Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome / IE 11 -- conflict , bug or something else


  • This topic is locked This topic is locked
37 replies to this topic

#1 poopyputer

poopyputer

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 17 February 2014 - 05:32 PM

Hello all... I was trying to respond to 

 

 

 

"http://www.bleepingcomputer.com/forums/t/524649/ie-11-freezes-on-start-up-addons-disabled-possibly-virus/

 

but the site said i am not allowed to reply ????

 

Anyway this was my response:  

"I don't have a solution for u .. just a comment. I downloaded IE 11  2/15/2014.  And after I installed it ... my whole system has been buggy and bing redirected me  some site which avast said contained trojans. I freaked out uninstalled IE II and reinstalled and now my google Chrome is all effed up. iT IS SLOW to load up on facebook and youtube.the audio has been cut off. 

 
I am att a loss for works. i HAVE USED ANTI MALWAREBUYTES, ADWCLEANER, SPYBOT, AND AVAST.  The only thing it found was a "qualitink"  file and  adwcleaner removed key  registry key "
 
To make matters worse.. i don't know how i did this but chrome is inside of an avast sandbox.  I am frustrated as I use chrome all the time. 
 
DL IE 11 was more of hust got to have the new thing that i am not going to use. lol .. 
 
 
 


BC AdBot (Login to Remove)

 


#2 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 17 February 2014 - 05:34 PM

also ... during the chrome issue .. the  the ggogle logo and chrome omnibox disappeared  from the homepage... and the address bar would not let me proceed any further to browse web. i was relegated to clicking on my favorites to navigate . 



#3 nasdaq

nasdaq

  • Malware Response Team
  • 20,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:19 AM

Posted 21 February 2014 - 08:02 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download correct tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Wait for further instructions.

#4 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 22 February 2014 - 05:05 PM

thank you for replying.  I am running this now.



#5 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 22 February 2014 - 05:19 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01
Ran by Matt (administrator) on HAL-9000 on 22-02-2014 17:05:08
Running from C:\Users\Matt\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hauppauge Computer Works, Inc) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(AMD) C:\Windows\system32\atieclxx.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Six Engine\SixEngine.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_70_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Amazing3DAquariumWallpaper] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-669562951-1413737293-361287379-1000\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-669562951-1413737293-361287379-1000\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-669562951-1413737293-361287379-1000\...\Run: [EleFunAnimatedWallpaper] - C:\Users\Matt\AppData\Roaming\elefundesktops\livemotion_wallpaper\wallpaper.exe [98304 2011-12-11] ()
HKU\S-1-5-21-669562951-1413737293-361287379-1000\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [6663840 2012-11-23] (SlySoft, Inc.)
HKU\S-1-5-21-669562951-1413737293-361287379-1000\...\MountPoints2: {46a3a62a-a854-11e0-aa89-e0cb4e5d1277} - G:\setup.exe -a
Startup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD7CCBAA37260CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM-x32 - DefaultScope {9E0D3584-1D5A-4E4B-ADBF-18E70217053A} URL =
SearchScopes: HKCU - DefaultScope {7630C0B8-F4C9-4414-AEB9-FAE03179C14C} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
SearchScopes: HKCU - {7630C0B8-F4C9-4414-AEB9-FAE03179C14C} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1

FireFox:
========
FF ProfilePath: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\qbw7q8h9.default-1381618928216
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-22]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-22]

Chrome:
=======
CHR DefaultSearchKeyword:
CHR DefaultSearchProvider:
CHR DefaultSearchURL:
CHR DefaultNewTabURL:
CHR Extension: (avast! Online Security) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (No Name) - C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp [2014-01-19]
CHR HKCU\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]

==================== Services (Whitelisted) =================

R2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
R2 DeviceMonitorService; C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe [81920 2010-11-05] (Nero AG)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Hauppauge WinTV Extender; C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe [69120 2011-01-25] (Hauppauge Computer Works, Inc)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [558592 2011-01-17] (Hauppauge Computer Works)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 sprtsvc_ddoctorv2; C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-05] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 FNETTBOH; C:\Windows\SysWOW64\drivers\FNETTBOH.SYS [17792 2010-03-31] (FNet Co., Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2010-03-31] (FNet Co., Ltd.)
R3 hcw89; C:\Windows\System32\DRIVERS\hcw89.sys [1634176 2010-06-11] (Hauppauge Computer Works, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 appliandMP; system32\DRIVERS\appliand.sys [X]
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-22 17:05 - 2014-02-22 17:06 - 00018912 _____ () C:\Users\Matt\Downloads\FRST.txt
2014-02-22 17:04 - 2014-02-22 17:05 - 00000000 ____D () C:\FRST
2014-02-22 17:04 - 2014-02-22 17:04 - 02154496 _____ (Farbar) C:\Users\Matt\Downloads\FRST64.exe
2014-02-22 03:22 - 2014-02-22 03:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 03:08 - 2014-02-22 03:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 03:02 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-22 03:02 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-22 03:01 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-22 03:01 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-22 03:01 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-22 03:01 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-22 03:01 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-22 03:01 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-22 03:01 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-22 03:01 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-22 03:01 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-22 03:01 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-22 03:01 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-22 03:01 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-22 03:01 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-22 03:01 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-22 03:01 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-22 03:01 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-22 03:01 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-22 03:01 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-22 03:01 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-22 03:01 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-22 03:01 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-22 03:01 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-22 03:01 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-22 03:01 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-22 03:01 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-22 03:01 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-22 03:01 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-22 03:01 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-22 03:01 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-22 03:01 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-22 03:01 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-22 03:00 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-22 03:00 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-22 03:00 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-22 03:00 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-22 03:00 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-22 03:00 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-22 03:00 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-22 03:00 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-22 02:54 - 2014-02-22 03:07 - 01231955 _____ () C:\Users\Matt\Downloads\rkill.scr
2014-02-22 02:53 - 2014-02-22 02:53 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com
2014-02-22 02:43 - 2014-02-22 16:48 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7.job
2014-02-22 02:43 - 2014-02-22 02:43 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7
2014-02-22 02:34 - 2014-02-22 03:48 - 00026110 _____ () C:\Windows\PFRO.log
2014-02-22 02:29 - 2014-02-22 02:29 - 00000000 ____D () C:\ProgramData\ESET
2014-02-22 02:29 - 2014-02-22 02:29 - 00000000 ____D () C:\Program Files\ESET
2014-02-22 02:19 - 2014-02-22 02:19 - 00512784 _____ (AVAST Software) C:\Users\Matt\Documents\avastclear.exe
2014-02-22 02:16 - 2014-02-22 02:16 - 01682336 _____ (ESET) C:\Users\Matt\Downloads\eset_nod32_antivirus_live_installer.exe
2014-02-22 02:16 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-22 02:16 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-22 02:16 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-22 02:16 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-22 02:16 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-22 02:16 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-22 02:16 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-22 02:16 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-22 02:16 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-22 02:16 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-22 02:16 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-22 02:16 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-22 02:16 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-22 02:16 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-22 02:16 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-22 02:16 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-22 02:16 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-22 02:16 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-22 02:16 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-22 02:16 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-22 02:16 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-22 02:16 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-22 02:16 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-22 02:16 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-22 02:16 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-22 02:16 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-22 02:16 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-22 02:16 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-18 00:59 - 2014-02-18 00:59 - 00002791 _____ () C:\Users\Matt\Desktop\hijack.txt
2014-02-16 17:56 - 2014-02-16 17:56 - 00000000 ____D () C:\ProgramData\Google
2014-02-16 17:56 - 2014-02-16 17:56 - 00000000 ____D () C:\Program Files\Google
2014-02-15 14:08 - 2014-02-22 01:48 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 13:51 - 2014-02-15 13:51 - 00000000 ____D () C:\avast! sandbox
2014-02-15 12:37 - 2014-02-22 01:48 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-15 12:23 - 2014-02-15 18:05 - 00000000 ____D () C:\Users\Matt\Desktop\COnduit googgl prob
2014-02-14 18:20 - 2014-02-17 16:59 - 00000000 ____D () C:\AdwCleaner
2014-02-14 18:15 - 2014-02-22 02:14 - 00002638 _____ () C:\Users\Matt\Desktop\Rkill.txt
2014-02-14 18:15 - 2014-02-22 02:11 - 00000000 ____D () C:\Users\Matt\Desktop\rkill
2014-02-14 17:02 - 2014-02-14 17:02 - 00000000 ____D () C:\Users\Matt\AppData\Local\Anvisoft
2014-02-14 17:02 - 2014-02-14 17:02 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-14 16:45 - 2014-02-16 21:27 - 00000000 ____D () C:\Users\Matt\Desktop\snow job
2014-02-14 16:44 - 2014-02-14 16:44 - 06346565 _____ () C:\Users\Matt\Downloads\SNOW WORK.zip
2014-02-13 23:34 - 2014-02-14 01:27 - 00000000 ____D () C:\Users\Matt\Documents\weather
2014-02-12 20:42 - 2014-02-13 20:36 - 00000000 ____D () C:\Users\Matt\Downloads\Facebook pics
2014-02-10 04:01 - 2014-02-13 23:33 - 00000000 ____D () C:\Users\Matt\Documents\weed
2014-02-08 14:25 - 2014-02-08 14:26 - 00000000 ____D () C:\Users\Matt\Documents\Claerwire
2014-02-04 01:21 - 2014-02-04 01:21 - 00000000 ____D () C:\Users\Matt\Documents\Zynga Poker
2014-01-31 00:53 - 2014-01-31 00:53 - 00001285 _____ () C:\Users\Matt\Documents\Podcasts - Shortcut.lnk
2014-01-31 00:50 - 2014-01-31 00:51 - 00000000 ____D () C:\Users\Matt\Documents\Taxes

==================== One Month Modified Files and Folders =======

2014-02-22 17:06 - 2014-02-22 17:05 - 00018912 _____ () C:\Users\Matt\Downloads\FRST.txt
2014-02-22 17:05 - 2014-02-22 17:04 - 00000000 ____D () C:\FRST
2014-02-22 17:04 - 2014-02-22 17:04 - 02154496 _____ (Farbar) C:\Users\Matt\Downloads\FRST64.exe
2014-02-22 16:58 - 2014-01-19 22:28 - 00009488 _____ () C:\Windows\setupact.log
2014-02-22 16:48 - 2014-02-22 02:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7.job
2014-02-22 16:07 - 2012-11-16 00:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-22 14:18 - 2012-07-29 01:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 14:04 - 2013-10-21 21:50 - 01348631 _____ () C:\Windows\WindowsUpdate.log
2014-02-22 13:58 - 2010-08-31 00:22 - 00000418 _____ () C:\Windows\Tasks\DriverCure Startup.job
2014-02-22 13:58 - 2010-03-27 15:24 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-22 03:56 - 2009-07-13 23:45 - 00015024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 03:56 - 2009-07-13 23:45 - 00015024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 03:48 - 2014-02-22 02:34 - 00026110 _____ () C:\Windows\PFRO.log
2014-02-22 03:48 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-22 03:27 - 2010-09-10 23:17 - 00803974 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 03:27 - 2009-07-14 00:13 - 00803974 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-22 03:23 - 2014-02-22 03:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 03:20 - 2013-08-14 01:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-22 03:15 - 2010-03-31 22:21 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-22 03:08 - 2014-02-22 03:08 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-22 03:08 - 2012-11-16 00:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 03:08 - 2012-11-16 00:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 03:08 - 2011-06-15 22:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 03:07 - 2014-02-22 02:54 - 01231955 _____ () C:\Users\Matt\Downloads\rkill.scr
2014-02-22 02:53 - 2014-02-22 02:53 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Matt\Downloads\rkill.com
2014-02-22 02:43 - 2014-02-22 02:43 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7
2014-02-22 02:43 - 2010-03-27 15:24 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-22 02:29 - 2014-02-22 02:29 - 00000000 ____D () C:\ProgramData\ESET
2014-02-22 02:29 - 2014-02-22 02:29 - 00000000 ____D () C:\Program Files\ESET
2014-02-22 02:19 - 2014-02-22 02:19 - 00512784 _____ (AVAST Software) C:\Users\Matt\Documents\avastclear.exe
2014-02-22 02:16 - 2014-02-22 02:16 - 01682336 _____ (ESET) C:\Users\Matt\Downloads\eset_nod32_antivirus_live_installer.exe
2014-02-22 02:14 - 2014-02-14 18:15 - 00002638 _____ () C:\Users\Matt\Desktop\Rkill.txt
2014-02-22 02:11 - 2014-02-14 18:15 - 00000000 ____D () C:\Users\Matt\Desktop\rkill
2014-02-22 02:08 - 2013-05-26 15:23 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-22 02:01 - 2010-03-27 14:22 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64BA075A-32E0-477D-AF37-C6AB7DC27580}
2014-02-22 02:00 - 2010-10-15 01:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-22 01:58 - 2010-05-02 12:49 - 00000000 ____D () C:\Users\Matt\AppData\Local\CrashDumps
2014-02-22 01:52 - 2010-03-28 02:13 - 00000000 ____D () C:\Users\Matt
2014-02-22 01:49 - 2013-10-12 17:39 - 00000000 ____D () C:\Windows\system32\ljkb
2014-02-22 01:49 - 2013-10-12 17:38 - 00000000 ____D () C:\Program Files (x86)\HDvid Codec V1
2014-02-22 01:49 - 2013-07-14 13:36 - 00000000 ____D () C:\Users\Matt\AppData\Roaming\BitLord
2014-02-22 01:49 - 2010-12-21 00:56 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-02-22 01:49 - 2010-12-21 00:56 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-02-22 01:49 - 2010-10-16 11:59 - 00000000 ____D () C:\Users\Guest
2014-02-22 01:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-22 01:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-22 01:49 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-22 01:48 - 2014-02-15 14:08 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-22 01:48 - 2014-02-15 12:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-22 01:48 - 2013-10-12 17:40 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-02-22 01:48 - 2013-07-14 13:34 - 00000000 ____D () C:\Program Files (x86)\BitLord 2
2014-02-22 01:48 - 2011-03-28 22:31 - 00000000 ____D () C:\Program Files (x86)\comcasttb
2014-02-22 01:48 - 2010-07-12 23:48 - 00000000 ____D () C:\Program Files (x86)\ClubWPT
2014-02-22 01:48 - 2010-04-04 23:02 - 00000000 ___HD () C:\Program Files (x86)\DeviceVM
2014-02-22 01:47 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-02-22 01:42 - 2010-10-19 23:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-02-22 01:42 - 2010-03-30 00:15 - 00000000 ____D () C:\Users\Matt\AppData\Local\Mozilla
2014-02-22 01:41 - 2010-04-03 02:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 01:41 - 2010-03-27 15:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-18 00:59 - 2014-02-18 00:59 - 00002791 _____ () C:\Users\Matt\Desktop\hijack.txt
2014-02-17 16:59 - 2014-02-14 18:20 - 00000000 ____D () C:\AdwCleaner
2014-02-16 21:27 - 2014-02-14 16:45 - 00000000 ____D () C:\Users\Matt\Desktop\snow job
2014-02-16 21:27 - 2010-03-31 22:44 - 00819200 ___SH () C:\Users\Matt\Desktop\Thumbs.db
2014-02-16 17:56 - 2014-02-16 17:56 - 00000000 ____D () C:\ProgramData\Google
2014-02-16 17:56 - 2014-02-16 17:56 - 00000000 ____D () C:\Program Files\Google
2014-02-16 03:35 - 2013-09-11 22:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-15 18:05 - 2014-02-15 12:23 - 00000000 ____D () C:\Users\Matt\Desktop\COnduit googgl prob
2014-02-15 13:51 - 2014-02-15 13:51 - 00000000 ____D () C:\avast! sandbox
2014-02-14 17:02 - 2014-02-14 17:02 - 00000000 ____D () C:\Users\Matt\AppData\Local\Anvisoft
2014-02-14 17:02 - 2014-02-14 17:02 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-14 16:44 - 2014-02-14 16:44 - 06346565 _____ () C:\Users\Matt\Downloads\SNOW WORK.zip
2014-02-14 01:27 - 2014-02-13 23:34 - 00000000 ____D () C:\Users\Matt\Documents\weather
2014-02-13 23:33 - 2014-02-10 04:01 - 00000000 ____D () C:\Users\Matt\Documents\weed
2014-02-13 20:36 - 2014-02-12 20:42 - 00000000 ____D () C:\Users\Matt\Downloads\Facebook pics
2014-02-12 20:42 - 2010-08-08 17:12 - 00905216 ___SH () C:\Users\Matt\Downloads\Thumbs.db
2014-02-08 14:26 - 2014-02-08 14:25 - 00000000 ____D () C:\Users\Matt\Documents\Claerwire
2014-02-06 07:16 - 2014-02-22 03:01 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-22 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-22 03:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-22 03:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-22 03:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-22 03:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-22 03:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-22 03:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-22 03:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-22 03:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-22 03:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-22 03:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-22 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-22 03:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-22 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-22 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-22 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-22 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-22 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-22 03:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-22 03:01 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-22 03:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-22 03:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-22 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-22 03:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-22 03:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-22 03:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-22 03:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:25 - 2014-02-22 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:24 - 2014-02-22 03:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-22 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-22 03:01 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-22 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-22 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-22 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-22 03:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-22 03:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-22 03:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-22 03:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 01:21 - 2014-02-04 01:21 - 00000000 ____D () C:\Users\Matt\Documents\Zynga Poker
2014-01-31 00:53 - 2014-01-31 00:53 - 00001285 _____ () C:\Users\Matt\Documents\Podcasts - Shortcut.lnk
2014-01-31 00:51 - 2014-01-31 00:50 - 00000000 ____D () C:\Users\Matt\Documents\Taxes
2014-01-27 18:40 - 2010-08-31 00:22 - 00000402 _____ () C:\Windows\Tasks\DriverCure.job

Files to move or delete:
====================
C:\Users\Matt\g2ax_expert_downloadhelper_win32_x86.exe
C:\Users\Matt\vlc-1.1.2-win32.exe

Some content of TEMP:
====================
C:\Users\Matt\AppData\Local\Temp\InstHelper.exe
C:\Users\Matt\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-21 02:13

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2014 01
Ran by Matt at 2014-02-22 17:06:33
Running from C:\Users\Matt\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.0 - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.2.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{897BE4A7-682B-7375-BBAF-05A44FC2B524}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Blockbuster On Demand (HKLM-x32\...\{B1DEE15C-7C4C-40C0-9CE8-156B2FCC7DE7}) (Version: 2.4.139 - Echostar)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Configuration Utility (HKLM-x32\...\{125BA25B-8D21-4029-AA06-47C3AA327AA7}) (Version: 1.0.2.0 - DeviceVM)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version:  - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CarbonPoker (HKCU\...\CarbonPoker) (Version: 6.0 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0803.2125.36577 - ATI Technologies, Inc.) Hidden
CCC Help English (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
ccc-utility64 (Version: 2010.0803.2125.36577 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
ClubWPT (HKLM-x32\...\ClubWPT) (Version:  - )
Comcast Desktop Software (v1.2.0.9) (HKLM-x32\...\{CEF7211D-CE3A-44C4-B321-D84A2099AE94}) (Version: 23 - Comcast)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Doctor (HKLM-x32\...\{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
D-Fend Reloaded 1.3.3 (deinstall) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.3 - Alexander Herzog)
Dropbox (HKCU\...\Dropbox) (Version: 1.1.35 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 6.2.0.5 (11/11/2009) (HKLM-x32\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.5 (14/12/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.02.01 - )
ESET NOD32 Antivirus (HKLM\...\{89B0ECE0-A41F-4A45-98D9-D54C74338117}) (Version: 7.0.302.26 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version:  - )
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hauppauge MCE CI Plugin (HKLM-x32\...\Hauppauge MCE CI Plugin) (Version:  - )
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.2.29025 - Hauppauge Computer Works)
HDvid Codec V1 (HKLM-x32\...\HDvid Codec V1) (Version: 1.27.153.8 - installdaddy) <==== ATTENTION
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}) (Version: 10.5.2.11 - Apple Inc.)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013F0}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.290 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
K-Lite Codec Pack 6.1.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.1.0 - )
LightScribe System Software (HKLM-x32\...\{3744B641-61DE-417F-BCDC-9CCED4224DF8}) (Version: 1.18.13.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{83721450-E604-4C37-ABEB-CE7F18C587C8}) (Version: 1.18.24.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (HKLM-x32\...\{D9DC70B6-BE13-41DD-9053-9E617E72D085}) (Version: 1.2.5900.9 - Motorola)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird (3.0.4) (HKLM-x32\...\Mozilla Thunderbird (3.0.4)) (Version: 3.0.4 (en-US) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Controller Editor (Version: 1.3.5.667 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (Version: 4.2.1.2432 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{A20A58C4-6784-4B4B-86CC-94E2E3671033}) (Version: 7.02.8637 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.80 - ASUSTeK Computer Inc.)
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version:  - )
qualitink 1.0.0 (HKLM\...\qualitink) (Version: 1.0.0 - qualitink) <==== ATTENTION
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
SDP Downloader (HKLM-x32\...\{B547CB8D-549A-436E-97B5-E79F911B11E2}) (Version: 2.3.0 - SDP Multimedia)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TiVo Desktop 2.8.2 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.369 - TiVo Inc.)
TomTom HOME 2.7.6.2056 (HKLM-x32\...\TomTom HOME) (Version: 2.7.6.2056 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TurboHddUsb (HKLM-x32\...\TurboHddUsb) (Version:  - )
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.01.08 - )
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Videora TiVo Converter 0.80 (HKLM-x32\...\Videora TiVo Converter) (Version: 0.80 - Videora Holdings)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.622  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinArchiver (HKLM-x32\...\WinArchiver) (Version: 2.6 - WinArchiver Computing, Inc.)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinPoker 6 Shareware (HKLM-x32\...\WinPokerushr) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

15-02-2014 16:43:35 Removed TomTom HOME Visual Studio Merge Modules
16-02-2014 08:33:40 Installed Java 7 Update 51
16-02-2014 10:36:49 Windows Update
16-02-2014 20:07:55 avast! antivirus system restore point
17-02-2014 22:52:06 avast! antivirus system restore point
21-02-2014 06:52:43 Windows Update
22-02-2014 06:37:49 Restore Operation
22-02-2014 06:52:28 avast! antivirus system restore point
22-02-2014 07:06:13 Windows Update
22-02-2014 07:36:05 avast! antivirus system restore point
22-02-2014 08:00:11 Windows Update
22-02-2014 19:20:37 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-13 21:34 - 2011-10-07 22:01 - 00437089 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1BCE0E14-10DC-4EF2-89AA-16276F90076E} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {44593D7B-49CF-433F-8BBF-674D61BCC5D4} - System32\Tasks\{EDC28D94-564D-4B31-A27C-4B1C76AFCAD2} => C:\Program Files (x86)\MagicDisc\MagicDisc.exe [2009-02-23] (MagicISO, Inc.)
Task: {45C12828-B895-499A-8FAF-B918192AAE0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe
Task: {469FFB88-D55F-45D2-9535-57854CFE1382} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {47A46BA9-8D54-4962-87C5-8768565F0C42} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5D722087-611F-42A8-A67F-CEC3EB9139AC} - System32\Tasks\shutdown => C:\Windows\system32\shutdown.exe [2009-07-13] (Microsoft Corporation)
Task: {7458929C-14EB-41DE-8A4B-BBDEB3D68D38} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22] (Adobe Systems Incorporated)
Task: {78E8213F-685A-4A4E-AE3C-64DB28CD9799} - System32\Tasks\DriverCure Startup => C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe
Task: {792C7F46-6904-41EC-8015-A2074180781D} - System32\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27] (Google Inc.)
Task: {7F95C049-04B2-4127-A34E-881CADC3755E} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files\ASUS\Six Engine\SixEngine.exe [2009-09-09] (ASUSTeK Computer Inc.)
Task: {8FD0E4CB-90CF-4E34-B1B2-5B17362BD1CF} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()
Task: {BB5D3873-53A9-475D-AEAF-4EAE889BC5DB} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe [2009-08-19] (ASUSTeK Computer Inc.)
Task: {D22B9333-34D3-44C7-84AA-B9B4B0176B48} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {D5D49A0F-CFC5-43FA-B8DE-63E9E10E9F41} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {E0047B7E-2B2C-4825-B2C9-C1620D05E3F7} - System32\Tasks\DriverCure => C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe
Task: {E80E63FF-2B22-4FC4-8609-24C0695A3072} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {F242D97B-9CCF-428E-9E0B-6C666450B599} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27] (Google Inc.)
Task: {FC29FE12-5C3C-4E64-BB8D-DFD72864411C} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.00.98\AsLoader.exe [2009-08-19] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverCure Startup.job => C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\DriverCure.job => C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2fa1d2c68bc7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-06-17 12:49 - 2009-06-17 12:49 - 00616408 _____ () C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
2011-12-06 16:00 - 2011-12-06 16:00 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2011-12-06 16:00 - 2011-12-06 16:00 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2010-02-03 08:36 - 2010-02-03 08:36 - 00087488 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2010-08-04 14:58 - 2010-08-04 14:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-03 20:24 - 2010-08-03 20:24 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00114688 ____R () C:\Program Files (x86)\Motorola Media Link\liveupdatetactics.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00018432 ____R () C:\Program Files (x86)\Motorola Media Link\DbAccess.dll
2010-11-05 15:12 - 2010-11-05 15:12 - 00460199 ____R () C:\Program Files (x86)\Motorola Media Link\sqlite3.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00038912 ____R () C:\Program Files (x86)\Motorola Media Link\NAdvLog.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00026624 ____R () C:\Program Files (x86)\Motorola Media Link\NFileCacheDBAccess.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00057344 ____R () C:\Program Files (x86)\Motorola Media Link\netsharingservice.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00044032 ____R () C:\Program Files (x86)\Motorola Media Link\InterProcessChannel.dll
2010-11-05 15:11 - 2010-11-05 15:11 - 00036864 ____R () C:\Program Files (x86)\Motorola Media Link\NLog.dll
2010-04-04 22:54 - 2009-05-22 13:16 - 00053248 _____ () C:\Program Files\ASUS\TurboV EVO\HookKey32.dll
2010-04-04 22:54 - 2008-12-10 19:04 - 00253952 _____ () C:\Program Files\ASUS\TurboV EVO\pngio.dll
2010-04-04 22:55 - 2009-04-22 19:20 - 00179712 _____ () C:\Program Files\ASUS\Six Engine\ASUSSERVICE.DLL
2010-04-04 22:55 - 2009-08-27 18:41 - 00565248 _____ () C:\Program Files\ASUS\Six Engine\pngio.dll
2010-04-04 22:55 - 2009-08-27 18:41 - 00053248 _____ () C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
2014-02-22 02:07 - 2014-02-19 20:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2010-04-04 23:02 - 2009-06-27 09:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2011-01-17 15:19 - 2011-07-19 01:15 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-22 02:07 - 2014-02-19 20:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 02:07 - 2014-02-19 20:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 03:22 - 2014-02-22 03:23 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-22 03:08 - 2014-02-22 03:08 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2014-02-22 02:07 - 2014-02-19 20:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\Windows\pss\AutoStart IR.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status..lnk => C:\Windows\pss\WinTV Recording Status..lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Matt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinTV-CI CAM Menu.lnk => C:\Windows\pss\WinTV-CI CAM Menu.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: ddoctorv2 => "C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TivoNotify => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe /service /registry /auto:TivoNotify
MSCONFIG\startupreg: TivoServer => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer
MSCONFIG\startupreg: TivoTransfer => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: TranscodingService => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe
MSCONFIG\startupreg: TurboV EVO => "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
MSCONFIG\startupreg: VideoraTiVoConverter => C:\Program Files (x86)\VideoraTiVoConverter\VideoraTiVoConverter.exe -t
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2014 02:18:26 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (02/22/2014 02:18:26 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=2200}. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (02/22/2014 03:49:56 AM) (Source: AntiSpywareService) (User: )
Description: Service failed on stop: Access violation at address 0047E52D in module 'ComcastAntiSpyService.exe'. Read of address 0000000C

Error: (02/22/2014 03:46:16 AM) (Source: AntiSpywareService) (User: )
Description: Service failed on shutdown: Access violation at address 0047E52D in module 'ComcastAntiSpyService.exe'. Read of address 0000000C

Error: (02/22/2014 02:43:09 AM) (Source: ESENT) (User: )
Description: Windows (2228) Windows: The database engine stopped the instance (0) with error (-510).

Error: (02/22/2014 02:43:06 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/22/2014 02:43:06 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=3800}. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/22/2014 02:43:05 AM) (Source: ESENT) (User: )
Description: Windows (2228) Windows: The logfile sequence in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.

Error: (02/22/2014 02:43:05 AM) (Source: ESENT) (User: )
Description: Windows (2228) Windows: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1811.

Error: (02/22/2014 02:43:05 AM) (Source: ESENT) (User: )
Description: Windows (2228) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" failed with system error 2 (0x00000002): "The system cannot find the file specified. ".  The move file operation will fail with error -1811 (0xfffff8ed).

System errors:
=============
Error: (02/22/2014 03:50:51 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
FNETURPX

Error: (02/22/2014 03:48:09 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\FNETURPX.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/22/2014 02:40:08 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service hung on starting.

Error: (02/22/2014 02:35:58 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
FNETURPX

Error: (02/22/2014 02:34:42 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\FNETURPX.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/22/2014 02:29:50 AM) (Source: Service Control Manager) (User: )
Description: The ESET Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (02/22/2014 01:52:13 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
FNETURPX

Error: (02/22/2014 01:51:05 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\FNETURPX.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/22/2014 01:38:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (02/22/2014 01:37:44 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Microsoft Office Sessions:
=========================
Error: (02/22/2014 02:18:26 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (02/22/2014 02:18:26 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)
2200

Error: (02/22/2014 03:49:56 AM) (Source: AntiSpywareService)(User: )
Description: Service failed on stop: Access violation at address 0047E52D in module 'ComcastAntiSpyService.exe'. Read of address 0000000C

Error: (02/22/2014 03:46:16 AM) (Source: AntiSpywareService)(User: )
Description: Service failed on shutdown: Access violation at address 0047E52D in module 'ComcastAntiSpyService.exe'. Read of address 0000000C

Error: (02/22/2014 02:43:09 AM) (Source: ESENT)(User: )
Description: Windows2228Windows: 0-510

Error: (02/22/2014 02:43:06 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (02/22/2014 02:43:06 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
3800

Error: (02/22/2014 02:43:05 AM) (Source: ESENT)(User: )
Description: Windows2228Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\

Error: (02/22/2014 02:43:05 AM) (Source: ESENT)(User: )
Description: Windows2228Windows: -1811

Error: (02/22/2014 02:43:05 AM) (Source: ESENT)(User: )
Description: Windows2228Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log-1811 (0xfffff8ed)2 (0x00000002)The system cannot find the file specified.

==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 4087.05 MB
Available physical RAM: 964.48 MB
Total Pagefile: 8172.29 MB
Available Pagefile: 3785.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:123.94 GB) NTFS
Drive d: (Tom Dowd) (CDROM) (Total:7.46 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 2CD8C232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 nasdaq

nasdaq

  • Malware Response Team
  • 20,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:19 AM

Posted 23 February 2014 - 09:13 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start


HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Amazing3DAquariumWallpaper] - [X]
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR HKCU\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]
AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please let me know what problem persists.

#7 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 01:45 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2014 01
Ran by Matt at 2014-02-23 13:41:33 Run:1
Running from C:\Users\Matt\Desktop\COnduit googgl prob\Farbar
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
 
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Amazing3DAquariumWallpaper] - [X]
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR HKCU\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-10-07]
AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F
 
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Amazing3DAquariumWallpaper => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\opfedmikikmahmpaimpfelmikhaigobp => Key deleted successfully.
C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ljkcijnbckdflhifmbnfnkjacokloacf => Key deleted successfully.
"C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\opfedmikikmahmpaimpfelmikhaigobp => Key deleted successfully.
"C:\Users\Matt\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx" => File/Directory not found.
C:\ProgramData\TEMP => ":96D0C06F" ADS removed successfully.
 
==== End of Fixlog ====

running security check now,,,,,



#8 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 01:47 PM

HERE ARE THE RESULTS OF SECURITY CHECK 

 

 

 

 

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 7.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 JavaFX 2.1.1    
 Java™ 6 Update 13  
 Java™ 6 Update 22  
 Java™ 6 Update 29  
 Java 7 Update 40  
 Java version out of Date! 
  Adobe Flash Player 12.0.0.70 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (3.0.4) Thunderbird out of Date!  
 Google Chrome 32.0.1700.102  
 Google Chrome 33.0.1750.117  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#9 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 01:50 PM

AND HERE IS MY ESET  RESULTS DURING A SCAN LAST NIGHT ....    I opted to delete instead of quarantine the toolbars it found.. 

 

 

Scan Log
Version of virus signature database: 9456 (20140221)
Date: 2/22/2014  Time: 3:49:23 AM
Scanned disks, folders and files: C:\
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD-uninst.exe » NSIS - archive damaged
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log - error opening [4]
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log - error opening [4]
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb - error opening [4]
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - error opening [4]
C:\ProgramData\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock - error opening [4]
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin - error opening [4]
C:\System Volume Information\Syscache.hve - error opening [4]
C:\System Volume Information\Syscache.hve.LOG1 - error opening [4]
C:\System Volume Information\Syscache.hve.LOG2 - error opening [4]
C:\System Volume Information\{0ffeed72-981f-11e3-a428-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{2f200ad4-9ac3-11e3-baf6-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{351a20de-9609-11e3-a407-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{5c452752-96e3-11e3-a495-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{ac097156-9b8d-11e3-871b-8fe2a88ba6e3}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{ac097ba6-9b8d-11e3-871b-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{b2cf93eb-973e-11e3-ba85-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{b81b11fe-96f2-11e3-a495-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{c4886e5c-9b93-11e3-a4b5-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{c4886ec9-9b93-11e3-a4b5-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\System Volume Information\{f183540e-9b88-11e3-a477-e0cb4e5d1277}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log - error opening [4]
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\MSStmp.log - error opening [4]
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\tmp.edb - error opening [4]
C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb - error opening [4]
C:\Users\All Users\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock - error opening [4]
C:\Users\All Users\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin - error opening [4]
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000a3e » CWS » file.swf - archive damaged - the file could not be extracted.
C:\Users\Guest\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll - a variant of Win32/PriceGong.A potentially unwanted application - action selection postponed until scan completion
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp\10.26.2.507_0\APISupport\APISupport.dll - a variant of Win32/Toolbar.Conduit.Z potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\Downloads\aura-dvd-copy.exe » INNO » {app}\auradrm.dll - is OK
C:\Users\Matt\Downloads\aura-dvd-copy.exe » INNO » {app}\Aura-Software-Manager-setup-1.0.3.exe » INNO » {app}\auradrm.dll - is OK
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573 (1).exe - a variant of Win32/CNETInstaller.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573.exe - a variant of Win32/CNETInstaller.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (1).exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (2).exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24 (3).exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-6u24.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u21.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4 (1).exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » aucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » jaureg - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » jucheck - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\chromeinstall-7u4.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\couponprinter.exe » INDIGOROSE - unsupported option
C:\Users\Matt\Downloads\freegate-setup.exe » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » tbOdds.dll - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
C:\Users\Matt\Downloads\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe » NSIS » openofficeorg1.cab - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\Setup.exe » NSIS » common.dll - a variant of Win32/ExFriendAlert.B potentially unwanted application
C:\Users\Matt\Downloads\Setup.exe » NSIS » prompt_installer-conduit.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Matt\Downloads\SetupAnyDVD6642.exe » NSIS - archive damaged
C:\Users\Matt\Downloads\SetupCloneDVD2927Slysoft.exe » NSIS - archive damaged
C:\Users\Matt\Downloads\winrar-x64-393(2).exe.part » RAR » Formats\uue.fmt - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\winrar-x64-393.exe.part » RAR » Formats\uue.fmt - archive damaged - the file could not be extracted.
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Audio/13_In_the_Bleak_Midwinter.wma - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Audio/Click1.ogg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Audio/High1.ogg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/autorun.cdd - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Buttons/3_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Buttons/50_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Buttons/7_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Docs/ChattChitto.nfo.txt - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Docs/Key.AnyDVDHD - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Docs/SetupAnyDVD6603.exe - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Icons/favicon.ico - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Images/600px-Feed_Icon_Bl-Or.png - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Images/78digitalfantasyart01.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Images/btn_donate_SM.gif - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Images/Site Logo With Adsress.JPG - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRDissolveTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRSlideTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRWipeTransitions.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » autorun.exe - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto\AnyDVD & AnyDVD HD v6.6.0.3 FINAL + Reg By ChattChitto.exe » ZIP » favicon.ico - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/16 - Carrighfergus.wma - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArt_{B704C68B-BAC0-493B-BAD0-358999040560}_Large.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArt_{B704C68B-BAC0-493B-BAD0-358999040560}_Small.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArtSmall.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/Click1.ogg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/desktop.ini - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/Folder.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/High1.ogg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/autorun.cdd - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/10_1785.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/3_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/50_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/7_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/ChattChitto RG.nfo.txt - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/ElbyCDIO.zip - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/SetupAnyDVD7120.exe - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/globe.swf - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_clouds.swf - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_glitter.swf - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_i.swf - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/600px-Feed_Icon_Bl-Or.png - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/attention.png - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/btn_donate_SM.gif - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/CC6.jpg - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/hoBrl77.png - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/Thumbs.db - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/Clipboard/Clipboard.lmd - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRDissolveTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRSlideTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRWipeTransitions.tns - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » autorun.exe - error - password-protected file
C:\Users\Matt\Downloads\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG]\AnyDVD & AnyDVD HD v7.1.2.0 FINAL + Crack [ChattChitto RG].exe » ZIP » ChattChittoRG.ico - error - password-protected file
C:\Users\Matt\Downloads\anydvd 6.5.5.9 + reg key and foxkiller\SetupAnyDVD6559.exe » NSIS - archive damaged
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Audio/01 - Coventry Carol.wma - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Audio/Click1.ogg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Audio/High1.ogg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/autorun.cdd - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Buttons/3_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Buttons/50_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Buttons/7_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Docs/ChattChitto.nfo.txt - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Docs/DVDFab6205.exe - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Icons/favicon.ico - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Images/600px-Feed_Icon_Bl-Or.png - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Images/btn_donate_SM.gif - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Images/PIC CC Special1207889.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Images/Site Logo With Adsress.JPG - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRDissolveTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRSlideTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » AutoPlay/Plugins/IRWipeTransitions.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » autorun.exe - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto\DVDFab Platinum v6.2.0.5 Final + Serial By ChattChitto.exe » ZIP » favicon.ico - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/03 Stolen Child.wma - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArt_{B704C68B-BAC0-493B-BAD0-358999040560}_Large.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArt_{B704C68B-BAC0-493B-BAD0-358999040560}_Small.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/AlbumArtSmall.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/Click1.ogg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/desktop.ini - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/Folder.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Audio/High1.ogg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/autorun.cdd - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/10_1785.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/3_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/50_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Buttons/7_1644.btn - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/ChattChitto RG.nfo.txt - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/DVDFab8225Qt.exe - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Docs/msvcr90.zip - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/globe.swf - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_clouds.swf - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_glitter.swf - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Flash/indigo_i.swf - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/600px-Feed_Icon_Bl-Or.png - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/attention.png - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/btn_donate_SM.gif - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/CC22.jpg - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/hoBrl77.png - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Images/Thumbs.db - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/Clipboard/Clipboard.lmd - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRDissolveTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRSlideTransition.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » AutoPlay/Plugins/IRWipeTransitions.tns - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » autorun.exe - error - password-protected file
C:\Users\Matt\Downloads\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG]\DVDFab Platinum v8.2.2.5 + Crack [ChattChitto RG].exe » ZIP » ChattChittoRG.ico - error - password-protected file
C:\Users\Matt\Downloads\Kindle Books - C\temp_%1%2 » NSIS » Kindle.exe - archive damaged - the file could not be extracted.
C:\Windows\ServiceProfiles\LocalService\ntuser.dat - error opening [4]
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - error opening [4]
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - error opening [4]
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - error opening [4]
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - error opening [4]
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat - error opening [4]
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - error opening [4]
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - error opening [4]
C:\Windows\System32\catroot2\edb.log - error opening [4]
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - error opening [4]
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - error opening [4]
C:\Windows\System32\config\systemprofile\ntuser.dat - error opening [4]
C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - error opening [4]
C:\Windows\System32\config\systemprofile\ntuser.dat.LOG2 - error opening [4]
C:\Windows\SysWOW64\config\systemprofile\ntuser.dat - error opening [4]
C:\Windows\SysWOW64\config\systemprofile\ntuser.dat.LOG1 - error opening [4]
C:\Windows\SysWOW64\config\systemprofile\ntuser.dat.LOG2 - error opening [4]
C:\Windows\Temp\JET7B75.tmp - error opening [4]
C:\Users\Guest\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll - a variant of Win32/PriceGong.A potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp\10.26.2.507_0\APISupport\APISupport.dll - a variant of Win32/Toolbar.Conduit.Z potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573 (1).exe - a variant of Win32/CNETInstaller.B potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573.exe - a variant of Win32/CNETInstaller.B potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\Downloads\freegate-setup.exe » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » tbOdds.dll - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
C:\Users\Matt\Downloads\Setup.exe » NSIS » common.dll - a variant of Win32/ExFriendAlert.B potentially unwanted application
C:\Users\Matt\Downloads\Setup.exe » NSIS » prompt_installer-conduit.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
Number of scanned objects: 239251
Number of threats found: 13
Number of cleaned objects: 13
Time of completion: 3:03:22 PM  Total scanning time: 40439 sec (11:13:59)
 
Notes:
[1] Object has been deleted as it only contained the virus body.
[4] Object cannot be opened. It may be in use by another application or operating system.


#10 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 01:53 PM

ooopss.... these are the objects that I deleted 

 

 

 

C:\Users\Guest\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll - a variant of Win32/PriceGong.A potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp\10.26.2.507_0\APISupport\APISupport.dll - a variant of Win32/Toolbar.Conduit.Z potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573 (1).exe - a variant of Win32/CNETInstaller.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573.exe - a variant of Win32/CNETInstaller.B potentially unwanted application - action selection postponed until scan completion
C:\Users\Guest\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll - a variant of Win32/PriceGong.A potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Guest\AppData\LocalLow\xfinitytb\Xfinity.com Toolbar Updater.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfedmikikmahmpaimpfelmikhaigobp\10.26.2.507_0\APISupport\APISupport.dll - a variant of Win32/Toolbar.Conduit.Z potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
C:\Users\Matt\AppData\Local\SupportSoft\ComcastUI\Matt\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe » NSIS » ýŠ€ - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573 (1).exe - a variant of Win32/CNETInstaller.B potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\Downloads\cbsidlm-cbsi134-FLV_Video_Downloader-SEO-10737573.exe - a variant of Win32/CNETInstaller.B potentially unwanted application - cleaned by deleting - quarantined [1]
C:\Users\Matt\Downloads\freegate-setup.exe » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » tbOdds.dll - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Matt\Downloads\OddsMaker_3.3.1.exe » INNO » {app}\Toolbar_Setup\OddsMaker.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
C:\Users\Matt\Downloads\Setup.exe » NSIS » common.dll - a variant of Win32/ExFriendAlert.B potentially unwanted application
C:\Users\Matt\Downloads\Setup.exe » NSIS » prompt_installer-conduit.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application


#11 nasdaq

nasdaq

  • Malware Response Team
  • 20,272 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:19 AM

Posted 23 February 2014 - 02:29 PM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u51 was released on Oct. 15. 2013.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Java™ 6 Update 13
Java™ 6 Update 22
Java™ 6 Update 29
Java 7 Update 40


===

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Summary: Adobe has released security updates for Adobe Flash Player 11.9.900.152 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.327 and earlier versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Flash test site:
http://www.adobe.com/software/flash/about/
If you have the latest version close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html#main_Find_the_Flash_Player_version_installed_on_your_machine

===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

Please let me know what problem persists.

#12 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 02:37 PM

this is a nasty lil bugger...  now eset found something else moments ago



#13 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 02:42 PM

ok... well it appears that my  attachment did not appear...

 

ill try word this time 

Attached Files



#14 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 02:53 PM

2/23/2014 2:50:10 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:47:50 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:47:49 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:46:34 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:46:33 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:45:50 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:45:49 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:45:48 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:45:47 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:30:34 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:30:26 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:30:01 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:30:00 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:29:00 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.
2/23/2014 2:28:23 PM HTTP filter file http://cht.conduit-download.com/71/331/CT3316071/Downloads/ChromeWebToolbar/Releases/10.26.7.519/14-02-22-14.58.11.307/SweetPacks_A11.crx a variant of Win32/Toolbar.Conduit.Z potentially unwanted application connection terminated - quarantined HAL-9000\Matt Threat was detected upon access to web by the application: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.

how in the  bleep do I get rid of this ??????    eset   gives option to no action or disconnect ?



#15 poopyputer

poopyputer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:19 AM

Posted 23 February 2014 - 02:54 PM

java   uninstall done 

 

 

 

2/23/14 2:48 PM: Java™ 6 Update 13 was uninstalled successfully
2/23/14 2:48 PM: Java™ 6 Update 22 was uninstalled successfully
2/23/14 2:48 PM: Java™ 6 Update 29 was uninstalled successfully






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users