Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
8 replies to this topic

#1 JeremyMartin

JeremyMartin

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 18 October 2013 - 10:51 PM

I seem to have some really difficult malware on my computer.  Sometimes, when I click somewhere on a page, I get sent to a bogus "Survey" page titled "Thank you for visiting (name of current page).  Please complete this survey."

It turns random words on the page into links to ad pages.  Also, the computer runs very slowly.

Not even the latest Malware Bytes, Malware RootKit, SUPERAntiSpyware Free Edition, TTSKaspersky or Trend Micro Housecall can find anything.
 
Here is the Hijack This log:
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:14:22 AM, on 10/16/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
CHROME: 30.0.1599.69
FIREFOX: 24.0 (en-US)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AIM\aim.exe
C:\Users\Jeremy Martin\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Users\Jeremy Martin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOL Messaging Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: AOL Messaging Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O3 - Toolbar: AOL Messaging Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jeremy Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [googletalk] C:\Users\Jeremy Martin\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: WebEx Service Host for Support Center (atashost) - WebEx Communications, Inc. - C:\Windows\system32\atashost.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:04:54 AM

Posted 20 October 2013 - 09:58 PM

Please run the following:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 JeremyMartin

JeremyMartin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 21 October 2013 - 10:57 PM

First:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2013 01
Ran by Jeremy Martin (administrator) on MUSPELHEIM on 21-10-2013 23:52:26
Running from C:\Users\Jeremy Martin\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\Windows\system32\atashost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
() C:\Windows\runservice.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\system32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Pegatron Corp.) C:\Program Files\ATK Hotkey\Hcontrol.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
() C:\Windows\ASScrPro.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files\Pure Networks\Network Magic\nmapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(AOL Inc.) C:\Program Files\AIM\aim.exe
(Google) C:\Users\Jeremy Martin\AppData\Roaming\Google\Google Talk\googletalk.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
() C:\Program Files\ATK Hotkey\LOSD.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfService.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Microsoft Pinyin IME Migration] - C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [HControlUser] - C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-07-03] ()
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8392704 2009-03-04] (ASUS)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7416352 2009-04-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-06] (Synaptics, Inc.)
HKLM\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-04-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM\...\Run: [ASUSTPE] - C:\Windows\system32\ASUSTPE.exe [106496 2007-10-12] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] - C:\Windows\AsScrProlog.exe [47672 2009-07-12] ()
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\Windows\ASScrPro.exe [33136 2009-07-12] ()
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-04-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [nmctxth] - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM\...\Run: [nmapp] - C:\Program Files\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2011-08-19] (Apple Inc.)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [362432 2011-12-22] (Citrix Systems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2345296 2013-10-01] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre7\bin\jusched.exe"
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-07-12] (Google Inc.)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKCU\...\Run: [Aim] - C:\Program Files\AIM\aim.exe [4321112 2012-02-29] (AOL Inc.)
HKCU\...\Run: [googletalk] - C:\Users\Jeremy Martin\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKCU\...\Run: [Advanced SystemCare 4] - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [412560 2011-05-28] (IObit)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5706480 2013-10-02] (SUPERAntiSpyware)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\Jeremy Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=031913
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
URLSearchHook: AOL Messaging Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=031913&q={searchTerms}&src=IE-SearchBox
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
BHO: AOL Messaging Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
Toolbar: HKLM - AOL Messaging Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -AOL Messaging Toolbar - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

FireFox:
========
FF ProfilePath: C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jeremy Martin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jeremy Martin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Jeremy Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\searchplugins\AOL Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\AOL Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: WordOv - C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\Extensions\ljsmnupof@oesolvpidw.net
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: AOL Messaging Toolbar - C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
FF Extension: No Name - C:\Users\Jeremy Martin\AppData\Roaming\Mozilla\Firefox\Profiles\6lzayi76.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: WordOv - C:\Program Files\Mozilla Firefox\extensions\ljsmnupof@oesolvpidw.net
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=031913
CHR DefaultSearchURL: (Bing) - http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultSuggestURL: (Bing) - http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jeremy Martin\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jeremy Martin\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Jeremy Martin\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Jeremy Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Jeremy Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java™ Platform SE 6 U13) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java™ Platform SE 6 U13) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Citrix ICA Client) - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Jeremy Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Battlefield Heroes) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.145.0_0
CHR Extension: (ElectroLyrics-15) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmcmfkmnidkjnppglklanhlknckkdbje\1.25.6_0
CHR Extension: (Skype Click to Call) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0
CHR Extension: (Gmail) - C:\Users\JEREMY~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com)
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 AdvancedSystemCareService; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [353168 2011-05-28] (IObit)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-05-30] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1612112 2013-10-01] (LogMeIn Inc.)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [820568 2011-07-20] (IObit)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2009-09-19] ()
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-08-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2011-01-16] ()

==================== Drivers (Whitelisted) ====================

R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [30264 2009-07-12] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-01] (AVG Technologies)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [18768 2011-07-11] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2009-04-01] (Windows ® Win 7 DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [27696 2009-07-07] (Cisco Systems, Inc.)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [30600 2011-03-23] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [16184 2011-02-23] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-10-09] ()
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [19280 2011-03-23] (IObit.com)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2013-02-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [20864 2013-02-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [25216 2013-02-21] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\JEREMY~1\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-21 23:52 - 2013-10-21 23:52 - 00000000 ____D C:\FRST
2013-10-21 23:51 - 2013-10-21 23:51 - 01087529 _____ (Farbar) C:\Users\Jeremy Martin\Downloads\FRST.exe
2013-10-21 19:53 - 2013-10-21 19:53 - 00143920 _____ C:\Windows\Minidump\Mini102113-01.dmp
2013-10-20 22:05 - 2013-10-20 22:05 - 00000791 _____ C:\Users\Jeremy Martin\Desktop\JRT.txt
2013-10-20 21:20 - 2013-10-20 21:20 - 01060070 _____ C:\Users\Jeremy Martin\Downloads\AdwCleaner.exe
2013-10-20 21:16 - 2013-05-27 14:49 - 00174496 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-20 12:36 - 2013-10-20 12:36 - 00891167 _____ C:\Users\Jeremy Martin\Downloads\SecurityCheck.exe
2013-10-20 12:18 - 2013-10-20 12:18 - 00014949 _____ C:\ComboFix.txt
2013-10-20 11:59 - 2013-10-20 12:18 - 00000000 ____D C:\ComboFix
2013-10-20 09:45 - 2013-10-20 09:45 - 00023726 _____ C:\Users\Jeremy Martin\Desktop\attach.txt
2013-10-20 09:45 - 2013-10-20 09:44 - 00026386 _____ C:\Users\Jeremy Martin\Desktop\dds.txt
2013-10-20 09:44 - 2013-10-20 03:16 - 00688992 ____R (Swearware) C:\Users\Jeremy Martin\Downloads\dds.scr
2013-10-20 01:58 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-20 01:58 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-20 01:58 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-20 01:58 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-20 01:58 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-20 01:58 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-20 01:58 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-20 01:58 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-20 01:53 - 2013-10-20 12:18 - 00000000 ____D C:\Qoobox
2013-10-20 01:52 - 2013-10-20 03:13 - 00000000 ____D C:\Windows\erdnt
2013-10-20 01:52 - 2013-10-20 01:52 - 05135479 ____R (Swearware) C:\Users\Jeremy Martin\Downloads\ComboFix.exe
2013-10-20 01:48 - 2013-10-20 01:48 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 01:46 - 2013-10-20 01:46 - 01033335 _____ (Thisisu) C:\Users\Jeremy Martin\Downloads\JRT.exe
2013-10-20 01:11 - 2013-10-20 21:49 - 00000000 ____D C:\AdwCleaner
2013-10-20 01:08 - 2013-10-20 01:09 - 00024492 _____ C:\Users\Jeremy Martin\Documents\Malware.odt
2013-10-19 21:25 - 2013-10-19 21:28 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\3DS
2013-10-19 21:19 - 2013-10-19 21:19 - 00001840 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-19 20:31 - 2013-10-19 20:31 - 00001162 _____ C:\Users\Jeremy Martin\Desktop\WinX Free MP4 to AVI Converter.lnk
2013-10-19 20:31 - 2013-10-19 20:31 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Digiarty
2013-10-19 20:31 - 2013-10-19 20:31 - 00000000 ____D C:\Program Files\Digiarty
2013-10-19 20:30 - 2013-10-19 20:30 - 29986448 _____ (Digiarty Software, Inc.                                     ) C:\Users\Jeremy Martin\Downloads\winx-mp4-to-avi.exe
2013-10-19 18:38 - 2013-10-19 18:39 - 00000000 ____D C:\Program Files\AllToAVI
2013-10-19 18:38 - 2013-10-19 18:38 - 00000781 _____ C:\Users\Jeremy Martin\Desktop\AllToAVI.lnk
2013-10-19 18:38 - 2013-10-19 18:38 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AllToAVI
2013-10-19 18:37 - 2013-10-19 18:38 - 26453613 _____ C:\Users\Jeremy Martin\Downloads\AllToAVI_v4_r5394_Setup.exe
2013-10-19 18:29 - 2013-10-19 18:33 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Audacity
2013-10-19 18:29 - 2013-10-19 18:29 - 00000771 _____ C:\Users\Public\Desktop\Audacity.lnk
2013-10-19 18:29 - 2013-10-19 18:29 - 00000000 ____D C:\Program Files\Audacity
2013-10-19 18:26 - 2013-10-19 18:26 - 22308174 _____ (Audacity Team                                               ) C:\Users\Jeremy Martin\Downloads\audacity-win-2.0.4.exe
2013-10-19 16:58 - 2013-10-19 17:32 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Car Show 2013
2013-10-19 03:03 - 2013-10-20 01:12 - 00686080 _____ C:\Users\Jeremy Martin\Desktop\ZombieRogers.MSWMM
2013-10-17 00:15 - 2013-10-17 00:47 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\OxelonMC
2013-10-17 00:15 - 2013-10-17 00:15 - 00000549 _____ C:\Users\Public\Desktop\Oxelon Media Converter.lnk
2013-10-17 00:15 - 2013-10-17 00:15 - 00000047 _____ C:\Users\Public\Desktop\Oxelon.com.url
2013-10-17 00:15 - 2013-10-17 00:15 - 00000000 ____D C:\Program Files\OxelonMedia
2013-10-16 23:01 - 2013-10-16 23:02 - 03265482 _____ (Oxelon                                                      ) C:\Users\Jeremy Martin\Downloads\oxelonmedia.exe
2013-10-15 23:53 - 2013-10-16 00:15 - 00019020 _____ C:\Users\Jeremy Martin\Desktop\hijackthis.log
2013-10-15 23:44 - 2013-10-15 23:45 - 00018930 _____ C:\Users\Jeremy Martin\Downloads\hijackthis.log
2013-10-15 23:40 - 2013-10-15 23:40 - 00894600 _____ (CNET Download.com) C:\Users\Jeremy Martin\Downloads\cbsidlm-cbsi134-Download_App-PBF-75864009(1).exe
2013-10-15 23:38 - 2013-10-15 23:38 - 00894600 _____ (CNET Download.com) C:\Users\Jeremy Martin\Downloads\cbsidlm-cbsi134-Download_App-PBF-75864009.exe
2013-10-15 23:35 - 2013-10-15 23:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\HijackThis.exe
2013-10-15 22:51 - 2013-10-15 22:51 - 00891312 _____ C:\Users\Jeremy Martin\AppData\Local\census.cache
2013-10-15 22:49 - 2013-10-15 22:49 - 00219076 _____ C:\Users\Jeremy Martin\AppData\Local\ars.cache
2013-10-15 21:28 - 2013-10-15 21:28 - 02049128 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\HousecallLauncher.exe
2013-10-15 21:28 - 2013-10-15 21:28 - 00000036 _____ C:\Users\Jeremy Martin\AppData\Local\housecall.guid.cache
2013-10-14 22:32 - 2013-10-14 22:32 - 04745728 _____ (AVAST Software) C:\Users\Jeremy Martin\Downloads\aswmbr.exe
2013-10-14 22:28 - 2013-10-14 22:28 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-14 22:25 - 2013-10-14 22:25 - 01724552 _____ C:\Users\Jeremy Martin\Downloads\Adaware_Installer.exe
2013-10-14 21:55 - 2013-10-14 21:55 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\AVG2014
2013-10-14 21:53 - 2013-10-14 21:53 - 00000809 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-14 21:49 - 2013-10-14 21:56 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-14 19:31 - 2013-10-15 19:23 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Local\Avg2014
2013-10-14 02:45 - 2013-10-14 02:45 - 04101172 _____ C:\Users\Jeremy Martin\Downloads\tdsskiller(2).zip
2013-10-14 02:44 - 2013-10-14 02:45 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\tdsskiller(1)
2013-10-14 02:43 - 2013-10-14 02:43 - 04101172 _____ C:\Users\Jeremy Martin\Downloads\tdsskiller(1).zip
2013-10-14 02:42 - 2013-10-14 02:43 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Jeremy Martin\Downloads\tdsskiller(1).exe
2013-10-14 02:30 - 2013-10-14 02:30 - 08656400 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\RootkitBuster_v5_1061.exe
2013-10-14 02:30 - 2013-10-14 02:30 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\TMRBLog
2013-10-14 02:30 - 2013-10-14 02:30 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\log
2013-10-14 02:13 - 2013-10-14 02:13 - 00000114 _____ C:\local.conf
2013-10-14 02:01 - 2013-10-14 02:00 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007(2).exe
2013-10-14 01:56 - 2013-10-14 01:56 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007(1).exe
2013-10-13 20:55 - 2013-10-13 20:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-13 20:54 - 2013-10-13 20:54 - 27837368 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(3).exe
2013-10-13 20:53 - 2013-10-13 20:53 - 27837368 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(2).exe
2013-10-13 19:33 - 2013-10-13 20:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-13 19:29 - 2013-10-14 02:27 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-13 19:29 - 2013-10-14 02:27 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\mbar
2013-10-13 19:27 - 2013-10-13 19:27 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007.exe
2013-10-13 13:53 - 2013-10-13 13:53 - 28031288 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(1).exe
2013-10-13 13:51 - 2013-10-13 20:55 - 00001767 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-10-13 13:51 - 2013-10-13 13:51 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\SUPERAntiSpyware.com
2013-10-13 13:51 - 2013-10-13 13:51 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-10-13 13:50 - 2013-10-13 13:50 - 28031288 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware.exe
2013-10-13 01:51 - 2013-10-13 01:52 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WordOv
2013-10-12 22:55 - 2013-10-17 00:38 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Zombie Walk 2013
2013-10-09 03:38 - 2013-09-23 23:07 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 03625984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-09 03:38 - 2013-09-23 23:07 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 03:38 - 2013-09-23 23:06 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-09 03:38 - 2013-09-23 16:13 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-09 03:38 - 2013-09-23 16:01 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-08 20:48 - 2013-08-29 03:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 20:48 - 2013-08-26 22:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-08 20:48 - 2013-08-26 22:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-08 20:48 - 2013-08-26 22:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-08 20:48 - 2013-08-26 22:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-08 20:48 - 2013-08-26 21:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-08 20:48 - 2013-08-26 21:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-08 20:48 - 2013-08-26 21:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-08 20:48 - 2013-08-26 21:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-08 20:48 - 2013-08-26 21:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-08 20:48 - 2013-07-31 23:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-08 20:48 - 2013-07-31 22:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-08 20:48 - 2013-07-20 06:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 20:48 - 2013-07-12 05:04 - 00073344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-08 20:48 - 2013-06-28 22:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-08 20:48 - 2013-06-28 22:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-08 20:48 - 2013-06-28 22:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-08 20:48 - 2013-06-28 22:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 20:48 - 2011-05-05 09:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-08 20:48 - 2011-05-05 09:54 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-08 20:47 - 2013-07-04 00:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-08 20:47 - 2013-07-02 22:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-08 20:47 - 2013-07-02 22:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-08 20:47 - 2013-06-26 19:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 20:47 - 2013-06-04 00:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-08 20:47 - 2013-06-03 21:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-06 09:51 - 2013-10-06 09:51 - 11605360 _____ (Citrix Systems, Inc.) C:\Users\Jeremy Martin\Desktop\CitrixOnlinePluginWeb.exe
2013-10-06 08:32 - 2013-10-06 08:32 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Local\LogMeIn
2013-10-06 08:32 - 2013-10-06 08:32 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-06 08:17 - 2013-10-06 08:17 - 00000730 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-06 08:17 - 2013-10-06 08:17 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-09-27 06:39 - 2013-09-27 06:39 - 00143872 _____ C:\Windows\Minidump\Mini092713-01.dmp
2013-09-25 20:57 - 2013-09-25 20:57 - 00120632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2013-09-22 23:49 - 2013-09-23 01:17 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Love Lessons
2013-09-21 10:33 - 2013-09-21 10:33 - 00281640 _____ (Mozilla) C:\Users\Jeremy Martin\Downloads\Firefox Setup Stub 24.0.exe

==================== One Month Modified Files and Folders =======

2013-10-21 23:52 - 2013-10-21 23:52 - 00000000 ____D C:\FRST
2013-10-21 23:51 - 2013-10-21 23:51 - 01087529 _____ (Farbar) C:\Users\Jeremy Martin\Downloads\FRST.exe
2013-10-21 23:50 - 2011-07-02 01:18 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Skype
2013-10-21 23:42 - 2010-11-22 22:37 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000UA.job
2013-10-21 23:29 - 2011-04-22 22:39 - 00000000 ____D C:\ProgramData\MFAData
2013-10-21 23:13 - 2012-07-16 22:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-21 22:33 - 2009-07-12 18:40 - 01467960 _____ C:\Windows\WindowsUpdate.log
2013-10-21 22:32 - 2009-07-31 19:50 - 00032631 _____ C:\ProgramData\nvModes.001
2013-10-21 22:31 - 2006-11-02 08:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-21 22:31 - 2006-11-02 08:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-21 20:55 - 2013-06-16 22:23 - 00000000 ____D C:\Program Files\Steam
2013-10-21 20:54 - 2011-04-17 16:32 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Local\LogMeIn Hamachi
2013-10-21 20:53 - 2009-07-12 20:06 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-10-21 19:53 - 2013-10-21 19:53 - 00143920 _____ C:\Windows\Minidump\Mini102113-01.dmp
2013-10-21 19:53 - 2011-08-21 08:31 - 350318503 _____ C:\Windows\MEMORY.DMP
2013-10-21 19:53 - 2010-10-30 02:24 - 00000000 ____D C:\Windows\Minidump
2013-10-21 19:53 - 2009-09-19 00:21 - 00001057 ___SH C:\Windows\system32\mmf.sys
2013-10-21 19:53 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-21 19:30 - 2010-11-22 22:37 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000Core.job
2013-10-21 07:37 - 2009-11-09 08:25 - 00001356 _____ C:\Users\Jeremy Martin\AppData\Local\d3d9caps.dat
2013-10-20 22:05 - 2013-10-20 22:05 - 00000791 _____ C:\Users\Jeremy Martin\Desktop\JRT.txt
2013-10-20 21:54 - 2013-06-16 22:23 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-10-20 21:50 - 2008-04-13 23:50 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-10-20 21:50 - 2006-11-02 09:01 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-20 21:49 - 2013-10-20 01:11 - 00000000 ____D C:\AdwCleaner
2013-10-20 21:20 - 2013-10-20 21:20 - 01060070 _____ C:\Users\Jeremy Martin\Downloads\AdwCleaner.exe
2013-10-20 12:36 - 2013-10-20 12:36 - 00891167 _____ C:\Users\Jeremy Martin\Downloads\SecurityCheck.exe
2013-10-20 12:26 - 2011-08-11 03:26 - 00043196 _____ C:\Windows\PFRO.log
2013-10-20 12:18 - 2013-10-20 12:18 - 00014949 _____ C:\ComboFix.txt
2013-10-20 12:18 - 2013-10-20 11:59 - 00000000 ____D C:\ComboFix
2013-10-20 12:18 - 2013-10-20 01:53 - 00000000 ____D C:\Qoobox
2013-10-20 12:15 - 2006-11-02 06:23 - 00000215 _____ C:\Windows\system.ini
2013-10-20 09:45 - 2013-10-20 09:45 - 00023726 _____ C:\Users\Jeremy Martin\Desktop\attach.txt
2013-10-20 09:44 - 2013-10-20 09:45 - 00026386 _____ C:\Users\Jeremy Martin\Desktop\dds.txt
2013-10-20 03:16 - 2013-10-20 09:44 - 00688992 ____R (Swearware) C:\Users\Jeremy Martin\Downloads\dds.scr
2013-10-20 03:14 - 2006-11-02 07:18 - 00000000 __RHD C:\Users\Default
2013-10-20 03:14 - 2006-11-02 07:18 - 00000000 ___RD C:\Users\Public
2013-10-20 03:13 - 2013-10-20 01:52 - 00000000 ____D C:\Windows\erdnt
2013-10-20 01:52 - 2013-10-20 01:52 - 05135479 ____R (Swearware) C:\Users\Jeremy Martin\Downloads\ComboFix.exe
2013-10-20 01:48 - 2013-10-20 01:48 - 00000000 ____D C:\Windows\ERUNT
2013-10-20 01:46 - 2013-10-20 01:46 - 01033335 _____ (Thisisu) C:\Users\Jeremy Martin\Downloads\JRT.exe
2013-10-20 01:41 - 2006-11-02 06:33 - 00759698 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-20 01:12 - 2013-10-19 03:03 - 00686080 _____ C:\Users\Jeremy Martin\Desktop\ZombieRogers.MSWMM
2013-10-20 01:09 - 2013-10-20 01:08 - 00024492 _____ C:\Users\Jeremy Martin\Documents\Malware.odt
2013-10-20 01:00 - 2009-08-08 17:39 - 00214016 _____ C:\Users\Jeremy Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-19 21:28 - 2013-10-19 21:25 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\3DS
2013-10-19 21:19 - 2013-10-19 21:19 - 00001840 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-19 21:18 - 2010-07-06 21:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-19 20:31 - 2013-10-19 20:31 - 00001162 _____ C:\Users\Jeremy Martin\Desktop\WinX Free MP4 to AVI Converter.lnk
2013-10-19 20:31 - 2013-10-19 20:31 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Digiarty
2013-10-19 20:31 - 2013-10-19 20:31 - 00000000 ____D C:\Program Files\Digiarty
2013-10-19 20:30 - 2013-10-19 20:30 - 29986448 _____ (Digiarty Software, Inc.                                     ) C:\Users\Jeremy Martin\Downloads\winx-mp4-to-avi.exe
2013-10-19 18:39 - 2013-10-19 18:38 - 00000000 ____D C:\Program Files\AllToAVI
2013-10-19 18:38 - 2013-10-19 18:38 - 00000781 _____ C:\Users\Jeremy Martin\Desktop\AllToAVI.lnk
2013-10-19 18:38 - 2013-10-19 18:38 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AllToAVI
2013-10-19 18:38 - 2013-10-19 18:37 - 26453613 _____ C:\Users\Jeremy Martin\Downloads\AllToAVI_v4_r5394_Setup.exe
2013-10-19 18:33 - 2013-10-19 18:29 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Audacity
2013-10-19 18:29 - 2013-10-19 18:29 - 00000771 _____ C:\Users\Public\Desktop\Audacity.lnk
2013-10-19 18:29 - 2013-10-19 18:29 - 00000000 ____D C:\Program Files\Audacity
2013-10-19 18:26 - 2013-10-19 18:26 - 22308174 _____ (Audacity Team                                               ) C:\Users\Jeremy Martin\Downloads\audacity-win-2.0.4.exe
2013-10-19 17:32 - 2013-10-19 16:58 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Car Show 2013
2013-10-17 21:06 - 2010-11-22 22:38 - 00002089 _____ C:\Users\Jeremy Martin\Desktop\Google Chrome.lnk
2013-10-17 00:47 - 2013-10-17 00:15 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\OxelonMC
2013-10-17 00:38 - 2013-10-12 22:55 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Zombie Walk 2013
2013-10-17 00:15 - 2013-10-17 00:15 - 00000549 _____ C:\Users\Public\Desktop\Oxelon Media Converter.lnk
2013-10-17 00:15 - 2013-10-17 00:15 - 00000047 _____ C:\Users\Public\Desktop\Oxelon.com.url
2013-10-17 00:15 - 2013-10-17 00:15 - 00000000 ____D C:\Program Files\OxelonMedia
2013-10-16 23:02 - 2013-10-16 23:01 - 03265482 _____ (Oxelon                                                      ) C:\Users\Jeremy Martin\Downloads\oxelonmedia.exe
2013-10-16 00:15 - 2013-10-15 23:53 - 00019020 _____ C:\Users\Jeremy Martin\Desktop\hijackthis.log
2013-10-15 23:45 - 2013-10-15 23:44 - 00018930 _____ C:\Users\Jeremy Martin\Downloads\hijackthis.log
2013-10-15 23:40 - 2013-10-15 23:40 - 00894600 _____ (CNET Download.com) C:\Users\Jeremy Martin\Downloads\cbsidlm-cbsi134-Download_App-PBF-75864009(1).exe
2013-10-15 23:38 - 2013-10-15 23:38 - 00894600 _____ (CNET Download.com) C:\Users\Jeremy Martin\Downloads\cbsidlm-cbsi134-Download_App-PBF-75864009.exe
2013-10-15 23:35 - 2013-10-15 23:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\HijackThis.exe
2013-10-15 22:51 - 2013-10-15 22:51 - 00891312 _____ C:\Users\Jeremy Martin\AppData\Local\census.cache
2013-10-15 22:49 - 2013-10-15 22:49 - 00219076 _____ C:\Users\Jeremy Martin\AppData\Local\ars.cache
2013-10-15 21:28 - 2013-10-15 21:28 - 02049128 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\HousecallLauncher.exe
2013-10-15 21:28 - 2013-10-15 21:28 - 00000036 _____ C:\Users\Jeremy Martin\AppData\Local\housecall.guid.cache
2013-10-15 19:30 - 2013-06-27 07:07 - 00003734 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-15 19:23 - 2013-10-14 19:31 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Local\Avg2014
2013-10-14 22:32 - 2013-10-14 22:32 - 04745728 _____ (AVAST Software) C:\Users\Jeremy Martin\Downloads\aswmbr.exe
2013-10-14 22:28 - 2013-10-14 22:28 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-14 22:25 - 2013-10-14 22:25 - 01724552 _____ C:\Users\Jeremy Martin\Downloads\Adaware_Installer.exe
2013-10-14 21:58 - 2009-10-30 09:53 - 00000000 ____D C:\Program Files\AVG
2013-10-14 21:56 - 2013-10-14 21:49 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-14 21:56 - 2012-10-31 08:04 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-14 21:55 - 2013-10-14 21:55 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\AVG2014
2013-10-14 21:53 - 2013-10-14 21:53 - 00000809 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-14 02:45 - 2013-10-14 02:45 - 04101172 _____ C:\Users\Jeremy Martin\Downloads\tdsskiller(2).zip
2013-10-14 02:45 - 2013-10-14 02:44 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\tdsskiller(1)
2013-10-14 02:43 - 2013-10-14 02:43 - 04101172 _____ C:\Users\Jeremy Martin\Downloads\tdsskiller(1).zip
2013-10-14 02:43 - 2013-10-14 02:42 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Jeremy Martin\Downloads\tdsskiller(1).exe
2013-10-14 02:30 - 2013-10-14 02:30 - 08656400 _____ (Trend Micro Inc.) C:\Users\Jeremy Martin\Downloads\RootkitBuster_v5_1061.exe
2013-10-14 02:30 - 2013-10-14 02:30 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\TMRBLog
2013-10-14 02:30 - 2013-10-14 02:30 - 00000000 ____D C:\Users\Jeremy Martin\Downloads\log
2013-10-14 02:27 - 2013-10-13 19:29 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-14 02:27 - 2013-10-13 19:29 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\mbar
2013-10-14 02:13 - 2013-10-14 02:13 - 00000114 _____ C:\local.conf
2013-10-14 02:00 - 2013-10-14 02:01 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007(2).exe
2013-10-14 01:56 - 2013-10-14 01:56 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007(1).exe
2013-10-14 01:33 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\security
2013-10-13 20:55 - 2013-10-13 20:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-13 20:55 - 2013-10-13 13:51 - 00001767 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-10-13 20:54 - 2013-10-13 20:54 - 27837368 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(3).exe
2013-10-13 20:53 - 2013-10-13 20:53 - 27837368 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(2).exe
2013-10-13 20:51 - 2011-09-13 11:05 - 00000000 ____D C:\Program Files\MALWAREBYTES ANTI-MALWARE
2013-10-13 20:36 - 2013-10-13 19:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-13 19:27 - 2013-10-13 19:27 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Jeremy Martin\Downloads\mbar-1.07.0.1007.exe
2013-10-13 13:53 - 2013-10-13 13:53 - 28031288 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware(1).exe
2013-10-13 13:51 - 2013-10-13 13:51 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\SUPERAntiSpyware.com
2013-10-13 13:51 - 2013-10-13 13:51 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-10-13 13:50 - 2013-10-13 13:50 - 28031288 _____ (SUPERAntiSpyware) C:\Users\Jeremy Martin\Downloads\SUPERAntiSpyware.exe
2013-10-13 02:32 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\SchCache
2013-10-13 01:52 - 2013-10-13 01:51 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WordOv
2013-10-09 07:44 - 2011-07-02 01:17 - 00000000 ____D C:\ProgramData\Skype
2013-10-09 04:13 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-09 04:05 - 2006-11-02 08:47 - 00438944 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 04:04 - 2009-07-30 21:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 03:42 - 2009-07-12 18:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-09 03:33 - 2013-07-22 07:23 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 03:27 - 2006-11-02 06:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-10-08 21:13 - 2012-07-16 22:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-08 21:13 - 2011-06-07 12:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-06 09:51 - 2013-10-06 09:51 - 11605360 _____ (Citrix Systems, Inc.) C:\Users\Jeremy Martin\Desktop\CitrixOnlinePluginWeb.exe
2013-10-06 08:32 - 2013-10-06 08:32 - 00000000 ____D C:\Users\Jeremy Martin\AppData\Local\LogMeIn
2013-10-06 08:32 - 2013-10-06 08:32 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-06 08:17 - 2013-10-06 08:17 - 00000730 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-10-06 08:17 - 2013-10-06 08:17 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-10-01 21:59 - 2012-09-03 23:11 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-09-27 06:39 - 2013-09-27 06:39 - 00143872 _____ C:\Windows\Minidump\Mini092713-01.dmp
2013-09-25 20:57 - 2013-09-25 20:57 - 00120632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2013-09-23 23:07 - 2013-10-09 03:38 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 03625984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-23 23:07 - 2013-10-09 03:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 23:06 - 2013-10-09 03:38 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-09-23 16:13 - 2013-10-09 03:38 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-23 16:01 - 2013-10-09 03:38 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-23 01:17 - 2013-09-22 23:49 - 00000000 ____D C:\Users\Jeremy Martin\Desktop\Love Lessons
2013-09-22 18:20 - 2009-07-31 19:45 - 00032631 _____ C:\ProgramData\nvModes.dat
2013-09-21 10:46 - 2013-08-17 00:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-21 10:46 - 2012-07-07 10:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-21 10:35 - 2009-12-20 10:27 - 00000813 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-21 10:33 - 2013-09-21 10:33 - 00281640 _____ (Mozilla) C:\Users\Jeremy Martin\Downloads\Firefox Setup Stub 24.0.exe

Some content of TEMP:
====================
C:\Users\Jeremy Martin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-21 20:09

==================== End Of Log ============================

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-10-2013 01
Ran by Jeremy Martin at 2013-10-21 23:54:36
Running from C:\Users\Jeremy Martin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
32 Bit HP CIO Components Installer (Version: 1.0.0)
5600 (Version: 82.0.242.000)
5600_Help (Version: 82.0.242.000)
5600Trb (Version: 82.0.242.000)
7-Zip 9.20
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.5.2 (Version: 9.5.2)
Advanced SystemCare 4 (Version: 4.0.1)
AIM 7
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
AllToAVI v4 r5394 (Version: v4 r5394)
AOL Messaging Toolbar
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.3)
ASUS CopyProtect (Version: 1.0.0012)
ASUS Data Security Manager (Version: 1.00.0011)
ASUS FancyStart (Version: 1.0.4)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.7)
ASUS MultiFrame (Version: 1.0.0018)
ASUS Power4Gear Hybrid (Version: 1.1.09)
ASUS SmartLogon (Version: 1.0.0006)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0026)
ASUS Touch Pad Extra
ASUS Virtual Camera (Version: 1.0.15)
Asus_Camera_ScreenSaver (Version: 2.0.0008)
Atheros Client Installation Program (Version: 7.0)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.00.0048)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0003)
Audacity 2.0.4 (Version: 2.0.4)
AVG 2014 (Version: 14.0.3614)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
Axis & Allies (Version: 1.00.000)
Back to the Future The Game - Episode 1 (Version: 1.0.0.0)
Back to the Future The Game - Episode 2 (HKCU Version: 1.0.0.0)
Back to the Future The Game - Episode 3 (HKCU Version: 1.0.0.0)
Back to the Future The Game - Episode 4 (HKCU Version: 1.0.0.15)
Back to the Future The Game - Episode 5 (HKCU Version: 1.0.0.15)
Battlefield Heroes
Bonjour (Version: 3.0.0.2)
BufferChm (Version: 82.0.173.000)
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.2.9)
Cisco LEAP Module (Version: 1.0.15)
Cisco Network Magic (Version: 5.5.09195.0)
Cisco PEAP Module (Version: 1.1.2)
Citrix Authentication Manager (Version: 2.0.0.41479)
Citrix Receiver (HDX Flash Redirection) (Version: 13.1.0.89)
Citrix Receiver (Version: 13.1.0.89)
Citrix Receiver Inside (Version: 3.1.0.64094)
Citrix Receiver(Aero) (Version: 13.1.0.89)
Citrix Receiver(DV) (Version: 13.1.0.89)
Citrix Receiver(USB) (Version: 13.1.0.89)
Command & Conquer The First Decade (Version: 1.00.0000)
Command & Conquer Tiberian Dawn Redux v1.3
Command & Conquer™ Red Alert™ 3 (Version: 1.0.1.0)
Command & Conquer™ Red Alert™ 3 Uprising (Version: 1.0.1.0)
Copy (Version: 82.0.188.000)
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink LabelPrint (Version: 2.0.2908)
CyberLink Power2Go (Version: 6.0.1924)
Destinations (Version: 82.0.173.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 8.1.0.0)
DocProcQFolder (Version: 1.00.0000)
EA Download Manager (Version: 6.0.0.93)
EA Download Manager UI (Version: 6.0.0)
EA Download Manager UI (Version: 6.0.0.93)
eSupportQFolder (Version: 1.00.0000)
Express Gate (Version: 1.1.9.7)
Fax (Version: 82.0.188.000)
Game Booster (Version: 2.4.1.0)
GameFly (Version: 1.0.1377)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Talk (remove only)
Google Toolbar for Internet Explorer (Version: 1.0.0)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Solution Center 8.0 (Version: 8.0)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 82.0.173.000)
HPSSupply (Version: 2.1.3.0000)
IObit Malware Fighter (Version: 1.0)
iTunes (Version: 10.4.1.10)
Java 7 Update 21 (Version: 7.0.210)
Junk Mail filter update (Version: 14.0.8050.1202)
LG VZW United Drivers (Version: 2.10.1)
LightScribe System Software  1.14.17.1 (Version: 1.14.17.1)
LogMeIn Hamachi (Version: 2.2.0.58)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 82.0.174.000)
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook 2007 Help ¸üР(KB963677)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook Connector (Version: 12.0.6414.1000)
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Chinese (Simplified)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)
Mise à jour Microsoft Office Word 2007 Help  (KB963665)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.01.0000.00)
Network Magic (Version: 5.5.9195.0)
Norton Internet Security (Version: 16.0.0.125)
NVIDIA Drivers (Version: 1.3)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Online Plug-in (Version: 13.1.0.89)
OpenOffice.org 3.1 (Version: 3.1.9399)
Oxelon Media Converter 1.1
Picasa 3 (Version: 3.1)
PunkBuster Services (Version: 0.990)
Pure Networks Platform (Version: 11.2.09195.1)
Puzzle Agent - Puzzle Agent (Version: 1.0.0.0)
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver (Version: 6.0.1.5832)
Scan (Version: 8.1.0.0)
Self-service Plug-in (Version: 3.1.0.21744)
Sid Meier's Civilization 4 - Beyond the Sword (Version: 3.00)
Sid Meier's Civilization 4 (Version: 1.61)
Sid Meier's Civilization 4 (Version: 1.74)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.7 (Version: 6.7.102)
Smart Defrag 2 (Version: 2.1)
SolutionCenter (Version: 82.0.188.000)
SPORE™ (Version: 1.05.0001)
SPORE™ Creepy & Cute Parts Pack (Version: 1.00.0000)
StarCraft
Status (Version: 82.0.173.000)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 82.0.188.000)
Tropico 4 1.00 (HKCU Version: 1.00)
Unity Web Player (HKCU Version: )
UnloadSupport (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 UVC 1.3M WebCam
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 1.0.3 (Version: 1.0.3)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebReg (Version: 82.0.173.000)
WIDCOMM Bluetooth Software (Version: 5.2.0.800)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Movie Maker Beta (Version: 14.0.8051.1204)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
WinFlash
WinX Free MP4 to AVI Converter 4.2.0
WinZip 15.0 (Version: 15.0.9334)
Wireless Console 2 (Version: 2.0.10)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

==================== Restore Points  =========================

21-10-2013 07:00:22 Windows Update

==================== Hosts content: ==========================

2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C57D594-1D26-4240-86FD-87C38D50725E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000UA => C:\Users\Jeremy Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-22] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {239C7A8A-A36E-4D57-B58B-7D5233E85756} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-06-08] (IObit)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3B31290A-6E19-464F-8228-CC79555944E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000Core => C:\Users\Jeremy Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-22] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3DA8F959-DA4C-45BF-9D5F-AB09D8EC9B5C} - System32\Tasks\{8C476979-C7E1-4A3F-9091-B81608F76F9A} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120&LastError=404
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {48E6B14A-EBBE-4B49-BF3B-F761790A72D4} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Jeremy Martin => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {4E370232-E378-4D27-98C5-D4C78802DFB1} - System32\Tasks\{2C5C7E70-E5A7-4F14-AB90-3C2070943B17} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=5.3.0.120&LastError=404
Task: {9691AF1B-DBA9-4096-92F3-A0F641F879C1} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-20] (Microsoft Corporation)
Task: {A3E243E5-9D45-4D93-9497-02A7406AD905} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B37CCB19-6D9A-41D0-942F-A8966A380F2B} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2009-04-08] (ASUS)
Task: {CCC02280-4DA2-4FDF-96D1-3B540A230D81} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09] (ASUS)
Task: {D4697074-512D-42A7-AF58-BE2DD2C98CD1} - System32\Tasks\ASUS P4G => C:\Program files\P4G\BatteryLife.exe [2008-10-17] (ATK)
Task: {E16E32AE-019D-49AF-B258-7A775808E8A8} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E6F5E07F-C290-407A-A037-0F98F6589D52} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe [2011-05-28] (IObit)
Task: {EE5B50D4-5E4E-4E81-976A-6159167BFED4} - System32\Tasks\{D930D9FD-5BD1-4BA0-A4C8-15E553CFAA25} => C:\Program Files\Skype\\Phone\Skype.exe [2013-07-25] (Skype Technologies S.A.)
Task: {F8251EA7-3C6D-4E0C-B89D-D991E336459B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000Core.job => C:\Users\Jeremy Martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4078826694-1091603665-508379386-1000UA.job => C:\Users\Jeremy Martin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-06-15 13:28 - 2007-06-15 13:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-01 20:08 - 2007-06-01 20:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2011-08-07 14:06 - 2011-06-16 18:54 - 00047960 _____ () C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
2011-08-07 14:08 - 2011-05-28 14:46 - 00347024 _____ () C:\Program Files\IObit\Advanced SystemCare 4\madExcept_.bpl
2011-08-07 14:08 - 2011-05-28 14:46 - 00179088 _____ () C:\Program Files\IObit\Advanced SystemCare 4\madBasic_.bpl
2011-08-07 14:08 - 2011-05-28 14:46 - 00046480 _____ () C:\Program Files\IObit\Advanced SystemCare 4\madDisAsm_.bpl
2008-08-20 18:49 - 2008-08-20 18:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2008-10-16 19:45 - 2008-10-16 19:45 - 00014848 _____ () C:\Program files\P4G\OvrClk.dll
2009-07-12 19:51 - 2007-03-09 19:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2008-07-18 22:52 - 2008-07-18 22:52 - 00649704 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 12:55 - 2008-06-09 12:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2009-07-12 19:34 - 2007-11-12 18:41 - 00106496 ____R () C:\Program Files\ATK Hotkey\MsgTran.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2009-11-03 16:51 - 2009-11-03 16:51 - 00067872 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2009-07-30 20:34 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2009-07-30 20:34 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files\Yahoo!\Messenger\pcre.dll
2012-02-29 16:24 - 2012-02-29 16:24 - 00176128 _____ () C:\Program Files\AIM\nssckbi.dll
2008-07-29 20:27 - 2008-07-29 20:27 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-04-20 18:57 - 2009-04-20 18:57 - 00225280 _____ () C:\Program Files\asus\VirtualCamera\virtualCamera.ax
2009-04-16 15:02 - 2009-04-16 15:02 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2006-12-10 22:51 - 2006-12-10 22:51 - 00065536 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
2006-12-10 22:51 - 2006-12-10 22:51 - 00077824 ____R () C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
2013-09-21 10:34 - 2013-09-10 22:26 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-08 21:13 - 2013-10-08 21:13 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
2011-12-19 13:27 - 2011-12-19 13:27 - 00011704 _____ () C:\Program Files\Citrix\SelfServicePlugin\ExtensionSDK.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft 6to4 Adapter #2
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2013 07:56:37 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:37 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:35 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:33 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:33 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:32 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:31 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (10/21/2013 07:56:31 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JEREMY MARTIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6LZAYI76.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (10/21/2013 07:56:20 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032

Error: (10/21/2013 07:53:41 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:40:49 PM on 10/21/2013 was unexpected.

Error: (10/21/2013 03:07:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941){343E12E8-8772-4A72-9982-570122E959DB}203

Error: (10/20/2013 10:08:51 PM) (Source: DCOM) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-21 23:54:03.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:03.330
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:02.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:02.585
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:02.214
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:01.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:01.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:54:01.063
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:53:15.868
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-21 23:53:15.274
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 73%
Total physical RAM: 3070.39 MB
Available physical RAM: 826.26 MB
Total Pagefile: 6351.8 MB
Available Pagefile: 3125.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.65 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:2.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:137.26 GB) NTFS
Drive e: (CNCTFD) (CDROM) (Total:7.7 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137 GB) - (Type=OF Extended)

==================== End Of Log ============================



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:04:54 AM

Posted 22 October 2013 - 12:17 PM

Please run the following;
  • Download RogueKiller and save it to your desktop.
    32bit version
    64bit version
  • Quit all other programs
  • Start RogueKiller.exe
  • Wait until the Prescan has finished ...
  • Click on Scan
    RGKRScan.png
  • Wait for the end of the scan
  • A report will be created on your desktop.
  • Click on the Delete button
    RGKRDelete.png
  • Next click on the ShortcutsFix
    RGKRShortcutsFix.png
  • another report will be created on your desktop.
Please post: All RKreport.txt text files located on your desktop.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 JeremyMartin

JeremyMartin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 22 October 2013 - 10:06 PM

D:

 

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Jeremy Martin [Admin rights]
Mode : Remove -- Date : 10/22/2013 21:28:30
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] Runservice.exe -- C:\Windows\runservice.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (??_7CWbemInstance@@6BCClassPartContainer@@@) : fastprox.dll -> HOOKED (Unknown @ 0xEBD38553)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost
::1             localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320421AS ATA Device +++++
--- User ---
[MBR] 3aeadd09d0bb3b707ca2cc8fae12272f
[BSP] 68a9a69bc00139773c4fa2984750dba9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 152617 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 337140090 | Size: 140623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_10222013_212830.txt >>
RKreport[0]_S_10222013_210738.txt

S:

 

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Jeremy Martin [Admin rights]
Mode : Scan -- Date : 10/22/2013 21:07:38
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] Runservice.exe -- C:\Windows\runservice.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3636EE66)
[Inline] EAT @explorer.exe (??_7CWbemInstance@@6BCClassPartContainer@@@) : fastprox.dll -> HOOKED (Unknown @ 0xEBD38553)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost
::1             localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320421AS ATA Device +++++
--- User ---
[MBR] 3aeadd09d0bb3b707ca2cc8fae12272f
[BSP] 68a9a69bc00139773c4fa2984750dba9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12001 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 152617 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 337140090 | Size: 140623 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_10222013_210738.txt >>

SC:

 

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Jeremy Martin [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/22/2013 21:29:13
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] Runservice.exe -- C:\Windows\runservice.exe [-] -> KILLED [TermProc]

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 2 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 5 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[0]_SC_10222013_212913.txt >>
RKreport[0]_D_10222013_212830.txt;RKreport[0]_S_10222013_210738.txt



#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:04:54 AM

Posted 23 October 2013 - 10:25 AM

How is the computer running now, are there any outstanding issues?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 JeremyMartin

JeremyMartin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 23 October 2013 - 08:56 PM

Yes, I'm afraid it hasn't made a dent against the issue.

 

Almost every third page I browse to has an invisible field over it which redirects me to an ad page when I try to click anywhere on the page.  Once I've done this exercise, I can hit the "refresh" button to reload the page, and most of the time, it will not have the invisible field. 

 

Also, random words from each webpage are underlined and turned into clickable links, which redirect me to search pages.

 

Infrequently, a tiny little ad window will slide in from the left edge, covering up part of the lower right hand of the screen.  Clicking the 'X' in the corner of this window will shrink the window, but not elminate it.

The computer still boots up very slowly and takes slightly longer than usual to load.  Hence, the infection is still present and extremely active.

 

Also, I tried to revert to a Restore Point from before the infection began, but the system was unable to locate any.  The restore points from before the infection appear to be gone.

 

Further action is required.



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:04:54 AM

Posted 23 October 2013 - 09:17 PM

Please run the following:

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer. (mbar\Plugins folder)
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.
Note: Further documentation can be found in the ReadMe.rtf file which is located in the Malwarebytes Anti-Rootkit folder.


NEXT

Refer to the ComboFix User's Guide
  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:04:54 AM

Posted 20 January 2014 - 06:38 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users