJ\Desktop\AdwCleaner.exe

2014-07-16 15:49 - 2014-07-16 15:50 - 00001447 _____ () C:\AdwCleaner[s3].txt

2014-07-16 15:35 - 2014-03-26 19:48 - 00017480 _____ ( ) C:\Users\JudyJ\Documents\ARBITER64.DLL

2014-07-16 14:35 - 2014-07-17 20:58 - 00000504 _____ () C:\Windows\setupact.log

2014-07-16 14:35 - 2014-07-16 14:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-16 12:12 - 2014-07-16 12:12 - 00001264 _____ () C:\Users\JudyJ\Desktop\Revo Uninstaller.lnk

2014-07-16 12:12 - 2014-07-16 12:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-16 12:11 - 2014-07-16 12:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JudyJ\Downloads\revosetup.exe

2014-07-16 05:53 - 2014-07-16 06:22 - 00000000 ____D () C:\Users\JudyJ\Downloads\Reign Over Me 2007 BRrip 720P x264 MP4 - Ofek

2014-07-16 05:50 - 2014-07-16 14:06 - 00000000 ____D () C:\Users\JudyJ\Downloads\Grown Ups Duology

2014-07-16 05:17 - 2014-07-16 05:32 - 00000000 ____D () C:\Users\JudyJ\Downloads\Grandmas Boy (2006)

2014-07-16 03:49 - 2014-07-16 05:11 - 00000000 ____D () C:\Users\JudyJ\Downloads\Deuce.Bigalow.European.Gigolo.DVDRiP.XviD-ALLiANCE

2014-07-16 02:22 - 2014-07-16 05:08 - 00000000 ____D () C:\Users\JudyJ\Downloads\The Wedding Singer (1998)

2014-07-16 02:22 - 2014-07-16 02:28 - 00000000 ____D () C:\Users\JudyJ\Downloads\[ www.Torrenting.com ] - Kingpin.1996.DVDRip.x264-Riding High

2014-07-16 02:16 - 2014-07-16 14:02 - 00000000 ____D () C:\Users\JudyJ\Downloads\Stuck on You (2003)

2014-07-16 02:15 - 2014-07-16 02:51 - 00000000 ____D () C:\Users\JudyJ\Downloads\Shallow Hal (2001)

2014-07-16 02:14 - 2014-07-16 02:24 - 00000000 ____D () C:\Users\JudyJ\Downloads\Me Myself and Irene 2000 BRrip 720p x264 [Herakler]

2014-07-16 02:11 - 2014-07-16 02:11 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{A969FA4D-B280-4D1E-BAE2-75FF0B907FAF}

2014-07-15 20:44 - 2014-07-15 22:07 - 00000000 ____D () C:\Users\JudyJ\Downloads\The Watch 2012  720p Web H264 [Eng] johno70

2014-07-15 20:37 - 2014-07-15 20:37 - 00414112 _____ () C:\Users\JudyJ\Downloads\File_Downloader.exe

2014-07-15 19:54 - 2014-07-16 01:57 - 139115985 _____ () C:\Users\JudyJ\Downloads\Marvel's The Avengers (2012)(Bitloks)(1920).mkv

2014-07-15 17:57 - 2014-07-15 19:48 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForJudyJ.job

2014-07-15 17:57 - 2014-07-15 17:57 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJudyJ

2014-07-14 00:15 - 2014-07-14 03:08 - 00000000 ____D () C:\Users\JudyJ\Downloads\Edge.of.Tomorrow.2014.720P.HDTS.XVID-VAiN

2014-07-13 23:58 - 2014-07-14 01:35 - 743121652 ____R () C:\Users\JudyJ\Downloads\[ www.UsaBit.com ] - Happy Gilmore 1996 720p BRRip x264-PLAYNOW.mp4

2014-07-13 23:47 - 2014-07-14 07:44 - 00000000 ____D () C:\Users\JudyJ\Downloads\adam sandler movie pack

2014-07-13 22:06 - 2014-07-13 22:07 - 00036034 _____ () C:\Users\JudyJ\Downloads\Addition.txt

2014-07-13 22:04 - 2014-07-17 21:10 - 00014682 _____ () C:\Users\JudyJ\Downloads\FRST.txt

2014-07-13 22:03 - 2014-07-17 21:10 - 00000000 ____D () C:\FRST

2014-07-13 22:02 - 2014-07-13 22:03 - 02086912 _____ (Farbar) C:\Users\JudyJ\Downloads\FRST64.exe

2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-07-13 21:09 - 2014-07-13 21:11 - 04862664 _____ (AVAST Software) C:\Users\JudyJ\Downloads\avast_free_antivirus_setup_online.exe

2014-07-13 20:44 - 2014-07-17 21:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-13 20:41 - 2014-07-13 20:41 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-13 20:41 - 2014-07-13 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-13 20:40 - 2014-07-13 20:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-13 20:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-13 20:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-13 02:17 - 2014-07-13 02:18 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{C8F1AEB7-3B23-48B3-92BD-FF39ABCE3B6D}

2014-07-13 01:49 - 2014-07-13 01:49 - 00000000 ____D () C:\Program Files (x86)\LuckYShoppeR

2014-07-13 01:45 - 2014-07-13 01:56 - 00001166 _____ () C:\Users\JudyJ\Desktop\Live PC Help.lnk

2014-07-13 00:59 - 2014-07-13 00:59 - 00001305 _____ () C:\AdwCleaner[s2].txt

2014-07-13 00:59 - 2014-07-13 00:59 - 00001250 _____ () C:\AdwCleaner[R3].txt

2014-07-12 22:16 - 2014-07-12 23:06 - 00000000 ____D () C:\Users\JudyJ\Downloads\Dumb.And.Dumber.1994.UNCUT.iNTERNAL.DVDRip.x264-MULTiPLY[rarbg]

2014-07-12 21:32 - 2014-07-12 21:32 - 00000000 ____D () C:\Users\JudyJ\Downloads\Office Space [special Edition].1999.BRRip.XviD-VLiS

2014-07-12 21:27 - 2014-07-13 00:01 - 00000000 ____D () C:\Users\JudyJ\Downloads\Raising.Arizona.1987.1080p.BluRay.x264.anoXmous

2014-07-12 21:27 - 2014-07-12 21:32 - 00000000 ____D () C:\Users\JudyJ\Downloads\Ace.Ventura_Pet.Detective.1994.Extended.DVDRip.XviD.MP3-Idiocracy

2014-07-12 21:19 - 2014-07-12 21:20 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{4C7624B5-B1F7-491E-A7F5-2017E223B7D1}

2014-07-12 14:59 - 2014-07-12 19:04 - 00000000 ____D () C:\Users\JudyJ\Downloads\Prometheus (2012) 1080p Bluray.x264 aac [TUGA RG]

2014-07-12 14:57 - 2014-07-12 19:22 - 528850751 _____ () C:\Users\JudyJ\Downloads\World War Z[2013]UNRATED CUT BRRip XviD-ETRG.mp4

2014-07-12 14:48 - 2014-07-12 16:12 - 00000000 ____D () C:\Users\JudyJ\Downloads\Transformers.Age.of.Extinction.2014.NEW.CAM.READNFO.XViD-FANTA

2014-07-12 14:24 - 2014-07-13 18:09 - 00000000 ____D () C:\ProgramData\LuckYShoppeR

2014-07-12 14:24 - 2014-07-12 14:24 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\Packages

2014-07-11 23:35 - 2014-07-11 23:44 - 00000000 ____D () C:\Users\JudyJ\Downloads\Blended.2014.HDRip.HC.XviD.MP3-RARBG

2014-07-11 23:29 - 2014-07-11 23:50 - 00000000 ____D () C:\Users\JudyJ\Downloads\Maleficent 2014 TS XviD MP3 MiLLENiUM

2014-07-11 23:28 - 2014-07-12 01:19 - 00000000 ____D () C:\Users\JudyJ\Downloads\bp-towdvds

2014-07-11 21:44 - 2014-06-21 06:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-11 21:44 - 2014-06-21 05:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-11 21:44 - 2014-06-19 11:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-11 21:44 - 2014-06-19 11:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-11 21:44 - 2014-06-19 11:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-11 21:44 - 2014-06-19 10:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-11 21:44 - 2014-06-19 10:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-11 21:44 - 2014-06-19 10:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-11 21:44 - 2014-06-19 10:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-11 21:44 - 2014-06-19 10:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-11 21:44 - 2014-06-19 10:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-11 21:44 - 2014-06-19 10:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-11 21:44 - 2014-06-19 10:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-11 21:44 - 2014-06-19 10:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-11 21:44 - 2014-06-19 10:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-11 21:44 - 2014-06-19 10:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-11 21:44 - 2014-06-19 10:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-11 21:44 - 2014-06-19 10:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-11 21:44 - 2014-06-19 10:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-11 21:44 - 2014-06-19 09:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-11 21:44 - 2014-06-19 09:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-11 21:44 - 2014-06-19 09:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-11 21:44 - 2014-06-19 09:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-11 21:44 - 2014-06-19 09:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-11 21:44 - 2014-06-19 09:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-11 21:44 - 2014-06-19 09:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-11 21:44 - 2014-06-19 09:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-11 21:44 - 2014-06-19 09:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-11 21:44 - 2014-06-19 09:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-11 21:44 - 2014-06-19 09:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-11 21:44 - 2014-06-19 09:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-11 21:44 - 2014-06-19 09:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-11 21:44 - 2014-06-19 09:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-11 21:44 - 2014-06-19 09:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-11 21:44 - 2014-06-19 09:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-11 21:44 - 2014-06-19 09:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-11 21:44 - 2014-06-19 09:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-11 21:44 - 2014-06-19 09:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-11 21:44 - 2014-06-19 09:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-11 21:44 - 2014-06-19 09:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-11 21:44 - 2014-06-19 09:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-11 21:44 - 2014-06-19 09:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-11 21:44 - 2014-06-19 08:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-11 21:44 - 2014-06-19 08:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-11 21:44 - 2014-06-19 08:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-11 21:44 - 2014-06-19 08:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-11 21:44 - 2014-06-19 08:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-11 21:44 - 2014-06-19 08:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-11 21:44 - 2014-06-19 08:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-11 21:44 - 2014-06-19 08:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-11 21:44 - 2014-06-19 08:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-11 21:44 - 2014-06-19 08:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-11 21:44 - 2014-06-19 08:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-11 21:44 - 2014-06-19 08:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-11 21:44 - 2014-06-19 08:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-11 21:44 - 2014-06-19 08:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-11 20:16 - 2014-07-11 20:16 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{88D12ADB-CE51-4AB9-991F-F32B33392122}

2014-07-11 18:57 - 2014-07-11 23:29 - 244741558 _____ () C:\Users\JudyJ\Downloads\AMAZING Teen Sex with Anal (Shuddering Orgasm) .mp4

2014-07-11 18:55 - 2014-03-04 19:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-07-11 18:55 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-07-11 18:55 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-07-11 18:55 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-07-11 18:55 - 2014-03-04 19:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-07-11 18:55 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-07-11 18:55 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-07-11 18:55 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-07-11 18:55 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-07-11 18:55 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-07-11 18:55 - 2014-03-04 19:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-07-11 18:55 - 2014-03-04 19:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-07-11 18:55 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-07-11 18:55 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-07-11 18:55 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-07-11 18:30 - 2014-06-30 12:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-11 18:30 - 2014-06-30 12:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-11 18:11 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-07-11 18:11 - 2014-03-27 00:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-07-11 18:11 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-07-11 18:11 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-07-11 18:11 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-07-11 18:11 - 2014-03-27 00:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-07-11 18:11 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-07-11 18:11 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-07-11 17:56 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-11 17:56 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-11 17:56 - 2014-06-18 11:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-11 17:55 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-11 17:54 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-11 17:54 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-11 17:50 - 2014-05-30 18:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-11 17:50 - 2014-05-30 17:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-11 17:48 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-07-11 17:48 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-07-11 17:47 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-07-11 17:47 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-07-11 17:39 - 2014-07-11 22:06 - 137698276 _____ () C:\Users\JudyJ\Downloads\S07E06- The Workplace Proximity.mkv

2014-07-11 17:28 - 2014-07-11 21:40 - 147416209 _____ () C:\Users\JudyJ\Downloads\S07E21- The Anything Can Happen Recurrence.mkv

2014-07-11 17:18 - 2014-07-11 22:06 - 147361492 _____ () C:\Users\JudyJ\Downloads\S07E04- The Raiders Minimization.mkv

2014-07-11 17:18 - 2014-07-11 21:55 - 147389845 _____ () C:\Users\JudyJ\Downloads\S07E17- The Friendship Turbulence.mkv

2014-07-11 17:18 - 2014-07-11 21:50 - 147336735 _____ () C:\Users\JudyJ\Downloads\S07E22- The Protron Transmogrification.mkv

2014-07-11 17:18 - 2014-07-11 21:40 - 147403927 _____ () C:\Users\JudyJ\Downloads\S07E12-The Hesitation Ramification.mkv

2014-07-11 17:18 - 2014-07-11 21:40 - 147341276 _____ () C:\Users\JudyJ\Downloads\S07E19- The Indecision Amalgamation.mkv

2014-07-11 17:17 - 2014-07-11 22:05 - 157039781 _____ () C:\Users\JudyJ\Downloads\S07E05- The Romance Resonance.mkv

2014-07-11 17:16 - 2014-07-11 21:50 - 157297289 _____ () C:\Users\JudyJ\Downloads\S07E11-The Cooper Extraction.mkv

2014-07-11 17:16 - 2014-07-11 18:26 - 00000000 ____D () C:\Users\JudyJ\Downloads\Bad.Neighbors.2014.WEBRip.HC.XviD.MP3-RARBG

2014-07-11 17:16 - 2014-07-11 17:37 - 00000000 ____D () C:\Users\JudyJ\Downloads\Need.For.Speed.2014.HD-TS.XVID.AC3.HQ.Hive-CM8

2014-07-11 17:15 - 2014-07-11 22:06 - 147263722 _____ () C:\Users\JudyJ\Downloads\S07E03- The Scavenger Vortex.mkv

2014-07-11 17:15 - 2014-07-11 22:05 - 147264017 _____ () C:\Users\JudyJ\Downloads\S07E08-The Itchy Brain Simulation.mkv

2014-07-11 17:15 - 2014-07-11 22:00 - 144897389 _____ () C:\Users\JudyJ\Downloads\S07E10-The Discovery Dissipation.mkv

2014-07-11 17:15 - 2014-07-11 22:00 - 141403893 _____ () C:\Users\JudyJ\Downloads\S07E09-The Thanksgiving Decoupling.mkv

2014-07-11 17:15 - 2014-07-11 21:40 - 147244466 _____ () C:\Users\JudyJ\Downloads\S07E15- The Locomotive Manipulation.mkv

2014-07-11 17:15 - 2014-07-11 21:40 - 147228620 _____ () C:\Users\JudyJ\Downloads\S07E20- The Relationship Diremption.mkv

2014-07-11 17:15 - 2014-03-25 12:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-07-11 17:15 - 2014-03-25 12:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-07-11 17:13 - 2014-07-11 22:06 - 147300007 _____ () C:\Users\JudyJ\Downloads\S07E02- The Deception Verification.mkv

2014-07-11 17:13 - 2014-07-11 22:05 - 147317115 _____ () C:\Users\JudyJ\Downloads\S07E01- The Hofstadter Insufficiency.mkv

2014-07-11 17:13 - 2014-07-11 21:55 - 147274052 _____ () C:\Users\JudyJ\Downloads\S07E18- The Mommy Observation.mkv

2014-07-11 17:13 - 2014-07-11 21:40 - 147301944 _____ () C:\Users\JudyJ\Downloads\S07E13-The Occupation Recalibration.mkv

2014-07-11 17:13 - 2014-07-11 21:40 - 147293218 _____ () C:\Users\JudyJ\Downloads\S07E23- The Gorilla Dissolution.mkv

2014-07-11 17:13 - 2014-07-11 21:40 - 147289983 _____ () C:\Users\JudyJ\Downloads\S07E24- The Status Quo Combustion.mkv

2014-07-11 17:11 - 2014-07-11 22:06 - 147333941 _____ () C:\Users\JudyJ\Downloads\S07E07-The Proton Displacement.mkv

2014-07-11 16:54 - 2014-06-06 00:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-11 16:54 - 2014-06-06 00:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-11 16:54 - 2014-06-06 00:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-11 16:54 - 2014-04-12 12:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-07-11 16:54 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-07-11 16:54 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-07-11 16:54 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-07-11 16:54 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-07-11 16:54 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\JudyJ\AppData\Roaming\rightbackup

2014-07-11 15:42 - 2014-07-11 15:42 - 00006471 _____ () C:\AdwCleaner[s1].txt

2014-07-11 15:41 - 2014-07-11 15:41 - 00007728 _____ () C:\AdwCleaner[R2].txt

2014-07-11 15:39 - 2014-07-11 15:39 - 00007668 _____ () C:\AdwCleaner[R1].txt

2014-07-11 15:36 - 2014-07-11 15:36 - 00581957 _____ () C:\Users\JudyJ\Desktop\adwcleaner-1.606-en.exe

2014-07-11 15:35 - 2014-07-11 15:35 - 00001064 _____ () C:\Users\JudyJ\Desktop\FLVM Player.lnk

2014-07-11 15:06 - 2014-07-11 15:06 - 00003120 _____ () C:\Windows\System32\Tasks\{E375E9AD-3BCE-43C9-AD05-5665C6F3B0A4}

 

==================== One Month Modified Files and Folders =======

 

2014-07-17 21:13 - 2014-07-13 22:04 - 00014682 _____ () C:\Users\JudyJ\Downloads\FRST.txt

2014-07-17 21:10 - 2014-07-13 22:03 - 00000000 ____D () C:\FRST

2014-07-17 21:09 - 2014-07-13 20:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-17 21:05 - 2014-03-27 17:38 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-17 21:01 - 2014-03-27 17:37 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-17 21:01 - 2013-06-04 17:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

2014-07-17 20:58 - 2014-07-16 14:35 - 00000504 _____ () C:\Windows\setupact.log

2014-07-17 20:58 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-17 20:57 - 2014-07-17 20:57 - 00000314 _____ () C:\Windows\PFRO.log

2014-07-17 20:54 - 2010-11-20 18:44 - 01896722 _____ () C:\Windows\WindowsUpdate.log

2014-07-17 20:53 - 2014-07-17 19:08 - 00000000 ____D () C:\AdwCleaner

2014-07-17 20:29 - 2012-05-12 07:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-17 19:16 - 2010-12-26 16:09 - 00000000 ____D () C:\Users\JudyJ

2014-07-17 19:12 - 2009-07-14 14:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-17 19:12 - 2009-07-14 14:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-17 19:07 - 2011-03-27 16:13 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8DBABE80-BC2D-4F8E-9FD9-32735E5A7A5E}

2014-07-17 19:06 - 2014-07-17 19:06 - 01348263 _____ () C:\Users\JudyJ\Desktop\AdwCleaner.exe

2014-07-17 18:58 - 2011-01-03 17:07 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-16 15:50 - 2014-07-16 15:49 - 00001447 _____ () C:\AdwCleaner[s3].txt

2014-07-16 15:48 - 2014-03-26 18:24 - 00000000 ____D () C:\Users\JudyJ\AppData\Roaming\uTorrent

2014-07-16 14:35 - 2014-07-16 14:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-16 14:06 - 2014-07-16 05:50 - 00000000 ____D () C:\Users\JudyJ\Downloads\Grown Ups Duology

2014-07-16 14:02 - 2014-07-16 02:16 - 00000000 ____D () C:\Users\JudyJ\Downloads\Stuck on You (2003)

2014-07-16 12:30 - 2011-05-02 18:52 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2

2014-07-16 12:12 - 2014-07-16 12:12 - 00001264 _____ () C:\Users\JudyJ\Desktop\Revo Uninstaller.lnk

2014-07-16 12:12 - 2014-07-16 12:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-07-16 12:11 - 2014-07-16 12:11 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\JudyJ\Downloads\revosetup.exe

2014-07-16 06:22 - 2014-07-16 05:53 - 00000000 ____D () C:\Users\JudyJ\Downloads\Reign Over Me 2007 BRrip 720P x264 MP4 - Ofek

2014-07-16 05:32 - 2014-07-16 05:17 - 00000000 ____D () C:\Users\JudyJ\Downloads\Grandmas Boy (2006)

2014-07-16 05:11 - 2014-07-16 03:49 - 00000000 ____D () C:\Users\JudyJ\Downloads\Deuce.Bigalow.European.Gigolo.DVDRiP.XviD-ALLiANCE

2014-07-16 05:08 - 2014-07-16 02:22 - 00000000 ____D () C:\Users\JudyJ\Downloads\The Wedding Singer (1998)

2014-07-16 02:51 - 2014-07-16 02:15 - 00000000 ____D () C:\Users\JudyJ\Downloads\Shallow Hal (2001)

2014-07-16 02:28 - 2014-07-16 02:22 - 00000000 ____D () C:\Users\JudyJ\Downloads\[ www.Torrenting.com ] - Kingpin.1996.DVDRip.x264-Riding High

2014-07-16 02:24 - 2014-07-16 02:14 - 00000000 ____D () C:\Users\JudyJ\Downloads\Me Myself and Irene 2000 BRrip 720p x264 [Herakler]

2014-07-16 02:11 - 2014-07-16 02:11 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{A969FA4D-B280-4D1E-BAE2-75FF0B907FAF}

2014-07-16 01:57 - 2014-07-15 19:54 - 139115985 _____ () C:\Users\JudyJ\Downloads\Marvel's The Avengers (2012)(Bitloks)(1920).mkv

2014-07-15 22:07 - 2014-07-15 20:44 - 00000000 ____D () C:\Users\JudyJ\Downloads\The Watch 2012  720p Web H264 [Eng] johno70

2014-07-15 20:37 - 2014-07-15 20:37 - 00414112 _____ () C:\Users\JudyJ\Downloads\File_Downloader.exe

2014-07-15 19:48 - 2014-07-15 17:57 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForJudyJ.job

2014-07-15 17:57 - 2014-07-15 17:57 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJudyJ

2014-07-14 07:44 - 2014-07-13 23:47 - 00000000 ____D () C:\Users\JudyJ\Downloads\adam sandler movie pack

2014-07-14 03:08 - 2014-07-14 00:15 - 00000000 ____D () C:\Users\JudyJ\Downloads\Edge.of.Tomorrow.2014.720P.HDTS.XVID-VAiN

2014-07-14 01:35 - 2014-07-13 23:58 - 743121652 ____R () C:\Users\JudyJ\Downloads\[ www.UsaBit.com ] - Happy Gilmore 1996 720p BRRip x264-PLAYNOW.mp4

2014-07-14 01:29 - 2009-07-14 15:13 - 00788704 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-13 22:07 - 2014-07-13 22:06 - 00036034 _____ () C:\Users\JudyJ\Downloads\Addition.txt

2014-07-13 22:03 - 2014-07-13 22:02 - 02086912 _____ (Farbar) C:\Users\JudyJ\Downloads\FRST64.exe

2014-07-13 21:56 - 2014-07-13 21:56 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-07-13 21:11 - 2014-07-13 21:09 - 04862664 _____ (AVAST Software) C:\Users\JudyJ\Downloads\avast_free_antivirus_setup_online.exe

2014-07-13 20:41 - 2014-07-13 20:41 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-13 20:41 - 2014-07-13 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-13 20:41 - 2014-07-13 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-13 20:41 - 2013-11-12 11:24 - 00000000 ____D () C:\Users\JudyJ\AppData\Roaming\Malwarebytes

2014-07-13 20:40 - 2013-11-12 11:23 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-13 20:40 - 2013-11-12 11:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-07-13 19:36 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache

2014-07-13 18:09 - 2014-07-12 14:24 - 00000000 ____D () C:\ProgramData\LuckYShoppeR

2014-07-13 02:18 - 2014-07-13 02:17 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{C8F1AEB7-3B23-48B3-92BD-FF39ABCE3B6D}

2014-07-13 01:56 - 2014-07-13 01:45 - 00001166 _____ () C:\Users\JudyJ\Desktop\Live PC Help.lnk

2014-07-13 01:49 - 2014-07-13 01:49 - 00000000 ____D () C:\Program Files (x86)\LuckYShoppeR

2014-07-13 01:49 - 2014-04-20 10:21 - 00000000 ____D () C:\ProgramData\32c8272dec2d358

2014-07-13 01:41 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files\Windows Sidebar

2014-07-13 01:38 - 2009-07-14 15:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar

2014-07-13 00:59 - 2014-07-13 00:59 - 00001305 _____ () C:\AdwCleaner[s2].txt

2014-07-13 00:59 - 2014-07-13 00:59 - 00001250 _____ () C:\AdwCleaner[R3].txt

2014-07-13 00:01 - 2014-07-12 21:27 - 00000000 ____D () C:\Users\JudyJ\Downloads\Raising.Arizona.1987.1080p.BluRay.x264.anoXmous

2014-07-12 23:06 - 2014-07-12 22:16 - 00000000 ____D () C:\Users\JudyJ\Downloads\Dumb.And.Dumber.1994.UNCUT.iNTERNAL.DVDRip.x264-MULTiPLY[rarbg]

2014-07-12 21:32 - 2014-07-12 21:32 - 00000000 ____D () C:\Users\JudyJ\Downloads\Office Space [special Edition].1999.BRRip.XviD-VLiS

2014-07-12 21:32 - 2014-07-12 21:27 - 00000000 ____D () C:\Users\JudyJ\Downloads\Ace.Ventura_Pet.Detective.1994.Extended.DVDRip.XviD.MP3-Idiocracy

2014-07-12 21:20 - 2014-07-12 21:19 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{4C7624B5-B1F7-491E-A7F5-2017E223B7D1}

2014-07-12 19:22 - 2014-07-12 14:57 - 528850751 _____ () C:\Users\JudyJ\Downloads\World War Z[2013]UNRATED CUT BRRip XviD-ETRG.mp4

2014-07-12 19:04 - 2014-07-12 14:59 - 00000000 ____D () C:\Users\JudyJ\Downloads\Prometheus (2012) 1080p Bluray.x264 aac [TUGA RG]

2014-07-12 16:12 - 2014-07-12 14:48 - 00000000 ____D () C:\Users\JudyJ\Downloads\Transformers.Age.of.Extinction.2014.NEW.CAM.READNFO.XViD-FANTA

2014-07-12 14:24 - 2014-07-12 14:24 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\Packages

2014-07-12 14:02 - 2012-12-08 07:26 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-07-12 13:55 - 2009-07-14 14:45 - 00322024 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-12 04:16 - 2014-05-31 19:54 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-12 04:15 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-12 04:15 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-12 04:10 - 2010-12-27 09:31 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-12 03:54 - 2013-09-08 22:21 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-12 01:19 - 2014-07-11 23:28 - 00000000 ____D () C:\Users\JudyJ\Downloads\bp-towdvds

2014-07-11 23:50 - 2014-07-11 23:29 - 00000000 ____D () C:\Users\JudyJ\Downloads\Maleficent 2014 TS XviD MP3 MiLLENiUM

2014-07-11 23:44 - 2014-07-11 23:35 - 00000000 ____D () C:\Users\JudyJ\Downloads\Blended.2014.HDRip.HC.XviD.MP3-RARBG

2014-07-11 23:29 - 2014-07-11 18:57 - 244741558 _____ () C:\Users\JudyJ\Downloads\AMAZING Teen Sex with Anal (Shuddering Orgasm) .mp4

2014-07-11 22:06 - 2014-07-11 17:39 - 137698276 _____ () C:\Users\JudyJ\Downloads\S07E06- The Workplace Proximity.mkv

2014-07-11 22:06 - 2014-07-11 17:18 - 147361492 _____ () C:\Users\JudyJ\Downloads\S07E04- The Raiders Minimization.mkv

2014-07-11 22:06 - 2014-07-11 17:15 - 147263722 _____ () C:\Users\JudyJ\Downloads\S07E03- The Scavenger Vortex.mkv

2014-07-11 22:06 - 2014-07-11 17:13 - 147300007 _____ () C:\Users\JudyJ\Downloads\S07E02- The Deception Verification.mkv

2014-07-11 22:06 - 2014-07-11 17:11 - 147333941 _____ () C:\Users\JudyJ\Downloads\S07E07-The Proton Displacement.mkv

2014-07-11 22:05 - 2014-07-11 17:17 - 157039781 _____ () C:\Users\JudyJ\Downloads\S07E05- The Romance Resonance.mkv

2014-07-11 22:05 - 2014-07-11 17:15 - 147264017 _____ () C:\Users\JudyJ\Downloads\S07E08-The Itchy Brain Simulation.mkv

2014-07-11 22:05 - 2014-07-11 17:13 - 147317115 _____ () C:\Users\JudyJ\Downloads\S07E01- The Hofstadter Insufficiency.mkv

2014-07-11 22:00 - 2014-07-11 17:15 - 144897389 _____ () C:\Users\JudyJ\Downloads\S07E10-The Discovery Dissipation.mkv

2014-07-11 22:00 - 2014-07-11 17:15 - 141403893 _____ () C:\Users\JudyJ\Downloads\S07E09-The Thanksgiving Decoupling.mkv

2014-07-11 21:55 - 2014-07-11 17:18 - 147389845 _____ () C:\Users\JudyJ\Downloads\S07E17- The Friendship Turbulence.mkv

2014-07-11 21:55 - 2014-07-11 17:13 - 147274052 _____ () C:\Users\JudyJ\Downloads\S07E18- The Mommy Observation.mkv

2014-07-11 21:50 - 2014-07-11 17:18 - 147336735 _____ () C:\Users\JudyJ\Downloads\S07E22- The Protron Transmogrification.mkv

2014-07-11 21:50 - 2014-07-11 17:16 - 157297289 _____ () C:\Users\JudyJ\Downloads\S07E11-The Cooper Extraction.mkv

2014-07-11 21:40 - 2014-07-11 17:28 - 147416209 _____ () C:\Users\JudyJ\Downloads\S07E21- The Anything Can Happen Recurrence.mkv

2014-07-11 21:40 - 2014-07-11 17:18 - 147403927 _____ () C:\Users\JudyJ\Downloads\S07E12-The Hesitation Ramification.mkv

2014-07-11 21:40 - 2014-07-11 17:18 - 147341276 _____ () C:\Users\JudyJ\Downloads\S07E19- The Indecision Amalgamation.mkv

2014-07-11 21:40 - 2014-07-11 17:15 - 147244466 _____ () C:\Users\JudyJ\Downloads\S07E15- The Locomotive Manipulation.mkv

2014-07-11 21:40 - 2014-07-11 17:15 - 147228620 _____ () C:\Users\JudyJ\Downloads\S07E20- The Relationship Diremption.mkv

2014-07-11 21:40 - 2014-07-11 17:13 - 147301944 _____ () C:\Users\JudyJ\Downloads\S07E13-The Occupation Recalibration.mkv

2014-07-11 21:40 - 2014-07-11 17:13 - 147293218 _____ () C:\Users\JudyJ\Downloads\S07E23- The Gorilla Dissolution.mkv

2014-07-11 21:40 - 2014-07-11 17:13 - 147289983 _____ () C:\Users\JudyJ\Downloads\S07E24- The Status Quo Combustion.mkv

2014-07-11 20:16 - 2014-07-11 20:16 - 00000000 ____D () C:\Users\JudyJ\AppData\Local\{88D12ADB-CE51-4AB9-991F-F32B33392122}

2014-07-11 18:26 - 2014-07-11 17:16 - 00000000 ____D () C:\Users\JudyJ\Downloads\Bad.Neighbors.2014.WEBRip.HC.XviD.MP3-RARBG

2014-07-11 17:50 - 2014-03-27 17:15 - 147271241 _____ () C:\Users\JudyJ\Downloads\S07E14- The Convention Conundrum.mkv

2014-07-11 17:39 - 2014-03-27 17:19 - 147327499 _____ () C:\Users\JudyJ\Downloads\S07E16- The Table Polarization.mkv

2014-07-11 17:37 - 2014-07-11 17:16 - 00000000 ____D () C:\Users\JudyJ\Downloads\Need.For.Speed.2014.HD-TS.XVID.AC3.HQ.Hive-CM8

2014-07-11 17:15 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-07-11 17:03 - 2014-03-26 18:25 - 00000854 _____ () C:\Users\JudyJ\Desktop\µTorrent.lnk

2014-07-11 17:03 - 2014-03-26 18:25 - 00000834 _____ () C:\Users\JudyJ\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\JudyJ\AppData\Roaming\rightbackup

2014-07-11 15:42 - 2014-07-11 15:42 - 00006471 _____ () C:\AdwCleaner[s1].txt

2014-07-11 15:41 - 2014-07-11 15:41 - 00007728 _____ () C:\AdwCleaner[R2].txt

2014-07-11 15:39 - 2014-07-11 15:39 - 00007668 _____ () C:\AdwCleaner[R1].txt

2014-07-11 15:36 - 2014-07-11 15:36 - 00581957 _____ () C:\Users\JudyJ\Desktop\adwcleaner-1.606-en.exe

2014-07-11 15:35 - 2014-07-11 15:35 - 00001064 _____ () C:\Users\JudyJ\Desktop\FLVM Player.lnk

2014-07-11 15:33 - 2012-05-12 07:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-11 15:31 - 2012-05-12 07:53 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-11 15:31 - 2011-06-26 13:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-11 15:06 - 2014-07-11 15:06 - 00003120 _____ () C:\Windows\System32\Tasks\{E375E9AD-3BCE-43C9-AD05-5665C6F3B0A4}

2014-06-30 12:09 - 2014-07-11 18:30 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-30 12:04 - 2014-07-11 18:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-26 17:40 - 2011-01-03 16:41 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-21 06:14 - 2014-07-11 21:44 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-21 05:39 - 2014-07-11 21:44 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-19 11:39 - 2014-07-11 21:44 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-19 11:06 - 2014-07-11 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-19 11:06 - 2014-07-11 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-19 10:48 - 2014-07-11 21:44 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-19 10:42 - 2014-07-11 21:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-19 10:42 - 2014-07-11 21:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-19 10:41 - 2014-07-11 21:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-19 10:41 - 2014-07-11 21:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-19 10:32 - 2014-07-11 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-19 10:31 - 2014-07-11 21:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-19 10:26 - 2014-07-11 21:44 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-19 10:24 - 2014-07-11 21:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-19 10:24 - 2014-07-11 21:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-19 10:23 - 2014-07-11 21:44 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-19 10:16 - 2014-07-11 21:44 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-19 10:14 - 2014-07-11 21:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-19 10:09 - 2014-07-11 21:44 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-19 09:59 - 2014-07-11 21:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-19 09:56 - 2014-07-11 21:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-19 09:53 - 2014-07-11 21:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-19 09:51 - 2014-07-11 21:44 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-19 09:50 - 2014-07-11 21:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-19 09:48 - 2014-07-11 21:44 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-19 09:39 - 2014-07-11 21:44 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-19 09:38 - 2014-07-11 21:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-19 09:37 - 2014-07-11 21:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-19 09:36 - 2014-07-11 21:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-19 09:35 - 2014-07-11 21:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-19 09:33 - 2014-07-11 21:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-19 09:32 - 2014-07-11 21:44 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-19 09:28 - 2014-07-11 21:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-19 09:28 - 2014-07-11 21:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-19 09:27 - 2014-07-11 21:44 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-19 09:27 - 2014-07-11 21:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-19 09:25 - 2014-07-11 21:44 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-19 09:23 - 2014-07-11 21:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-19 09:22 - 2014-07-11 21:44 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-19 09:12 - 2014-07-11 21:44 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-19 09:06 - 2014-07-11 21:44 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-19 09:01 - 2014-07-11 21:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-19 08:59 - 2014-07-11 21:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-19 08:58 - 2014-07-11 21:44 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-19 08:58 - 2014-07-11 21:44 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-19 08:52 - 2014-07-11 21:44 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-19 08:51 - 2014-07-11 21:44 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-19 08:49 - 2014-07-11 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-19 08:46 - 2014-07-11 21:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-19 08:45 - 2014-07-11 21:44 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-19 08:35 - 2014-07-11 21:44 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-19 08:34 - 2014-07-11 21:44 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-19 08:15 - 2014-07-11 21:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-19 08:13 - 2014-07-11 21:44 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-19 08:09 - 2014-07-11 21:44 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-19 08:07 - 2014-07-11 21:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 12:18 - 2014-07-11 17:56 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-18 11:51 - 2014-07-11 17:56 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-18 11:10 - 2014-07-11 17:56 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

 

Some content of TEMP:

====================

C:\Users\JudyJ\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-13 19:52

 

==================== End Of Log ============================

Link to post
Share on other sites

Ok, :)

Step 1

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 2

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.