Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

jdj.openmace pop ups - Cannot remove Please help (DDS and HJT logs)


  • This topic is locked This topic is locked
2 replies to this topic

#1 hxadecmel

hxadecmel

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:44 PM

Posted 26 January 2014 - 11:17 AM

I'm pretty sure i now how i got his (Stupid me) but i can't seem to get rid of it!  Can anyone pleaqse assist? 

 

1) Reinstalled my OS a week or so ago (done yearly)

2) Ran Malwarebytes-Anti Malware and Spybot S&D, neither removed this.

3) I get tons of pop ups and everything in my browser gets redirected.

4) Lastpass and Meraki are there on purpose.

 

DDS Log

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by hex at 11:09:18 on 2014-01-26
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4086.1869 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Meraki\PCC Agent 1.0.87\m_agent_service.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\svchost.exe -k HPService
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Users\hex\Downloads\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: LastPass - C:\Users\hex\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\hex\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 216.170.153.146 216.165.129.158 8.8.8.8
TCP: Interfaces\{7162C60C-A1E3-49BB-B0EE-5F8205B0654C} : DHCPNameServer = 216.170.153.146 216.165.129.158 8.8.8.8
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\hex\AppData\Roaming\Mozilla\Firefox\Profiles\h2ssfuhd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.toolksearchbook.info/?pid=1249&r=2014/01/22&hid=13802048497488090658&lg=EN&cc=US&unqvl=46&l=1&q=
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.toolksearchbook.info/?pid=1249&r=2014/01/22&hid=13802048497488090658&lg=EN&cc=US&unqvl=46&l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 MerakiPCCAgent;Meraki Systems Manager Agent 1.0.87;C:\Program Files (x86)\Meraki\PCC Agent 1.0.87\m_agent_service.exe [2014-1-23 3103317]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2007-3-25 291840]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-1-20 111616]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-15 20992]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-15 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-15 1255736]
S4 ApRunSvc;Alps Application Launcher Service;C:\Program Files\Apoint2K\ApRunSvc.exe --> C:\Program Files\Apoint2K\ApRunSvc.exe [?]
.
=============== Created Last 30 ================
.
2014-01-26 06:59:45    75888    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68531758-36AA-426E-AF63-6472401C8B86}\offreg.dll
2014-01-26 06:59:18    10315576    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68531758-36AA-426E-AF63-6472401C8B86}\mpengine.dll
2014-01-26 05:58:33    10315576    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-25 05:59:53    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2014-01-25 05:59:53    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-25 05:11:21    --------    d-----w-    C:\Users\hex\AppData\Roaming\Malwarebytes
2014-01-25 05:10:58    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-01-25 05:10:57    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-01-25 05:10:57    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-23 22:41:01    --------    d-----w-    C:\Program Files (x86)\WinDirStat
2014-01-23 22:38:41    --------    d-----w-    C:\Users\hex\AppData\Roaming\HpUpdate
2014-01-23 22:38:40    --------    d-----w-    C:\Windows\Hewlett-Packard
2014-01-23 20:59:09    --------    d-----w-    C:\Program Files (x86)\Meraki
2014-01-23 20:49:30    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-23 20:49:30    965000    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27232EC9-21C8-4303-99C6-9F01D41FF3D8}\gapaengine.dll
2014-01-22 21:01:38    --------    d-----w-    C:\ProgramData\SNT
2014-01-22 21:01:37    --------    d-----w-    C:\Program Files (x86)\SNT
2014-01-22 21:01:03    --------    d-----w-    C:\Users\hex\AppData\Local\Programs
2014-01-22 21:00:54    --------    d-----w-    C:\ProgramData\House Of Soft
2014-01-22 21:00:05    --------    d-----w-    C:\ProgramData\YoutubeAdblocker
2014-01-22 20:59:48    --------    d-----w-    C:\Users\hex\AppData\Local\Packages
2014-01-22 20:59:48    --------    d-----w-    C:\ProgramData\gREattsavver
2014-01-22 20:59:48    --------    d-----w-    C:\Program Files (x86)\gREattsavver
2014-01-22 20:59:37    --------    d-----w-    C:\Users\hex\AppData\Local\Torch
2014-01-22 20:59:37    --------    d-----w-    C:\Users\hex\AppData\Local\Comodo
2014-01-22 20:59:37    --------    d-----w-    C:\ProgramData\9f09eb1adeec55b8
2014-01-22 20:59:02    --------    d-----w-    C:\ProgramData\InstallMate
2014-01-21 03:10:56    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2014-01-18 17:05:51    --------    d-----w-    C:\ProgramData\FirstClass
2014-01-18 17:05:51    --------    d-----w-    C:\Program Files (x86)\FirstClass
2014-01-18 15:12:14    2871808    ----a-w-    C:\Windows\explorer.exe
2014-01-18 15:12:14    2616320    ----a-w-    C:\Windows\SysWow64\explorer.exe
2014-01-18 15:12:11    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2014-01-18 15:12:11    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2014-01-18 15:12:08    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-01-18 15:12:08    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-01-18 15:12:05    67072    ----a-w-    C:\Windows\splwow64.exe
2014-01-18 15:12:05    559104    ----a-w-    C:\Windows\System32\spoolsv.exe
2014-01-18 15:08:02    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
2014-01-18 15:08:01    1887232    ----a-w-    C:\Windows\System32\d3d11.dll
2014-01-17 16:34:45    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
2014-01-17 16:34:45    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-01-17 16:34:45    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
2014-01-17 16:34:44    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
2014-01-17 16:24:57    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-16 18:50:43    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2014-01-16 18:49:48    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
2014-01-16 18:48:58    569344    ----a-w-    C:\Windows\System32\iphlpsvc.dll
2014-01-16 18:47:44    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-16 18:46:59    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2014-01-16 01:50:41    --------    d-----w-    C:\Windows\SysWow64\Wat
2014-01-16 01:50:41    --------    d-----w-    C:\Windows\System32\Wat
2014-01-16 00:47:29    --------    d-----w-    C:\Windows\System32\SPReview
2014-01-16 00:47:16    --------    d-----w-    C:\Windows\System32\EventProviders
2014-01-16 00:46:00    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2014-01-16 00:45:58    --------    d-----w-    C:\Program Files\Microsoft Security Client
2014-01-16 00:01:59    444752    ----a-w-    C:\Windows\System32\mscoree.dll
2014-01-16 00:00:36    529408    ----a-w-    C:\Windows\System32\wbemcomn.dll
2014-01-16 00:00:36    244736    ----a-w-    C:\Program Files\Windows Portable Devices\sqmapi.dll
2014-01-16 00:00:34    244736    ----a-w-    C:\Windows\System32\sqmapi.dll
2014-01-15 23:07:18    --------    d-----w-    C:\Windows\Panther
2014-01-15 22:42:00    --------    d-----r-    C:\Users\hex\Google Drive
2014-01-15 22:25:42    --------    d-----w-    C:\ProgramData\WEBREG
2014-01-15 22:24:51    --------    d-----w-    C:\Users\hex\AppData\Local\HP
2014-01-15 22:24:04    224768    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\hpzpp64w.dll
2014-01-15 22:21:30    --------    d-----w-    C:\Windows\SysWow64\spool
2014-01-15 22:20:49    --------    d-----w-    C:\Program Files (x86)\Common Files\HP
2014-01-15 22:20:48    --------    d-----w-    C:\Program Files (x86)\Common Files\Hewlett-Packard
2014-01-15 22:20:28    233472    ----a-w-    C:\Windows\SysWow64\hpzc364w.dll
2014-01-15 22:20:28    131072    ----a-w-    C:\Windows\System32\hpz3l64w.dll
2014-01-15 22:20:27    671816    ----a-w-    C:\Windows\SysWow64\hpcdmc32.dll
2014-01-15 22:20:24    --------    d-----w-    C:\Program Files (x86)\HP
2014-01-15 22:19:04    944128    ----a-w-    C:\Windows\System32\hpwwiax3.dll
2014-01-15 22:19:04    540672    ----a-w-    C:\Windows\System32\hppldcoi.dll
2014-01-15 22:19:04    488960    ----a-w-    C:\Windows\System32\hpovst11.dll
2014-01-15 22:19:04    359256    ----a-w-    C:\Windows\System32\hpzids40.dll
2014-01-15 22:19:04    1420288    ----a-w-    C:\Windows\System32\hpwtiop3.dll
2014-01-15 22:16:38    --------    d-----w-    C:\ProgramData\Oracle
2014-01-15 22:16:25    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 22:16:04    --------    d-----w-    C:\Users\hex\AppData\Roaming\Foxit Software
2014-01-15 22:15:01    --------    d-----w-    C:\Program Files (x86)\Foxit Software
2014-01-15 22:12:08    --------    d-----w-    C:\Program Files\Microsoft Synchronization Services
2014-01-15 22:11:58    --------    d-----w-    C:\Windows\PCHEALTH
2014-01-15 22:11:58    --------    d-----w-    C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-15 22:00:43    --------    d-----w-    C:\Program Files\Microsoft Analysis Services
2014-01-15 21:55:26    --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2014-01-15 21:46:26    --------    d-----w-    C:\Users\hex\AppData\Local\Macromedia
2014-01-15 21:43:33    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 21:43:33    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-15 21:42:31    --------    d-----w-    C:\Users\hex\AppData\Local\Microsoft Help
2014-01-15 21:40:22    --------    d-----w-    C:\Program Files (x86)\Elaborate Bytes
2014-01-15 21:27:44    --------    d-----w-    C:\Users\hex\AppData\Local\Adobe
2014-01-15 21:09:28    --------    d-----w-    C:\Program Files\AuthenTec
2014-01-15 21:05:59    2560    ----a-w-    C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-01-15 21:05:58    9728    ----a-w-    C:\Windows\System32\Wdfres.dll
2014-01-15 21:05:58    54376    ----a-w-    C:\Windows\System32\drivers\WdfLdr.sys
2014-01-15 20:58:02    --------    d-----w-    C:\Program Files\CONEXANT
2014-01-15 20:44:05    13024768    ----a-w-    C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-01-15 20:43:57    --------    d-----w-    C:\Program Files (x86)\LastPass
2014-01-15 20:43:00    --------    d-----w-    C:\Program Files\Apoint2K
2014-01-15 20:40:54    --------    d-----w-    C:\Users\hex\AppData\Local\Google
2014-01-15 20:38:07    87040    ----a-w-    C:\Windows\System32\drivers\WUDFPf.sys
2014-01-15 20:38:07    84992    ----a-w-    C:\Windows\System32\WUDFSvc.dll
2014-01-15 20:38:07    744448    ----a-w-    C:\Windows\System32\WUDFx.dll
2014-01-15 20:38:07    45056    ----a-w-    C:\Windows\System32\WUDFCoinstaller.dll
2014-01-15 20:38:07    229888    ----a-w-    C:\Windows\System32\WUDFHost.exe
2014-01-15 20:38:07    198656    ----a-w-    C:\Windows\System32\drivers\WUDFRd.sys
2014-01-15 20:38:07    194048    ----a-w-    C:\Windows\System32\WUDFPlatform.dll
2014-01-15 20:35:13    --------    d-sh--w-    C:\Windows\Installer
2014-01-15 20:35:02    1002008    ----a-w-    C:\Windows\SysWow64\igxpun.exe
2014-01-15 20:35:02    --------    d-----w-    C:\Windows\SysWow64\x64
2014-01-15 20:34:40    75376    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-01-15 20:34:40    272496    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-01-15 20:34:37    28272    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2014-01-15 20:34:36    170960    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2014-01-15 20:34:36    108144    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2014-01-15 20:33:19    23408    ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2014-01-15 20:33:18    5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2014-01-15 20:33:18    5120    ----a-w-    C:\Windows\System32\wmi.dll
2014-01-15 20:31:21    --------    d-----w-    C:\Windows\System32\MRT
2014-01-15 20:30:27    288768    ----a-w-    C:\Windows\System32\drivers\mrxsmb10.sys
2014-01-15 20:30:27    158208    ----a-w-    C:\Windows\System32\drivers\mrxsmb.sys
2014-01-15 20:30:27    128000    ----a-w-    C:\Windows\System32\drivers\mrxsmb20.sys
2014-01-15 20:28:59    708608    ----a-w-    C:\Program Files (x86)\Common Files\System\wab32.dll
2014-01-15 20:27:49    642944    ----a-w-    C:\Windows\System32\winload.efi
2014-01-15 20:24:45    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-01-15 20:24:45    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-01-15 20:24:45    331776    ----a-w-    C:\Windows\System32\oleacc.dll
2014-01-15 20:24:45    233472    ----a-w-    C:\Windows\SysWow64\oleacc.dll
2014-01-15 20:24:35    2164224    ----a-w-    C:\Program Files\Windows Journal\Journal.exe
2014-01-15 20:24:30    956928    ----a-w-    C:\Windows\System32\localspl.dll
2014-01-15 20:24:30    723456    ----a-w-    C:\Windows\System32\EncDec.dll
2014-01-15 20:24:30    534528    ----a-w-    C:\Windows\SysWow64\EncDec.dll
2014-01-15 20:24:29    39424    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2014-01-15 20:24:29    223752    ----a-w-    C:\Windows\System32\drivers\fvevol.sys
2014-01-15 20:24:07    90624    ----a-w-    C:\Windows\System32\drivers\bowser.sys
2014-01-15 20:23:42    690688    ----a-w-    C:\Windows\SysWow64\msvcrt.dll
2014-01-15 20:23:42    634880    ----a-w-    C:\Windows\System32\msvcrt.dll
2014-01-15 20:23:41    503808    ----a-w-    C:\Windows\System32\srcore.dll
2014-01-15 20:23:41    43008    ----a-w-    C:\Windows\SysWow64\srclient.dll
2014-01-15 20:23:41    296960    ----a-w-    C:\Windows\System32\rstrui.exe
2014-01-15 20:23:40    974336    ----a-w-    C:\Windows\System32\WFS.exe
2014-01-15 20:23:40    267776    ----a-w-    C:\Windows\System32\FXSCOVER.exe
2014-01-15 20:19:00    --------    d-----w-    C:\Users\hex\FrostWire
2014-01-15 20:17:49    230400    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2014-01-15 20:16:38    77312    ----a-w-    C:\Windows\System32\packager.dll
2014-01-15 20:16:38    67072    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-01-15 20:16:17    826880    ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2014-01-15 20:16:17    23552    ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2014-01-15 20:16:17    1031680    ----a-w-    C:\Windows\System32\rdpcore.dll
2014-01-15 20:13:07    2622464    ----a-w-    C:\Windows\System32\wucltux.dll
2014-01-15 20:13:04    99840    ----a-w-    C:\Windows\System32\wudriver.dll
2014-01-15 20:13:02    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-01-15 20:13:02    186752    ----a-w-    C:\Windows\System32\wuwebv.dll
.
==================== Find3M  ====================
.
2014-01-19 07:33:29    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-01-17 16:24:57    9728    ---ha-w-    C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-16 01:04:18    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2014-01-16 01:04:17    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2013-11-27 01:41:37    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-11 16:22:20    66856    ----a-w-    C:\Windows\System32\ibmpmsvc.exe
2013-11-11 16:22:20    60712    ----a-w-    C:\Windows\System32\ibmpmctl.exe
2013-11-11 16:22:20    54528    ----a-w-    C:\Windows\System32\drivers\ibmpmdrv.sys
2013-11-11 16:22:20    40232    ----a-w-    C:\Windows\System32\tpinspm.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
.
============= FINISH: 11:09:46.30 ===============
 

 

HJT log

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:14:06 AM, on 1/26/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)

FIREFOX: 26.0 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
C:\Users\hex\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Users\hex\AppData\LocalLow\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\hex\AppData\LocalLow\LastPass\context.html?cmd=fillforms
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Meraki Systems Manager Agent 1.0.87 (MerakiPCCAgent) - Unknown owner - C:\Program Files (x86)\Meraki\PCC Agent 1.0.87\m_agent_service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 8634 bytes
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:03:44 AM

Posted 27 January 2014 - 04:25 PM

Good evening. :)

Please download AdwCleaner by Xplode from here and save it to your Desktop.
 

  • Close all open programs, including browsers.
  • Double click adwcleaner.exe to begin.
  • Click on Search and, once complete, let me have the contents of the text that opens.
  • A copy of the text file will be saved to C:\AdwCleaner[R*].txt - make sure you post the file with the biggest "R" number.

 

 


So long, and thanks for all the fish.

 

 


#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:03:44 AM

Posted 01 February 2014 - 03:51 PM

Helpers are limited in the number of logs they can take by the time they have available and having threads sit idle means that somebody else who could be being helped has to wait.
Given that there has been no response for at least five days, and I have no way of knowing when there will be one, this thread is now closed.

When you are able to free up some time to work on your PC problem, feel free to start a fresh thread and somebody will be along as soon as to help.


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users