Jump to content

Avast pop ups URL:Mal help needed please


Recommended Posts

Hey folks, Avast keeps popping up with URL:Mal in Chrome, nearly every tab I open. 

Have used the farbar recovery scan tool and have attached/pasted results. Would really appreciate your help, many thanks! 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Latifah (administrator) on ORACLE3RDLIGHT- on 11-11-2014 11:43:20
Running from C:\Users\Latifah\Desktop
Loaded Profiles: UpdatusUser & Latifah (Available profiles: UpdatusUser & Latifah)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Latifah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla server.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)
HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-05] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1867582200-139094598-4032816429-1001\...\Run: [Google Update] => C:\Users\Latifah\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-09] (Google Inc.)
HKU\S-1-5-21-1867582200-139094598-4032816429-1001\...\Run: [spotify Web Helper] => C:\Users\Latifah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-04] (Spotify Ltd)
HKU\S-1-5-21-1867582200-139094598-4032816429-1001\...\RunOnce: [uninstall C:\Users\Latifah\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Latifah\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1867582200-139094598-4032816429-1001\...\RunOnce: [uninstall C:\Users\Latifah\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Latifah\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-1867582200-139094598-4032816429-1001\...\RunOnce: [FlashPlayerUpdate] => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-10] (Adobe Systems Incorporated)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [226920 2011-01-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [192616 2011-01-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Latifah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &ClipMate ClipBar v7.5 - {F60C63CE-52AF-4915-AAC9-F100FCDE270F} - C:\Program Files (x86)\ClipMate7\ClipMateDeskBand.dll (Thornsoft Development, Inc)
Tcpip\Parameters: [DhcpNameServer] 192.168.22.22 192.168.22.23
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Latifah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: @talk.google.com/O1DPlugin -> C:\Users\Latifah\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Latifah\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Latifah\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Latifah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1867582200-139094598-4032816429-1001: electronicarts.com/GameFacePlugin -> C:\Users\Latifah\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Users\Latifah\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Latifah\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-09]
 
Chrome: 
=======
CHR HomePage: Default -> https://webmail.123-reg.co.uk/login/
CHR Profile: C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-03]
CHR Extension: (YouTube) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-09]
CHR Extension: (Google Search) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-09]
CHR Extension: (Quick Note) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2014-10-13]
CHR Extension: (Word CaptureX Extension) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf [2012-04-09]
CHR Extension: (Google Wallet) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Latifah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-30]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23]
CHR StartMenuInternet: Google Chrome - C:\Users\Latifah\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-30] (AVAST Software)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-30] ()
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-12-26] (Windows ® 2003 DDK 3790 provider)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-11 11:43 - 2014-11-11 11:44 - 00018029 _____ () C:\Users\Latifah\Desktop\FRST.txt
2014-11-11 11:43 - 2014-11-11 11:43 - 00000000 ____D () C:\FRST
2014-11-11 11:40 - 2014-11-11 11:40 - 02116096 _____ (Farbar) C:\Users\Latifah\Desktop\FRST64.exe
2014-11-11 00:23 - 2014-11-11 00:23 - 00000000 ____D () C:\Users\Latifah\AppData\Roaming\Mozilla
2014-11-09 14:40 - 2014-11-09 14:41 - 00000000 ____D () C:\Users\Latifah\Downloads\[ www.torrenting.com ] - Constantine.S01E02.HDTV.x264-LOL
2014-11-09 00:02 - 2014-11-09 00:09 - 00000000 ____D () C:\Users\Latifah\Downloads\WWE Friday Night Smackdown HDTV 2014-10-31 720p AVCHD-SC-SDH
2014-11-08 23:56 - 2014-11-09 12:06 - 00000000 ____D () C:\Users\Latifah\Downloads\WWE.Raw.11.03.14.HDTV.x264-XWT
2014-11-08 20:06 - 2014-11-08 20:36 - 00000000 ____D () C:\Users\Latifah\Downloads\American Horror Story Freakshow - S04E05 [1080p] WEB-DL [subtitles Included]
2014-11-02 00:20 - 2014-11-02 00:41 - 1739282484 _____ () C:\Users\Latifah\Downloads\American Horror Story S04E04 Edward Mordrake Part II (1920x1080) [Phr0stY].mkv
2014-11-02 00:18 - 2014-11-02 00:18 - 00017391 _____ () C:\Users\Latifah\Downloads\American_Horror_Story_S04E04_Edward_Mordrake_Part_II_(1920x1080)_[Phr0stY].mkv.torrent
2014-10-28 22:38 - 2014-10-30 15:45 - 00000000 ____D () C:\Users\Latifah\Downloads\[ www.torrenting.com ] - WWE.Hell.In.A.Cell.2014.PPV.HDTV.x264-KYR
2014-10-25 23:30 - 2014-10-26 00:04 - 2120620282 _____ () C:\Users\Latifah\Downloads\American.Horror.Story.S04E03.720p.HDTV.x264-KILLERS.mkv
2014-10-22 22:34 - 2014-10-22 22:34 - 00000000 ____D () C:\Users\Latifah\Desktop\blackistani
2014-10-20 19:52 - 2014-10-20 19:52 - 00002187 _____ () C:\Users\Latifah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-10-19 10:15 - 2014-10-19 10:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-19 10:15 - 2014-10-19 10:15 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-18 23:32 - 2014-10-19 00:07 - 00000000 ____D () C:\Users\Latifah\Downloads\Lego-filmen.The.Lego.Movie.2014.SWESUB.brrip.xvid.ac3-314r
2014-10-18 13:29 - 2014-10-18 13:31 - 00000000 ____D () C:\Users\Latifah\Downloads\Mardaani (2014) 1CD Hindi DVDRip x264 E-Subs Team DDH~RG
2014-10-18 13:29 - 2014-10-18 13:29 - 00059625 _____ () C:\Users\Latifah\Downloads\Mardaani_(2014)_1CD_Hindi_DVDRip_x264_E-Subs_Team_DDH~RG.torrent
2014-10-17 21:19 - 2014-10-17 22:35 - 00000000 ____D () C:\Users\Latifah\Downloads\American Horror Story Freakshow - S04E02 [1080p] WEB-DL [subtitles Included]
2014-10-17 21:18 - 2014-10-17 23:04 - 00000000 ____D () C:\Users\Latifah\Downloads\Gotham.S01E02.Selina.Kyle.1080p.WEB-DL.DD5.1.H.264-ECI[rarbg]
2014-10-17 15:18 - 2014-10-20 10:47 - 00000000 ____D () C:\Users\Latifah\Downloads\OBLIVION (2013)(DVD5)BR2DVD DD5.1 (Nl subs) SAM TBS
2014-10-16 10:05 - 2014-10-10 02:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 10:05 - 2014-10-10 02:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 10:05 - 2014-10-10 02:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 10:05 - 2014-10-07 02:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 10:05 - 2014-10-07 02:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 10:05 - 2014-09-29 00:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 10:05 - 2014-09-25 22:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 10:05 - 2014-09-25 22:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 10:05 - 2014-09-25 22:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 10:05 - 2014-09-25 22:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 10:05 - 2014-09-25 22:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 10:05 - 2014-09-25 22:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 10:05 - 2014-09-25 22:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 10:05 - 2014-09-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 10:05 - 2014-09-19 01:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-16 10:05 - 2014-09-19 01:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 10:05 - 2014-09-19 01:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 10:05 - 2014-09-19 01:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 10:05 - 2014-09-19 01:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-16 10:05 - 2014-09-19 01:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 10:05 - 2014-09-19 01:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 10:05 - 2014-09-19 01:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 10:05 - 2014-09-19 01:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-16 10:05 - 2014-09-19 01:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-16 10:05 - 2014-09-19 01:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 10:05 - 2014-09-19 01:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 10:05 - 2014-09-19 01:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-16 10:05 - 2014-09-19 01:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 10:05 - 2014-09-19 01:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 10:05 - 2014-09-19 01:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 10:05 - 2014-09-19 01:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 10:05 - 2014-09-19 01:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 10:05 - 2014-09-19 01:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-16 10:05 - 2014-09-19 01:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 10:05 - 2014-09-19 00:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 10:05 - 2014-09-19 00:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 10:05 - 2014-09-19 00:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 10:05 - 2014-09-19 00:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 10:05 - 2014-09-19 00:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 10:05 - 2014-09-19 00:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-16 10:05 - 2014-09-19 00:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-16 10:05 - 2014-09-19 00:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-16 10:05 - 2014-09-19 00:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 10:05 - 2014-09-19 00:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 10:05 - 2014-09-19 00:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-16 10:05 - 2014-09-19 00:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 10:05 - 2014-09-19 00:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 10:05 - 2014-09-19 00:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 10:05 - 2014-09-19 00:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-16 10:05 - 2014-09-19 00:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 10:05 - 2014-09-18 23:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 10:05 - 2014-09-18 23:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 10:05 - 2014-09-18 23:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-16 10:05 - 2014-06-18 22:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-16 10:04 - 2014-09-19 02:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 10:04 - 2014-09-19 01:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 10:04 - 2014-09-19 01:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 10:04 - 2014-09-19 01:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 10:04 - 2014-09-19 01:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 10:04 - 2014-09-19 00:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 10:04 - 2014-09-18 23:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 10:00 - 2014-09-18 02:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 10:00 - 2014-09-18 01:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 10:00 - 2014-09-13 01:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 10:00 - 2014-09-13 01:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 10:00 - 2014-09-04 05:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 10:00 - 2014-09-04 05:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 10:00 - 2014-07-17 02:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 10:00 - 2014-07-17 02:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 10:00 - 2014-07-17 02:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 10:00 - 2014-07-17 01:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 10:00 - 2014-07-17 01:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 10:00 - 2014-07-17 01:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 10:00 - 2014-07-17 01:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 10:00 - 2014-07-17 01:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 10:00 - 2014-07-17 01:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 10:00 - 2014-07-17 01:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 10:00 - 2014-07-17 01:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-15 21:14 - 2014-10-16 10:04 - 1491758853 _____ () C:\Users\Latifah\Downloads\Andaz Apna Apna [1994] 720p (1.38GB).mkv
2014-10-12 19:25 - 2014-10-12 19:39 - 00000000 ____D () C:\Users\Latifah\Downloads\Dracula Untold 2014 720p CAM FIRST ENGLISH x264 Pimp4003
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-11 11:22 - 2012-04-09 15:36 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1867582200-139094598-4032816429-1001UA.job
2014-11-11 11:13 - 2012-11-29 14:08 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-11 11:06 - 2011-09-08 04:18 - 02010435 _____ () C:\windows\WindowsUpdate.log
2014-11-11 11:03 - 2013-04-22 20:15 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-11 01:32 - 2014-06-30 10:56 - 00000000 ____D () C:\Users\Latifah\AppData\Roaming\vlc
2014-11-11 01:32 - 2012-04-09 17:10 - 00000000 ____D () C:\Users\Latifah\AppData\Local\Spotify
2014-11-10 23:56 - 2012-04-09 17:09 - 00000000 ____D () C:\Users\Latifah\AppData\Roaming\Spotify
2014-11-10 23:52 - 2009-07-14 04:51 - 00281467 _____ () C:\windows\setupact.log
2014-11-10 22:57 - 2009-07-14 05:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-10 21:22 - 2012-04-09 15:36 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1867582200-139094598-4032816429-1001Core.job
2014-11-10 20:51 - 2014-07-27 12:54 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-10 20:50 - 2014-07-27 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-10 20:50 - 2014-07-27 12:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-10 20:50 - 2013-08-21 18:38 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-10 18:56 - 2012-04-14 07:54 - 00000000 ____D () C:\Users\Latifah\Documents\Uni
2014-11-10 16:18 - 2012-11-29 14:08 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 10:07 - 2009-07-14 04:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 10:07 - 2009-07-14 04:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 09:55 - 2009-07-14 05:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-10 09:54 - 2012-06-30 20:59 - 00000000 ____D () C:\Users\Latifah\AppData\Roaming\BitTorrent
2014-11-08 21:04 - 2012-11-29 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-01 00:42 - 2009-07-14 03:20 - 00000000 ____D () C:\windows\rescache
2014-11-01 00:07 - 2012-07-08 11:09 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-11-01 00:05 - 2009-07-14 05:08 - 00032620 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-29 09:09 - 2012-04-09 15:38 - 00002381 _____ () C:\Users\Latifah\Desktop\Google Chrome.lnk
2014-10-28 23:31 - 2010-11-21 03:47 - 00155666 _____ () C:\windows\PFRO.log
2014-10-28 16:46 - 2014-08-24 13:25 - 00000000 ____D () C:\ProgramData\Origin
2014-10-28 16:45 - 2014-08-24 13:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-10-28 06:34 - 2010-11-21 03:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-27 19:37 - 2012-04-09 15:14 - 00000000 ____D () C:\Users\Latifah\AppData\Roaming\Adobe
2014-10-25 20:17 - 2012-04-09 15:36 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1867582200-139094598-4032816429-1001UA
2014-10-25 20:17 - 2012-04-09 15:36 - 00003494 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1867582200-139094598-4032816429-1001Core
2014-10-20 19:52 - 2011-09-07 13:23 - 00011541 _____ () C:\windows\DirectX.log
2014-10-19 10:15 - 2011-09-07 12:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-19 10:15 - 2011-09-07 12:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-17 15:13 - 2009-07-14 04:45 - 00307640 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-17 15:11 - 2014-05-06 23:08 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-17 10:50 - 2013-07-21 23:49 - 00000000 ____D () C:\windows\system32\MRT
2014-10-17 10:45 - 2012-04-11 08:39 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 15:08 - 2012-11-29 14:08 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-15 15:08 - 2012-11-29 14:08 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Some content of TEMP:
====================
C:\Users\Latifah\AppData\Local\Temp\GURCDA1.exe
C:\Users\Latifah\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Latifah\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Latifah\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Latifah\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Latifah\AppData\Local\Temp\uttACB8.tmp.exe
C:\Users\Latifah\AppData\Local\Temp\vlc-2.1.3-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-08 21:42
 
==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Welcome to the forum.

General P2P/Piracy Warning:

 

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

2. If you have illegal/cracked software (MS Office, Adobe Products), cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

    Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running. Create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

If I don't respond within 24 hours, please send me a PM

==================================================

Download the attached fixlist.txt to the same folder as FRST.exe/FRST64.exe.

Run FRST.exe/FRST64.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

==================================================

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are either adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Next..................

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Next.........

Please Update and run a Threat Scan (Malwarebytes)

Click on settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware

Same for PUM (Potentially Unwanted Modifications)

Quarantine All that's found

MrC

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.