Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious Icons on Desktop i think is Malware


  • Please log in to reply
28 replies to this topic

#1 subby6

subby6

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 02:24 AM

There is some suspicious icons on Desktop that i think is Malware. There names are DriverUpdate, FixCleaner, AdvancedTechSupport. The computer is randomly giving off a BSOD. But i think i fixed this, time will tell. I believe it was overheating. So have cleaned the dust out of the fans and case. Computer is running Windows 7 Home Premium 64bit.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 02:32 AM

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 


Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

 

 


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

  • Please download Adware cleaner from the link below.
  • http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
  • Save it to your desktop.
  • Right click run as admin.
  • Hit the scan button.
  • Allow completion.
  • Make sure all items are ticked.
  • Hit the clean button.
  • Even if no items are displayed to be ticked hit the clean button anyway.
  • The machine will reboot this is normal.
  • Post the log in your next reply.

 

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.

    H2HaYv4.png
  2. Post the log when it's finished.
  3.  


#3 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 04:11 AM

on hold fixing this malware issue atm, will post again with logs, once i sort out the random BSOD.



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 04:26 AM

Upload the minidump files for me please.

 

Unzip the tool to your desktop.

 

Run this tool as admin

 

Hit the Grab All button.

 

 

and post the log,

 

 

http://www.sevenforums.com/attachments/tutorials/270735d1370126245-sf-diagnostic-tool-using-troubleshooting-sf_diagnostic_tool.zip



#5 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 04:53 AM

Couldn't find any minidump files.

 

Can't find a attachment button in reply, So uploaded zip file to my google drive and shared it.

 

https://drive.google.com/file/d/0B_zKP6tgidbNSFpDeS10enpKd00/edit?usp=sharing


Edited by subby6, 19 December 2013 - 06:30 AM.


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 07:15 AM

Well the minidumps are the single most important thing that I need when dealing with bluescreen issues,if you are using ccleaner please untick the option to delete minidump files and allow the machine to crash a couple times then upload the dumps here.



#7 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 07:24 AM

It hasn't crashed inawhile, since i have the back case off (Computer is one of those All-in-one PC's). So i've start doing the scans from your first post.

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Lilleyfamily (administrator) on 19-12-2013 at 21:02:27
Running from "F:\New folder"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Lilleyfamily-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
   Physical Address. . . . . . . . . : 68-A3-C4-BE-41-BB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D0-27-88-5B-C5-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.BigPond:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{9B54FBEE-33A3-41B8-AF48-6B0977C3ED7D}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{C9D0BCC7-20BD-4FBD-AB52-5025AC915E98}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...68 a3 c4 be 41 bb ......Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
 10...d0 27 88 5b c5 34 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/19/2013 07:38:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: ExtractDeviceIcon.exe, version: 1.0.3007.0, time stamp: 0x4ce4bd13
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004751d
Faulting process id: 0xd5c
Faulting application start time: 0xExtractDeviceIcon.exe0
Faulting application path: ExtractDeviceIcon.exe1
Faulting module path: ExtractDeviceIcon.exe2
Report Id: ExtractDeviceIcon.exe3
 
Error: (12/19/2013 07:09:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: ExtractDeviceIcon.exe, version: 1.0.3007.0, time stamp: 0x4ce4bd13
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004751d
Faulting process id: 0xd8c
Faulting application start time: 0xExtractDeviceIcon.exe0
Faulting application path: ExtractDeviceIcon.exe1
Faulting module path: ExtractDeviceIcon.exe2
Report Id: ExtractDeviceIcon.exe3
 
Error: (12/19/2013 05:17:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: ExtractDeviceIcon.exe, version: 1.0.3007.0, time stamp: 0x4ce4bd13
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000004751d
Faulting process id: 0xd54
Faulting application start time: 0xExtractDeviceIcon.exe0
Faulting application path: ExtractDeviceIcon.exe1
Faulting module path: ExtractDeviceIcon.exe2
Report Id: ExtractDeviceIcon.exe3
 
Error: (12/18/2013 00:48:43 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location H:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (12/12/2013 06:30:28 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2013; Error = 0x8007043c).
 
Error: (12/12/2013 06:30:28 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2013; Error = 0x8007043c).
 
Error: (12/12/2013 06:29:47 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2013; Error = 0x8007043c).
 
Error: (12/12/2013 06:29:39 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2013; Error = 0x8007043c).
 
Error: (12/12/2013 06:35:33 AM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005.
 
Error: (12/09/2013 06:37:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5132
 
 
System errors:
=============
Error: (12/19/2013 07:40:44 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (12/19/2013 07:40:44 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The Network Connections service failed to start due to the following error: 
%%1115
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
%%1069
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service failed to start due to the following error: 
%%1069
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (12/19/2013 07:14:14 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Secure Socket Tunneling Protocol Service service which failed to start because of the following error: 
%%1069
 
 
Microsoft Office Sessions:
=========================
Error: (12/19/2013 07:38:52 PM) (Source: Application Error)(User: )
Description: ExtractDeviceIcon.exe1.0.3007.04ce4bd13ntdll.dll6.1.7601.18247521eaf24c0000005000000000004751dd5c01cefc9e10c4428eC:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exeC:\Windows\SYSTEM32\ntdll.dll5e560f65-6891-11e3-b531-68a3c4be41bb
 
Error: (12/19/2013 07:09:19 PM) (Source: Application Error)(User: )
Description: ExtractDeviceIcon.exe1.0.3007.04ce4bd13ntdll.dll6.1.7601.18247521eaf24c0000005000000000004751dd8c01cefc99f24c6247C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exeC:\Windows\SYSTEM32\ntdll.dll3d7de0b8-688d-11e3-a9a6-68a3c4be41bb
 
Error: (12/19/2013 05:17:30 PM) (Source: Application Error)(User: )
Description: ExtractDeviceIcon.exe1.0.3007.04ce4bd13ntdll.dll6.1.7601.18247521eaf24c0000005000000000004751dd5401cefc8a56576b26C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exeC:\Windows\SYSTEM32\ntdll.dll9ebd3e60-687d-11e3-9d1f-68a3c4be41bb
 
Error: (12/18/2013 00:48:43 PM) (Source: Windows Backup)(User: )
Description: H:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (12/12/2013 06:30:28 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20130x8007043c
 
Error: (12/12/2013 06:30:28 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20130x8007043c
 
Error: (12/12/2013 06:29:47 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20130x8007043c
 
Error: (12/12/2013 06:29:39 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved AVG 20130x8007043c
 
Error: (12/12/2013 06:35:33 AM) (Source: System Restore)(User: )
Description: Windows Update0x80070005
 
Error: (12/09/2013 06:37:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5132
 
 
=========================== Installed Programs ============================
 
ABBYY FineReader 9.0 Sprint (Version: 9.01.506.5829)
Acer eRecovery Management (Version: 4.05.3013)
Acer GameZone Console (Version: 6.1.0.9)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0825.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Advanced Tech Support Rescue Connect (Version: 7.0.454)
Advertising Center (Version: 0.0.0.2)
Airport Mania First Flight
Amazonia
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3211)
Bonjour (Version: 3.0.0.10)
Cake Mania
clear.fi (Version: 1.0.1111.15)
clear.fi (Version: 9.0.7105)
clear.fi Client (Version: 1.00.3007)
CyberLink YouCam (Version: 3.0.2830)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DriverUpdate (Version: 2.2.30452)
eBay Worldwide (Version: 2.1.0901)
Epson Easy Photo Print 2 (Version: 2.2.3.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0001)
EPSON Scan
EPSON TX120 NX120 Series Printer Uninstall
eSobi v2 (Version: 2.0.4.000274)
Farm Frenzy 2
FixCleaner (Version: 2.0.5013)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Heroes of Hellas
Hotkey Utility (Version: 2.05.3013)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
Intel® Matrix Storage Manager
Junk Mail filter update (Version: 15.4.3502.0922)
MediaEspresso (Version: 1.0.1028_32125)
Merriam Websters Spell Jam
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.37.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.16.0.100)
NeroExpress (Version: 9.4.37.100)
neroxml (Version: 1.0.0)
NirSoft BlueScreenView
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5933)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.10.0224)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA StereoUSB Driver (Version: 1.00.0000)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Panda Internet Security 2014 (Version: 19.01.01)
Password Depot 7 - Panda Secure Vault Edition (Version: 7.1.0)
PHOTOfunSTUDIO 8.0 SE (Version: 8.00.310)
Poker Pop
QuickTime (Version: 7.70.80.34)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 3.78)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shredder (Version: 2.0.8.3)
Skype™ 6.3 (Version: 6.3.105)
Spin & Win
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Welcome Center (Version: 1.02.3102)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 
========================= Devices: ================================
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 18%
Total physical RAM: 4023.11 MB
Available physical RAM: 3260.61 MB
Total Pagefile: 8044.4 MB
Available Pagefile: 6433.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.11 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:224.04 GB) (Free:176.14 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:224.04 GB) (Free:223.24 GB) NTFS
3 Drive e: (UBCD511) (CDROM) (Total:0.35 GB) (Free:0 GB) CDFS
4 Drive f: (Malware) (Removable) (Total:7.48 GB) (Free:7.15 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LILLEYFAMILY-PC
 
Administrator            Guest                    Lilleyfamily             
UpdatusUser              
 
 
**** End of log ****
 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 FixCleaner     
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 panda security panda internet security 2014 firewall PSHOST.EXE 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 6% 
````````````````````End of Log`````````````````````` 


#8 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 07:26 AM

AutoRuns file is jibberish, I'm thinking i saved it wrong, will do the scan again.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.19.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Lilleyfamily :: LILLEYFAMILY-PC [administrator]
 
19/12/2013 9:09:04 PM
mbam-log-2013-12-19 (21-09-04).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 255261
Time elapsed: 5 minute(s), 16 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Lilleyfamily\Downloads\installer_avg-anti-virus_English.exe (PUP.Optional.Vittalia) -> Quarantined and deleted successfully.
 
(end)
 
 
# AdwCleaner v3.015 - Report created 19/12/2013 at 21:28:35
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lilleyfamily - LILLEYFAMILY-PC
# Running from : F:\New folder\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Lilleyfamily\AppData\LocalLow\Conduit
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Vittalia
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Lilleyfamily\AppData\Roaming\Mozilla\Firefox\Profiles\malrb9xe.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Lilleyfamily\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1498 octets] - [19/12/2013 21:24:34]
AdwCleaner[S0].txt - [1431 octets] - [19/12/2013 21:28:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1491 octets] ##########
 
 
And JRT Keeps freezing at checking Registry


#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 07:31 AM

Ok You need for now to remove AVG 2013 (Version: 13.0.3211)

 

Then Run the AVG removal tool.

 

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x64_2013_3341.exe

 

Reboot and attempt Junkware Removal tool again for me.

 

Also The Autoruns need to be changed to .txt under file type.



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 07:38 AM

Also With Revo Free Please Remove the Following items.



http://www.howtogeek.com/79926/completely-uninstall-programs-and-more-with-revo-uninstaller/ Instructions
http://www.revouninstaller.com/revo_uninstaller_free_download.html Download



Advanced Tech Support Rescue Connect (Version: 7.0.454)
Advertising Center (Version: 0.0.0.2)
DriverUpdate (Version: 2.2.30452)
FixCleaner (Version: 2.0.5013)
Spin & Win


I forgot to Ask Do you have another year of panda left or is a free version.....Would you like to keep it or what is the story with it?

Reason I ask is you had two antivirus applications.

#11 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 08:04 AM

Removed AVG, This is not my PC, I'm fixing it for a customer. Normally a Malwarebytes scan used to fix majority of computers infected. Now days not so. AVG must of been their previous AV, They now run Panda IS. 

 

Got logs of autoruns and JRT.

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "14/07/2009 2:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "20/11/2013 8:07 AM"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe" "14/10/2009 4:25 AM"
+ "mwlDaemon" "MyWinLocker" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwldaemon.exe" "26/05/2010 9:36 PM"
+ "OOTag" "OOTag" "Microsoft" "c:\program files (x86)\acer\oobeoffer\ootag.exe" "23/02/2010 3:22 PM"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe" "5/11/2013 5:58 PM"
+ "RtHDVBg_Dolby" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe" "5/11/2013 5:58 PM"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe" "24/10/2013 3:53 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "19/12/2013 10:36 PM"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe" "28/02/2009 11:10 AM"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "16/11/2012 12:18 PM"
+ "ArcadeMovieService" "clear.fi Movie Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\clear.fimovieservice.exe" "5/11/2010 7:23 PM"
+ "EEventManager" "EEventManager Application" "SEIKO EPSON CORPORATION" "c:\program files (x86)\epson software\event manager\eeventmanager.exe" "3/12/2009 11:06 AM"
+ "EgisTecPMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\pmmupdate.exe" "11/03/2010 12:03 AM"
+ "EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\egisupdate.exe" "11/03/2010 12:04 AM"
+ "Hotkey Utility" "Hotkey Utility" "" "c:\program files (x86)\acer\hotkey utility\hotkeyutility.exe" "3/12/2010 4:00 PM"
+ "MDS_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\mediaespresso\muitransfer\muistartmenu.exe" "19/05/2009 4:41 PM"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "6/07/2011 11:19 AM"
+ "SCANINICIO" "Inicio Programado" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\inicio.exe" "30/09/2013 11:33 PM"
+ "SuiteTray" "SuiteTray" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe" "26/05/2010 9:58 PM"
+ "UCam_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe" "19/05/2009 4:41 PM"
+ "YouCam Mirror Tray icon" "CyberLink YouCam Tray" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\youcamtray.exe" "5/02/2010 1:25 PM"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "19/12/2013 5:15 PM"
+ "Microsoft Office.lnk" "Microsoft Office XP component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office10\osa.exe" "13/02/2001 11:40 AM"
+ "PHOTOfunSTUDIO 8.0 SE.lnk" "AutoStartService" "Panasonic Corporation" "c:\program files (x86)\common files\panasonic\photofunstudio autostart\autostartupservice.exe" "2/12/2011 6:18 PM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "27/08/2010 8:48 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "14/07/2009 9:58 AM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "27/08/2010 8:48 PM"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" "4/12/2013 11:54 AM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "14/07/2009 9:42 AM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "18/11/2013 9:03 PM"
+ "EPSON TX120 NX120 Series" "EPSON Status Monitor 3" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\x64\3\e_iatiggp.exe" "14/09/2009 4:04 PM"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "20/11/2010 8:24 PM"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe" "1/03/2013 4:45 AM"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "14/07/2009 2:53 PM"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll" "28/02/2010 7:24 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll" "26/05/2010 9:35 PM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole64.dll" "30/09/2013 8:28 PM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll" "26/05/2010 9:31 PM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole.dll" "30/09/2013 8:36 PM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole64.dll" "30/09/2013 8:28 PM"
"HKLM\Software\Wow6432Node\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole.dll" "30/09/2013 8:36 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "1/03/2013 6:39 AM"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll" "2/04/2010 4:05 PM"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll" "2/04/2010 4:03 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\mwlshellext.dll" "26/05/2010 9:35 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "EDSshellExt" "Shell Extention" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlshellext.dll" "26/05/2010 9:31 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "14/07/2009 11:32 AM"
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll" "19/01/2013 12:38 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "14/07/2009 2:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "14/07/2009 11:09 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "27/08/2010 8:27 PM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "28/02/2009 6:16 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "27/08/2010 8:27 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "1/03/2013 6:39 AM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole64.dll" "30/09/2013 8:28 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "27/08/2010 8:27 PM"
+ "Panda Antivirus" "PAVOLE" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavole.dll" "30/09/2013 8:36 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "1/12/2013 12:03 PM"
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x64\psdprotect.dll" "26/05/2010 9:34 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "19/12/2013 10:39 PM"
+ "egisPSDP" "PSD DragDrop Protection" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\psdprotect.dll" "26/05/2010 9:30 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "20/11/2013 8:07 AM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll" "6/03/2013 7:37 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll" "22/04/2013 9:38 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "1/12/2013 9:59 AM"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "23/09/2010 5:12 PM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll" "6/03/2013 7:25 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll" "22/04/2013 9:26 PM"
"Task Scheduler" "" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.9 r900" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "27/09/2013 10:46 AM"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "2/06/2011 10:46 AM"
+ "\clear.fi" "clear.fi" "Acer Incorporated" "c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe" "11/11/2010 7:36 PM"
+ "\clear.fiAgent" "clear.fi Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe" "11/11/2010 7:36 PM"
+ "\DMREngine" "DMREngine" "CyberLink" "c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe" "9/11/2010 8:27 PM"
+ "\FixCleaner Scan" "FixCleaner" "Slimware Utilities, Inc." "c:\program files (x86)\fixcleaner\fixcleaner.exe" "12/09/2013 5:40 AM"
+ "\FixCleaner Startup" "FixCleaner" "Slimware Utilities, Inc." "c:\program files (x86)\fixcleaner\fixcleaner.exe" "12/09/2013 5:40 AM"
+ "\GlaryInitialize 3" "" "" "File not found: C:\Tools\GUP3\Initialize.exe" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "16/02/2012 12:43 PM"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "16/02/2012 12:43 PM"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "14/07/2009 9:53 AM"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "14/07/2009 9:53 AM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "23/09/2010 5:12 PM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "11/06/2009 6:36 AM"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "14/07/2009 10:24 AM"
+ "\Ojfoflcya" "" "" "File not found: C:\Windows\SysWOW64\unlodctrq.dll" ""
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "20/11/2010 8:24 PM"
+ "\SparkTrust PC Cleaner Plus" "" "" "File not found: C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe" ""
+ "\SparkTrust Registration3" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\uus3.dll" "7/06/2013 5:45 AM"
+ "\SparkTrust Update Version3" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\update3.exe" "7/06/2013 5:45 AM"
+ "\SparkTrust Update Version3 Startup Task" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\update3.exe" "7/06/2013 5:45 AM"
+ "\{8A65D7B7-EBEB-4E6F-B331-037DE5913076}" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe" "14/10/2013 1:34 PM"
+ "\{F55A75D4-1F75-4531-A155-4C1223D1A71C}" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe" "14/10/2013 1:34 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "6/12/2013 9:06 AM"
+ "ABBYY.Licensing.FineReader.Sprint.9.0" "This service is required for the operation of the ABBYY FineReader 9.0 Express Edition licensing mechanism." "ABBYY" "c:\program files (x86)\common files\abbyy\finereadersprint\9.00\licensing\networklicenseserver.exe" "15/05/2009 12:07 AM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "27/09/2013 10:46 AM"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "18/05/2012 1:06 PM"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "31/08/2011 3:52 PM"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe" "12/11/2009 7:18 PM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "16/02/2012 12:43 PM"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "16/02/2012 12:43 PM"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe" "14/10/2009 4:25 AM"
+ "MWLService" "MyWinLocker Service" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlocker\x86\mwlservice.exe" "26/05/2010 9:31 PM"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe" "20/08/2009 12:07 AM"
+ "nlsX86cc" "Nalpeiron Licensing Service" "Nalpeiron Ltd." "c:\windows\syswow64\nlssrv32.exe" "22/11/2010 9:16 AM"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe" "19/01/2013 12:37 AM"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe" "18/01/2013 11:00 PM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "10/01/2010 2:16 PM"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "12/08/2009 12:00 PM"
+ "Panda Software Controller" "Panda Software Controler" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\psctrls.exe" "20/11/2012 2:04 AM"
+ "PAVFNSVR" "Panda Function Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavfnsvr.exe" "21/09/2012 3:51 PM"
+ "PavPrSrv" "Panda Process Protection Service" "Panda Security, S.L." "c:\program files (x86)\common files\panda security\pavshld\pavprsrv.exe" "5/02/2008 1:17 AM"
+ "PAVSRV" "Enhanced On-Access Anti-Malware Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\pavsrvx86.exe" "13/04/2011 8:41 PM"
+ "PSHost" "Panda Host Service" "Panda Security International" "c:\program files (x86)\panda security\panda internet security 2014\firewall\pshost.exe" "24/11/2009 11:01 PM"
+ "PSIMSVC" "Panda Interface Manager Service" "Panda Security S.L." "c:\program files (x86)\panda security\panda internet security 2014\psimsvc.exe" "19/06/2008 8:58 PM"
+ "PskSvcRetail" "Anti-malware protection support executable" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\psksvc.exe" "16/08/2010 10:54 PM"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe" "1/03/2013 4:45 AM"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe" "18/01/2013 11:51 PM"
+ "TPSrv" "TPSrv Application" "Panda Security, S.L." "c:\program files (x86)\panda security\panda internet security 2014\tpsrvwow.exe" "16/11/2012 9:48 PM"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\acer\acer updater\updaterservice.exe" "28/01/2010 5:44 PM"
+ "USBS3S4Detection" "USB S3S4 Detection" "" "c:\oem\usbdection\usbs3s4detection.exe" "9/12/2009 7:19 PM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "27/05/2013 3:51 PM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "22/09/2010 7:46 AM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "20/11/2010 9:18 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "6/12/2013 9:06 AM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "6/12/2008 9:54 AM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "2/05/2007 3:30 AM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "28/02/2007 10:04 AM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "14/07/2009 9:19 AM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "19/03/2010 10:45 AM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "21/03/2009 4:36 AM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "20/03/2010 2:18 AM"
+ "AmFSM" "Panda On-Access Minifilter" "Panda Security, S.L." "c:\windows\system32\drivers\amm6460.sys" "27/03/2012 2:51 AM"
+ "APPFLT" "Panda APPFLT" "Panda Security, S.L." "c:\windows\system32\drivers\appflt64.sys" "28/01/2011 5:50 PM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "25/05/2007 7:27 AM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "15/01/2009 5:27 AM"
+ "AVer7231_x64" "The AVerMedia 7231 PCIe capture driver" "AVerMedia TECHNOLOGIES, Inc." "c:\windows\system32\drivers\aver7231_x64.sys" "8/04/2010 1:13 PM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "14/02/2009 8:18 AM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "26/04/2009 9:14 PM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "7/08/2006 11:51 AM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "7/08/2006 11:51 AM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "7/08/2006 11:51 AM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "7/08/2006 11:51 AM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "7/08/2006 11:51 AM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "9/08/2006 10:11 PM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "14/07/2009 9:19 AM"
+ "ComFiltr" "COMFiltr" "" "c:\windows\system32\drivers\comfiltr.sys" "7/06/2007 5:44 PM"
+ "DSAFLT" "" "Panda Security, S.L." "c:\windows\system32\drivers\dsaflt64.sys" "25/09/2009 10:04 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "1/01/2009 2:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "4/02/2009 8:52 AM"
+ "FNETMON" "Panda FNetMon" "Panda Security, S.L." "c:\windows\system32\drivers\fnetm64.sys" "25/09/2009 10:10 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "11/05/2009 6:26 PM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "21/04/2010 4:32 AM"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys" "10/12/2009 11:39 AM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "11/06/2010 10:46 AM"
+ "IDSFLT" "Intrusion Detection System" "Panda Security, S.L." "c:\windows\system32\drivers\idsflt64.sys" "9/09/2010 9:25 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "14/12/2005 7:47 AM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "5/11/2013 9:39 PM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "10/12/2008 8:46 AM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "19/05/2009 10:20 AM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "19/05/2009 10:31 AM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "17/04/2009 8:13 AM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "19/05/2009 11:09 AM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "19/05/2009 11:25 AM"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys" "2/06/2009 8:07 PM"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys" "2/06/2009 8:07 PM"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys" "2/06/2009 8:15 PM"
+ "NETFLTDI" "Panda TDI Filter" "Panda Security, S.L." "c:\windows\system32\drivers\nettdi64.sys" "25/09/2009 10:11 PM"
+ "NETIMFLT01060044" "netimflt" "Panda Security, S.L." "c:\windows\system32\drivers\n64i1644.sys" "1/09/2010 4:53 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "7/06/2006 7:11 AM"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys" "22/06/2010 8:07 AM"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 311.06 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys" "18/01/2013 11:22 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "20/03/2010 6:59 AM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "20/03/2010 6:45 AM"
+ "pavboot" "Panda Boot Driver" "Panda Security, S.L." "c:\windows\system32\drivers\pavboot64.sys" "23/06/2010 2:19 AM"
+ "PavTPK.sys" "" "" "File not found: C:\Windows\system32\PavTPK.sys" ""
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "23/01/2009 9:05 AM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "19/05/2009 11:18 AM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "22/03/2010 7:57 PM"
+ "RTL8192su" "Realtek RTL8192S USB NDIS Driver" "Realtek Semiconductor Corporation                           " "c:\windows\system32\drivers\rtl8192su.sys" "8/07/2010 5:18 PM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "13/09/2006 11:18 PM"
+ "ShldFlt" "Panda Anti-Virus Filesystem Minifilter" "Panda Security, S.L." "c:\windows\system32\drivers\shldflt.sys" "27/10/2009 8:04 PM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "25/09/2008 4:28 AM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "2/10/2008 7:56 AM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "18/02/2009 9:03 AM"
+ "SWDUMon" "Driver Update Installer Monitor" "" "c:\windows\system32\drivers\swdumon.sys" "23/06/2013 6:06 AM"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "28/11/2012 9:38 AM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "14/07/2009 9:19 AM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "31/01/2009 11:18 AM"
+ "WNMFLT" "" "Panda Security, S.L." "c:\windows\system32\drivers\wnmflt64.sys" "25/09/2009 10:07 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "3/12/2013 10:04 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "14/07/2009 11:28 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "19/12/2013 10:36 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "14/07/2009 11:06 AM"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm" "14/07/2009 11:06 AM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "20/11/2010 9:59 PM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "14/07/2009 2:53 PM"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "CyberLink Audio Decoder (PCMMovie)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claud.ax" "23/08/2010 5:41 PM"
+ "CyberLink Audio Effect (PCMMovie)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudfx.ax" "25/12/2009 6:54 PM"
+ "CyberLink Audio Spectrum Analyzer (PCMMovie)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudspa.ax" "25/02/2010 4:42 PM"
+ "CyberLink Audio Wizard (PCMMovie)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudwizard.ax" "14/08/2009 11:26 PM"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\navfilter\clnavx.ax" "8/09/2010 10:33 PM"
+ "CyberLink Line21 Decoder (PCMMovie)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clline21.ax" "24/07/2009 12:21 PM"
+ "Cyberlink SubTitle Importor (PCMMovie)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clsubtitle.ax" "19/01/2010 5:05 PM"
+ "CyberLink TimeStretch Filter (PCMMovie)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\clauts.ax" "14/06/2010 1:40 PM"
+ "CyberLink Tzan Filter (PCMMovie)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\cltzan.ax" "21/09/2010 8:54 PM"
+ "CyberLink Video/SP Decoder (PCMMovie)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clvsd.ax" "8/02/2010 1:31 AM"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "23/09/2010 5:28 PM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" "" "23/04/2012 7:51 PM"
+ "{BB0C7D26-4C31-421d-9552-F8C14B8097AE}" "LUMIX RAW Codec" "Panasonic Corporation" "c:\program files (x86)\common files\panasonic\rawcodec\panarawcodec.dll" "15/09/2009 10:04 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" "" "14/07/2009 2:53 PM"
+ "LUMIX RawDecoder Class" "LUMIX RAW Codec" "Panasonic Corporation" "c:\program files (x86)\common files\panasonic\rawcodec\panarawcodec.dll" "15/09/2009 10:04 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "14/07/2009 2:53 PM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "22/09/2010 7:47 AM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" "" "19/12/2013 10:36 PM"
+ "avldr" "On-Access Anti-Malware Scanner Sync" "On-Access Anti-Malware Scanner Sync" "c:\windows\system32\avldr64.dll" "24/03/2010 8:45 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "2/06/2012 3:20 PM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "31/08/2011 3:44 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "22/09/2010 7:00 AM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "22/09/2010 7:00 AM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "2/06/2012 3:20 PM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "31/08/2011 3:53 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/09/2010 7:45 AM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "22/09/2010 7:45 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "19/12/2013 10:37 PM"
+ "EPSON TX120 NX120 Series 64MonitorBP" "EPSON Bi-directional Monitor AMD64" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_ilmggp.dll" "12/11/2008 11:39 AM"
"C:\Users\Lilleyfamily\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" "" "6/12/2013 7:37 PM"
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-us\Gadget.xml" "14/07/2009 12:25 PM"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-us\Gadget.xml" "14/07/2009 12:24 PM"
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Lilleyfamily on Thu 19/12/2013 at 22:49:17.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\Users\Lilleyfamily\AppData\Roaming\fixcleaner"
Failed to delete: [Folder] "C:\Program Files (x86)\fixcleaner"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 19/12/2013 at 22:56:37.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
I will download and use revo uninstaller now, remove those programs u suggested. And i will head to bed after that, and return to this thread in the morning to see what else needs to be done.


#12 subby6

subby6
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:09:46 AM

Posted 19 December 2013 - 08:22 AM

Couldn't find Advertising Center (Version: 0.0.0.2) in Revo. Others all been removed.



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 08:49 AM

Open autoruns and under the task scheduler untick the items below.

+ "\FixCleaner Scan" "FixCleaner" "Slimware Utilities, Inc." "c:\program files (x86)\fixcleaner\fixcleaner.exe" "12/09/2013 5:40 AM"
+ "\FixCleaner Startup" "FixCleaner" "Slimware Utilities, Inc." "c:\program files (x86)\fixcleaner\fixcleaner.exe" "12/09/2013 5:40 AM"
+ "\GlaryInitialize 3" "" "" "File not found: C:\Tools\GUP3\Initialize.exe" ""
+ "\Ojfoflcya" "" "" "File not found: C:\Windows\SysWOW64\unlodctrq.dll" ""
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "20/11/2010 8:24 PM"
+ "\SparkTrust PC Cleaner Plus" "" "" "File not found: C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe" ""
+ "\SparkTrust Registration3" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\uus3.dll" "7/06/2013 5:45 AM"
+ "\SparkTrust Update Version3" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\update3.exe" "7/06/2013 5:45 AM"
+ "\SparkTrust Update Version3 Startup Task" "SparkTrust Systems Update" "SparkTrust Systems" "c:\program files (x86)\common files\sparktrust\uus3\update3.exe" "7/06/2013 5:45 AM"

Reboot the machine after you un-tick the items below.



Now with File Assasin please delete the following items.
https://www.malwarebytes.org/fileassassin/

Copy each file one at a time below and paste it into the file assasin window with out the "Quote"

Then Leave the default attempt File Assasin method of processing ticked and make sure you tick delete file for each item

 

After pasting each line in one at a time hit the execute button.

 

If the delete fails for one item then use the delete on boot function.


"c:\program files (x86)\common files\sparktrust\uus3\update3.exe"
"c:\program files (x86)\common files\sparktrust\uus3\update3.exe"
"c:\program files (x86)\common files\sparktrust\uus3\uus3.dll"
"c:\program files (x86)\fixcleaner\fixcleaner.exe"
"C:\Program Files (x86)\fixcleaner"
"C:\Users\Lilleyfamily\AppData\Roaming\fixcleaner"

 

 

 

Now please Run Junkware Removal Tool in safemode and post the new log.

 

 

 

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

___________________-

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin xp users double click . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

 

___________________________________________-
 

 

Download, & save & then run the MS Safety scanner
Run a Full Scan
http://www.microsoft.com/security/scanner/en-us/default.aspx
Post. the result.

The safety scanner log should be called msert.txt
It should be located in the same folder as where you had msert.exe
If not there, then look for it under c:\windows

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.


Edited by InadequateInfirmity, 19 December 2013 - 08:55 AM.


#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:46 PM

Posted 19 December 2013 - 09:13 AM

When you are done with the last set of instructions, reset your hosts file with this fix it.
http://support.microsoft.com/kb/972034
 
Un install  Adobe Reader 9
 
Replace it with the better software foxit reader. (IMO)
http://www.foxitsoftware.com/Secure_PDF_Reader/

 

I believe Fox it offers a toolbar so watch out for it when you install.

 

Now Since Panda Has a firewall please make sure that the windows firewall is disabled.

http://windows.microsoft.com/en-us/windows/turn-windows-firewall-on-off#turn-windows-firewall-on-off=windows-7



#15 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:46 AM

Posted 19 December 2013 - 03:29 PM

Is this the same computer as your topic here:

http://www.bleepingcomputer.com/forums/t/517922/google-website-not-opening-in-browsers/
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users