Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some unknown Malware/Virus causing Chrome to crash


  • This topic is locked This topic is locked
24 replies to this topic

#1 DranzerX13

DranzerX13

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 09 February 2014 - 01:24 AM

I got something that's infecting my laptop. something creating my viruses and whatever it is isn't being detected. I accidentally clicked on an ad on google chrome when I was browsing a website, and then some rogue malware scanner came up and said it was scanning my laptop. After that, google chrome kept crashing many times.
I used combofix, adwcleaner, malwarebytes, avira, adaware to clean my laptop. I uninstalled chrome, then reinstalled. everything worked fine
a day later it happens again, and got some different malware and viruses generated on my laptop. I did the same thing over and over and it keeps happeneing
 
Hijack this log:
 
Logfile of HijackThis v1.99.1
Scan saved at 10:15:01 PM, on 2/8/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
 
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\syswow64\wwahost.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\mIRC\mirc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tony\Desktop\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Ihbsoft] regsvr32.exe C:\Users\Tony\AppData\Local\Ihbsoft\trvpiljmsizwz.dll
O4 - Startup: EPUHelp.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix: 
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 

 


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.26.02
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Tony :: DRANZERX13 [administrator]
 
2/8/2014 9:36:21 AM
MBAM-log-2014-02-08 (21-17-09).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 389823
Time elapsed: 48 minute(s), 18 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 1
C:\Users\Tony\AppData\Local\Ihbsoft\trvpiljmsizwz.dll (Malware.Gen) -> No action taken.
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 5
C:\Users\Tony\AppData\Local\Ihbsoft\trvpiljmsizwz.dll (Malware.Gen) -> No action taken.
C:\ProgramData\Microsoft\BingDesktop\BingCore\temp\tmpE605.exe (Trojan.FakeMS) -> No action taken.
C:\Users\Tony\AppData\Local\temp\jkhparhz.exe (Trojan.FakeMS) -> No action taken.
C:\Users\Tony\AppData\Roaming\Adobe\acupx217.dll (Trojan.Inject) -> No action taken.
C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe (Trojan.Inject) -> No action taken.
 
(end)


BC AdBot (Login to Remove)

 


#2 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 09 February 2014 - 02:54 AM

Ad-Aware Antivirus
 
<?xml version="1.0"?>
-<Summary><ScanInfo EndTime="20140208T092330.791045" StartTime="20140208T073235.791045" ScanType="Full" ScanMode="Manual"/>-<InfectedObjects><InfectedObject ThreatName="Gen:Trojan.Heur2.LP.Wy4aaS3iyIl" ThreatType="Virus" ObjectStatus="MovedReboot" InnerObject="" ParentContainers="" ObjectPath="C:\Users\Tony\AppData\Local\Ihbsoft\trvpiljmsizwz.dll" ObjectType="File"/></InfectedObjects></Summary>


#3 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 09 February 2014 - 03:31 AM

Avira

 

 
 
Avira Free Antivirus
Report file date: Saturday, February 8, 2014  22:28
 
 
The program is running as an unrestricted full version.
Online services are available.
 
Licensee        : Avira Antivirus Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 8
Windows version : (plain)  [6.2.9200]
Boot mode       : Normally booted
Username        : Tony
Computer name   : DRANZERX13
 
Version information:
BUILD.DAT       : 14.0.2.286     55547 Bytes   12/9/2013 11:37:00
AVSCAN.EXE      : 14.0.2.254   1032760 Bytes  12/18/2013 07:57:06
AVSCANRC.DLL    : 14.0.2.180     52280 Bytes  12/18/2013 07:57:06
LUKE.DLL        : 14.0.2.234     65592 Bytes  12/18/2013 07:57:44
AVSCPLR.DLL     : 14.0.2.254    124472 Bytes  12/18/2013 07:57:06
AVREG.DLL       : 14.0.2.212    250424 Bytes  12/18/2013 07:57:05
avlode.dll      : 14.0.2.254    540216 Bytes  12/18/2013 07:57:02
avlode.rdf      : 13.0.1.70      56974 Bytes   1/30/2014 19:28:45
VBASE000.VDF    : 7.11.70.0   66736640 Bytes    4/4/2013 02:14:16
VBASE001.VDF    : 7.11.74.226  2201600 Bytes   4/30/2013 02:14:16
VBASE002.VDF    : 7.11.80.60   2751488 Bytes   5/28/2013 02:14:16
VBASE003.VDF    : 7.11.85.214  2162688 Bytes   6/21/2013 02:14:16
VBASE004.VDF    : 7.11.91.176  3903488 Bytes   7/23/2013 02:14:16
VBASE005.VDF    : 7.11.98.186  6822912 Bytes   8/29/2013 02:14:16
VBASE006.VDF    : 7.11.103.230  2293248 Bytes   9/24/2013 02:14:16
VBASE007.VDF    : 7.11.116.38  5485568 Bytes  11/28/2013 05:10:26
VBASE008.VDF    : 7.11.126.50  3615744 Bytes   1/22/2014 18:38:52
VBASE009.VDF    : 7.11.128.174  2030080 Bytes    2/3/2014 18:49:37
VBASE010.VDF    : 7.11.128.175     2048 Bytes    2/3/2014 18:49:37
VBASE011.VDF    : 7.11.128.176     2048 Bytes    2/3/2014 18:49:37
VBASE012.VDF    : 7.11.128.177     2048 Bytes    2/3/2014 18:49:37
VBASE013.VDF    : 7.11.128.178     2048 Bytes    2/3/2014 18:49:37
VBASE014.VDF    : 7.11.129.9    211456 Bytes    2/4/2014 12:49:08
VBASE015.VDF    : 7.11.129.163   215040 Bytes    2/6/2014 10:22:13
VBASE016.VDF    : 7.11.130.21   220672 Bytes    2/8/2014 13:17:11
VBASE017.VDF    : 7.11.130.22     2048 Bytes    2/8/2014 13:17:11
VBASE018.VDF    : 7.11.130.23     2048 Bytes    2/8/2014 13:17:11
VBASE019.VDF    : 7.11.130.24     2048 Bytes    2/8/2014 13:17:11
VBASE020.VDF    : 7.11.130.25     2048 Bytes    2/8/2014 13:17:11
VBASE021.VDF    : 7.11.130.26     2048 Bytes    2/8/2014 13:17:11
VBASE022.VDF    : 7.11.130.27     2048 Bytes    2/8/2014 13:17:11
VBASE023.VDF    : 7.11.130.28     2048 Bytes    2/8/2014 13:17:11
VBASE024.VDF    : 7.11.130.29     2048 Bytes    2/8/2014 13:17:11
VBASE025.VDF    : 7.11.130.30     2048 Bytes    2/8/2014 13:17:11
VBASE026.VDF    : 7.11.130.31     2048 Bytes    2/8/2014 13:17:11
VBASE027.VDF    : 7.11.130.32     2048 Bytes    2/8/2014 13:17:11
VBASE028.VDF    : 7.11.130.33     2048 Bytes    2/8/2014 13:17:11
VBASE029.VDF    : 7.11.130.34     2048 Bytes    2/8/2014 13:17:11
VBASE030.VDF    : 7.11.130.35     2048 Bytes    2/8/2014 13:17:11
VBASE031.VDF    : 7.11.130.56   103936 Bytes    2/8/2014 19:17:11
Engine version  : 8.2.14.2  
AEVDF.DLL       : 8.1.3.4       102774 Bytes  10/11/2013 02:14:14
AESCRIPT.DLL    : 8.1.4.186     520574 Bytes    2/7/2014 19:17:26
AESCN.DLL       : 8.1.10.6      131447 Bytes  12/11/2013 21:08:04
AESBX.DLL       : 8.2.20.6     1331575 Bytes   1/13/2014 17:35:42
AERDL.DLL       : 8.2.0.138     704888 Bytes   12/2/2013 16:00:28
AEPACK.DLL      : 8.3.3.12      774521 Bytes   1/23/2014 19:06:22
AEOFFICE.DLL    : 8.1.2.76      205181 Bytes  10/11/2013 02:14:14
AEHEUR.DLL      : 8.1.4.904    6455674 Bytes    2/7/2014 19:17:26
AEHELP.DLL      : 8.1.27.10     266618 Bytes  11/22/2013 15:53:51
AEGEN.DLL       : 8.1.7.22      446839 Bytes   1/15/2014 20:38:05
AEEXP.DLL       : 8.4.1.202     434552 Bytes    2/7/2014 19:17:27
AEEMU.DLL       : 8.1.3.2       393587 Bytes  10/11/2013 02:14:14
AECORE.DLL      : 8.1.34.0      229753 Bytes    2/5/2014 16:35:33
AEBB.DLL        : 8.1.1.4        53619 Bytes  10/11/2013 02:14:14
AVWINLL.DLL     : 14.0.2.180     23608 Bytes  12/18/2013 07:56:48
AVPREF.DLL      : 14.0.2.180     48696 Bytes  12/18/2013 07:57:04
AVREP.DLL       : 14.0.2.180    175672 Bytes  12/18/2013 07:57:05
AVARKT.DLL      : 14.0.2.254    256056 Bytes  12/18/2013 07:56:54
AVEVTLOG.DLL    : 14.0.2.180    165944 Bytes  12/18/2013 07:56:58
SQLITE3.DLL     : 3.7.0.1       394824 Bytes  10/11/2013 02:14:16
AVSMTP.DLL      : 14.0.2.180     60472 Bytes  12/18/2013 07:57:07
NETNT.DLL       : 14.0.2.180     13368 Bytes  12/18/2013 07:57:45
RCIMAGE.DLL     : 14.0.2.180   4788792 Bytes  12/18/2013 07:56:48
RCTEXT.DLL      : 14.0.2.236     72760 Bytes  12/18/2013 07:56:48
 
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Quarantine
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
 
Start of the scan: Saturday, February 8, 2014  22:28
 
Start scanning boot sectors:
Boot sector 'HDD0(C:)'
    [INFO]      No virus was found!
 
Starting search for hidden objects.
Error in ARK library
 
The scan of running processes will be started:
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '98' Module(s) have been scanned
Scan process 'svchost.exe' - '179' Module(s) have been scanned
Scan process 'svchost.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '90' Module(s) have been scanned
Scan process 'svchost.exe' - '83' Module(s) have been scanned
Scan process 'spoolsv.exe' - '70' Module(s) have been scanned
Scan process 'sched.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '84' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned
Scan process 'adminservice.exe' - '29' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '30' Module(s) have been scanned
Scan process 'CCDMonitorService.exe' - '34' Module(s) have been scanned
Scan process 'dsiwmis.exe' - '33' Module(s) have been scanned
Scan process 'dashost.exe' - '55' Module(s) have been scanned
Scan process 'ETDService.exe' - '14' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '33' Module(s) have been scanned
Scan process 'AdAwareService.exe' - '116' Module(s) have been scanned
Scan process 'mbamscheduler.exe' - '41' Module(s) have been scanned
Scan process 'mbamservice.exe' - '44' Module(s) have been scanned
Scan process 'IScheduleSvc.exe' - '96' Module(s) have been scanned
Scan process 'NvNetworkService.exe' - '49' Module(s) have been scanned
Scan process 'nvstreamsvc.exe' - '52' Module(s) have been scanned
Scan process 'RfBtnSvc64.exe' - '29' Module(s) have been scanned
Scan process 'c2c_service.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'YahooAUService.exe' - '68' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '29' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'avwebg7.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '57' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'ePowerSvc.exe' - '45' Module(s) have been scanned
Scan process 'RIconMan.exe' - '37' Module(s) have been scanned
Scan process 'LMS.exe' - '30' Module(s) have been scanned
Scan process 'UNS.exe' - '68' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '51' Module(s) have been scanned
Scan process 'iPodService.exe' - '38' Module(s) have been scanned
Scan process 'dwm.exe' - '57' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '55' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '65' Module(s) have been scanned
Scan process 'LMutilps32.exe' - '49' Module(s) have been scanned
Scan process 'taskhostex.exe' - '56' Module(s) have been scanned
Scan process 'ipoint.exe' - '60' Module(s) have been scanned
Scan process 'ETDCtrl.exe' - '60' Module(s) have been scanned
Scan process 'itype.exe' - '62' Module(s) have been scanned
Scan process 'mbamgui.exe' - '62' Module(s) have been scanned
Scan process 'Explorer.EXE' - '251' Module(s) have been scanned
Scan process 'LManager.exe' - '56' Module(s) have been scanned
Scan process 'unsecapp.exe' - '41' Module(s) have been scanned
Scan process 'MMDx64Fx.exe' - '45' Module(s) have been scanned
Scan process 'igfxext.exe' - '38' Module(s) have been scanned
Scan process 'LiveComm.exe' - '90' Module(s) have been scanned
Scan process 'ETDCtrlHelper.exe' - '33' Module(s) have been scanned
Scan process 'nvtray.exe' - '55' Module(s) have been scanned
Scan process 'nvstreamsvc.exe' - '57' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'NvBackend.exe' - '58' Module(s) have been scanned
Scan process 'igfxtray.exe' - '40' Module(s) have been scanned
Scan process 'hkcmd.exe' - '39' Module(s) have been scanned
Scan process 'igfxpers.exe' - '47' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '46' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '49' Module(s) have been scanned
Scan process 'NvTmru.exe' - '54' Module(s) have been scanned
Scan process 'AdAwareTray.exe' - '67' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '182' Module(s) have been scanned
Scan process 'fdm.exe' - '81' Module(s) have been scanned
Scan process 'Skype.exe' - '137' Module(s) have been scanned
Scan process 'regsvr32.exe' - '24' Module(s) have been scanned
Scan process 'ePowerTray.exe' - '60' Module(s) have been scanned
Scan process 'regsvr32.exe' - '55' Module(s) have been scanned
Scan process 'BackupManagerTray.exe' - '51' Module(s) have been scanned
Scan process 'avgnt.exe' - '95' Module(s) have been scanned
Scan process 'mbamgui.exe' - '57' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '78' Module(s) have been scanned
Scan process 'VCDDaemon.exe' - '37' Module(s) have been scanned
Scan process 'jusched.exe' - '33' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '89' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '64' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '40' Module(s) have been scanned
Scan process 'unsecapp.exe' - '41' Module(s) have been scanned
Scan process 'ePowerEvent.exe' - '32' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '75' Module(s) have been scanned
Scan process 'wwahost.exe' - '82' Module(s) have been scanned
Scan process 'iuEmailOutlookAgent.exe' - '65' Module(s) have been scanned
Scan process 'iuBrowserIEAgent.exe' - '65' Module(s) have been scanned
Scan process 'iexplore.exe' - '85' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '83' Module(s) have been scanned
Scan process 'iexplore.exe' - '83' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '83' Module(s) have been scanned
Scan process 'mirc.exe' - '100' Module(s) have been scanned
Scan process 'chrome.exe' - '90' Module(s) have been scanned
Scan process 'chrome.exe' - '75' Module(s) have been scanned
Scan process 'chrome.exe' - '54' Module(s) have been scanned
Scan process 'chrome.exe' - '54' Module(s) have been scanned
Scan process 'chrome.exe' - '54' Module(s) have been scanned
Scan process 'chrome.exe' - '54' Module(s) have been scanned
Scan process 'AdAwareDesktop.exe' - '70' Module(s) have been scanned
Scan process 'avcenter.exe' - '138' Module(s) have been scanned
Scan process 'avscan.exe' - '104' Module(s) have been scanned
Scan process 'vssvc.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '35' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '24' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '25' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '15' Module(s) have been scanned
Scan process 'wininit.exe' - '19' Module(s) have been scanned
Scan process 'services.exe' - '24' Module(s) have been scanned
Scan process 'lsass.exe' - '61' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'WinLogon.exe' - '24' Module(s) have been scanned
 
Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
NOT signed -> 'C:\Windows\system32\winlogon.exe'
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
Signed -> 'C:\Windows\explorer.exe'
NOT signed -> 'C:\Windows\system32\smss.exe'
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
NOT signed -> 'C:\Windows\system32\services.exe'
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
NOT signed -> 'C:\Windows\system32\lsass.exe'
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
NOT signed -> 'C:\Windows\system32\csrss.exe'
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)
 
Starting to scan executable files (registry):
C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
  [WARNING]   The file could not be opened!
The registry was scanned ( '2222' files ).
 
 
Starting the file scan:
 
Begin scan in 'C:\' <Acer>
C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
  [WARNING]   The file could not be opened!
 
Beginning disinfection:
C:\Windows\system32\csrss.exe
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      A backup was created as '5ac791e1.qua'  ( QUARANTINE )
  [WARNING]   The file was ignored.
C:\Windows\system32\lsass.exe
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      A backup was created as '4261be46.qua'  ( QUARANTINE )
  [WARNING]   The file was ignored.
C:\Windows\system32\services.exe
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      A backup was created as '100fe4a0.qua'  ( QUARANTINE )
  [WARNING]   The file was ignored.
C:\Windows\system32\smss.exe
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      A backup was created as '763bab6a.qua'  ( QUARANTINE )
  [WARNING]   The file was ignored.
C:\Windows\system32\winlogon.exe
  [DETECTION] Contains suspicious code HEUR/Modified.SystemFile
  [NOTE]      The detection was classified as suspicious.
  [NOTE]      A backup was created as '33b08658.qua'  ( QUARANTINE )
  [WARNING]   The file was ignored.
 
 
End of the scan: Sunday, February 9, 2014  00:31
Used time:  2:02:43 Hour(s)
 
The scan has been done completely.
 
  37244 Scanned directories
 820588 Files were scanned
      0 Viruses and/or unwanted programs were found
      5 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      5 Files were moved to quarantine
      0 Files were renamed
      2 Files cannot be scanned
 820581 Files not concerned
   8288 Archives were scanned
      7 Warnings
      5 Notes
    118 Objects were scanned with rootkit scan
      0 Hidden objects were found


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:49 PM

Posted 12 February 2014 - 02:35 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply, DO NOT ATTACH THEM

Let me know what problem persists.

#5 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 12 February 2014 - 04:48 PM

RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Tony [Admin rights]
Mode : Remove -- Date : 02/12/2014 13:47:43
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll [x] -> UNLOADED
[SUSP PATH][DLL] explorer.exe -- C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll [x] -> UNLOADED
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. 
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10JPVT-22A1YT0 +++++
--- User ---
[MBR] 4b7e5b2f5b870870dc844d8bd881a5bb
[BSP] b64bd97171c1b5f941de12d40f393ad0 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_02122014_134743.txt >>
RKreport[0]_S_02122014_134657.txt


#6 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 12 February 2014 - 04:53 PM

# AdwCleaner v3.018 - Report created 12/02/2014 at 13:49:53
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Tony - DRANZERX13
# Running from : C:\Users\Tony\Desktop\Tony's Stuff\Combo Fix\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16798
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3544 octets] - [21/01/2014 10:37:00]
AdwCleaner[R1].txt - [1257 octets] - [29/01/2014 00:06:33]
AdwCleaner[R2].txt - [996 octets] - [29/01/2014 21:13:25]
AdwCleaner[R3].txt - [1116 octets] - [10/02/2014 11:20:38]
AdwCleaner[R4].txt - [1236 octets] - [12/02/2014 13:48:56]
AdwCleaner[S0].txt - [3260 octets] - [21/01/2014 10:39:10]
AdwCleaner[S1].txt - [1326 octets] - [29/01/2014 00:07:54]
AdwCleaner[S2].txt - [1056 octets] - [29/01/2014 21:14:11]
AdwCleaner[S3].txt - [1178 octets] - [10/02/2014 11:21:45]
AdwCleaner[S4].txt - [1158 octets] - [12/02/2014 13:49:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1218 octets] ##########


#7 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 12 February 2014 - 04:59 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8 x64
Ran by Tony on Wed 02/12/2014 at 13:55:18.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\free download manager
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1B76E9E6-533E-450C-A4AD-3D58B134A638}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CD2A7961-D03F-42E2-BB97-C949F3D87D9E}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/12/2014 at 13:58:59.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 12 February 2014 - 05:02 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014
Ran by Tony (administrator) on DRANZERX13 on 12-02-2014 14:01:01
Running from C:\Users\Tony\Desktop\Tony's Stuff\Combo Fix
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1119240268-3075232798-881746312-1002\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1119240268-3075232798-881746312-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {087614B2-9524-62CE-3F62-5DBB25500CDA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {36148EEB-FEEF-AAED-875D-7D2ADA795C99} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {087614B2-9524-62CE-3F62-5DBB25500CDA} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
SearchScopes: HKCU - {CD2A7961-D03F-42E2-BB97-C949F3D87D9E} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (YouTube) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-01]
CHR Extension: (Adblock Plus) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-09]
CHR Extension: (Google Search) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (Skype Click to Call) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]
CHR Extension: (Gmail) - C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]
CHR HKLM-x32\...\Chrome\Extension: [jhjjdgbhohaallcimgcmakfiobacimkm] - C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx [2014-02-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
 
==================== Services (Whitelisted) =================
 
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-11-06] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [48176 2010-02-04] (Cypress Semiconductor)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-27] (Dritek System Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-19] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-12 14:00 - 2014-02-12 14:01 - 00000000 ____D () C:\FRST
2014-02-12 13:58 - 2014-02-12 13:58 - 00001338 _____ () C:\Users\Tony\Desktop\JRT.txt
2014-02-12 13:55 - 2014-02-12 13:55 - 00000000 ____D () C:\Windows\ERUNT
2014-02-12 13:47 - 2014-02-12 13:47 - 00001958 _____ () C:\Users\Tony\Desktop\RKreport[0]_D_02122014_134743.txt
2014-02-12 13:46 - 2014-02-12 13:46 - 00001863 _____ () C:\Users\Tony\Desktop\RKreport[0]_S_02122014_134657.txt
2014-02-12 13:45 - 2014-02-12 13:48 - 00000000 ____D () C:\Users\Tony\Desktop\RK_Quarantine
2014-02-12 05:52 - 2014-02-12 05:52 - 00000000 ____D () C:\Program Files (x86)\ZD Soft
2014-02-11 20:19 - 2014-02-11 20:19 - 00000645 _____ () C:\Windows\setupact.log
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-11 17:44 - 2014-02-01 01:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 17:44 - 2014-02-01 01:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 17:44 - 2014-02-01 01:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 17:44 - 2014-02-01 01:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-11 17:44 - 2014-02-01 01:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 17:44 - 2014-02-01 01:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 17:44 - 2014-01-31 23:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-11 17:44 - 2014-01-31 23:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-11 17:44 - 2014-01-31 23:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-11 17:44 - 2014-01-31 23:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-11 17:44 - 2014-01-31 23:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 17:44 - 2014-01-31 23:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-11 17:44 - 2014-01-31 21:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-11 17:44 - 2013-12-08 16:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-11 17:44 - 2013-12-08 15:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 17:44 - 2013-12-04 15:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 17:44 - 2013-12-04 15:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 17:44 - 2013-12-04 15:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 17:44 - 2013-12-04 15:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 17:44 - 2013-11-26 16:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-11 17:44 - 2013-11-25 15:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-11 17:44 - 2013-10-31 21:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-11 17:43 - 2014-02-11 17:51 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-02-11 17:43 - 2014-02-11 17:43 - 00002865 _____ () C:\Users\Tony\Desktop\AppLocale.lnk
2014-02-11 17:43 - 2014-02-01 01:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 17:43 - 2014-02-01 01:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 17:43 - 2014-02-01 01:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 17:43 - 2014-01-31 23:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-11 17:43 - 2014-01-31 23:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-11 17:43 - 2014-01-31 23:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-11 17:43 - 2014-01-31 23:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-11 17:43 - 2014-01-12 15:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 17:43 - 2014-01-12 15:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 17:43 - 2013-11-19 16:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 17:43 - 2013-11-19 15:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 16:20 - 2014-02-11 16:20 - 00002210 _____ () C:\Users\Public\Desktop\ドラゴンクエストX オンライン.lnk
2014-02-11 16:18 - 2014-02-11 16:18 - 00000000 ____D () C:\Program Files (x86)\SquareEnix
2014-02-10 13:39 - 2014-02-12 13:55 - 00597066 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 13:38 - 2014-02-10 13:38 - 00000998 _____ () C:\Windows\PFRO.log
2014-02-10 11:47 - 2014-02-10 11:47 - 00025572 _____ () C:\ComboFix.txt
2014-02-06 05:38 - 2014-02-12 05:51 - 00000000 ____D () C:\Users\Tony\Desktop\Dragon Quest Monsters 2
2014-02-03 11:44 - 2014-02-03 11:44 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Lavasoft
2014-02-03 11:30 - 2014-02-12 13:52 - 00002309 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files\Lavasoft
2014-02-03 11:29 - 2014-02-03 11:29 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-02-02 20:15 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-02-02 20:14 - 2014-02-02 20:14 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\QuickScan
2014-02-01 15:32 - 2014-02-12 13:51 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-01 15:32 - 2014-02-12 13:42 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-01 15:32 - 2014-02-12 00:37 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-01 15:32 - 2014-02-12 00:37 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-01 15:32 - 2014-02-03 21:39 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-29 12:40 - 2014-01-29 12:40 - 00000299 _____ () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (3).lnk
2014-01-29 04:33 - 2014-01-29 04:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-01-27 03:30 - 2014-01-27 03:30 - 00000299 _____ () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
2014-01-26 21:14 - 2014-01-26 21:15 - 00000000 ____D () C:\Program Files (x86)\Ppsspp
2014-01-26 21:14 - 2014-01-26 21:14 - 00001473 _____ () C:\Users\Tony\Desktop\PPSSPP.lnk
2014-01-26 21:10 - 2014-01-25 00:35 - 1003782144 _____ () C:\Users\Tony\Desktop\Fairy Tail Portable Guild 3.iso
2014-01-24 07:02 - 2014-01-24 07:02 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-24 07:02 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-24 07:02 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-24 07:02 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-24 07:02 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-22 17:09 - 2014-01-22 17:09 - 22574455 _____ () C:\Users\Tony\AppData\Local\census.cache
2014-01-22 17:00 - 2014-01-22 17:00 - 00103216 _____ () C:\Users\Tony\AppData\Local\ars.cache
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\winlogon.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\smss.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\services.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\lsass.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\csrss.exe
2014-01-22 10:46 - 2014-01-22 10:46 - 00000036 _____ () C:\Users\Tony\AppData\Local\housecall.guid.cache
2014-01-21 10:50 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-21 10:50 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-21 10:50 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-21 10:50 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-21 10:49 - 2014-02-10 11:47 - 00000000 ____D () C:\Qoobox
2014-01-21 10:49 - 2014-01-21 10:57 - 00000000 ____D () C:\Windows\erdnt
2014-01-21 10:36 - 2014-02-12 13:50 - 00000000 ____D () C:\AdwCleaner
2014-01-17 13:45 - 2014-01-17 13:45 - 00001113 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-01-17 13:45 - 2014-01-17 13:45 - 00000000 ____D () C:\Users\Tony\AppData\Local\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-01-15 12:41 - 2013-12-06 22:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 12:41 - 2013-12-06 22:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 12:41 - 2013-12-06 21:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 12:41 - 2013-12-06 21:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-13 09:54 - 2014-01-13 09:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-13 09:52 - 2014-01-29 21:30 - 00000000 ____D () C:\Windows\pss
2014-01-13 06:03 - 2014-01-13 06:03 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\LavasoftStatistics
2014-01-13 05:49 - 2014-01-13 05:49 - 00000000 ____D () C:\ProgramData\Lavasoft
 
==================== One Month Modified Files and Folders =======
 
2014-02-12 14:01 - 2014-02-12 14:00 - 00000000 ____D () C:\FRST
2014-02-12 14:00 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-12 13:58 - 2014-02-12 13:58 - 00001338 _____ () C:\Users\Tony\Desktop\JRT.txt
2014-02-12 13:56 - 2013-10-23 13:33 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1119240268-3075232798-881746312-1002
2014-02-12 13:55 - 2014-02-12 13:55 - 00000000 ____D () C:\Windows\ERUNT
2014-02-12 13:55 - 2014-02-10 13:39 - 00597066 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 13:52 - 2014-02-03 11:30 - 00002309 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-02-12 13:51 - 2014-02-01 15:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 13:50 - 2014-01-21 10:36 - 00000000 ____D () C:\AdwCleaner
2014-02-12 13:50 - 2012-07-25 23:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 13:50 - 2012-07-25 21:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-02-12 13:48 - 2014-02-12 13:45 - 00000000 ____D () C:\Users\Tony\Desktop\RK_Quarantine
2014-02-12 13:47 - 2014-02-12 13:47 - 00001958 _____ () C:\Users\Tony\Desktop\RKreport[0]_D_02122014_134743.txt
2014-02-12 13:46 - 2014-02-12 13:46 - 00001863 _____ () C:\Users\Tony\Desktop\RKreport[0]_S_02122014_134657.txt
2014-02-12 13:42 - 2014-02-01 15:32 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 13:34 - 2013-10-24 20:46 - 00000000 ____D () C:\Users\Tony\AppData\Local\CrashDumps
2014-02-12 13:24 - 2013-12-29 19:17 - 00000000 ____D () C:\Program Files (x86)\Replay Video Capture 6
2014-02-12 11:26 - 2013-10-23 16:09 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\mIRC
2014-02-12 06:43 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\rescache
2014-02-12 05:52 - 2014-02-12 05:52 - 00000000 ____D () C:\Program Files (x86)\ZD Soft
2014-02-12 05:52 - 2013-10-23 13:58 - 00001006 _____ () C:\Users\Public\Desktop\Screen Recorder.lnk
2014-02-12 05:51 - 2014-02-06 05:38 - 00000000 ____D () C:\Users\Tony\Desktop\Dragon Quest Monsters 2
2014-02-12 01:25 - 2012-07-25 23:28 - 00850046 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 00:37 - 2014-02-01 15:32 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 00:37 - 2014-02-01 15:32 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 00:04 - 2013-10-23 14:38 - 00013858 _____ () C:\Users\Tony\Desktop\Bleach WSJ Dates.txt
2014-02-12 00:01 - 2013-10-25 20:24 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\HandBrake
2014-02-11 22:05 - 2013-12-23 15:55 - 00425520 _____ () C:\Users\Tony\Desktop\DQM2 3DS walkthrough.txt
2014-02-11 20:19 - 2014-02-11 20:19 - 00000645 _____ () C:\Windows\setupact.log
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-11 20:19 - 2014-02-11 20:19 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-11 19:08 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-11 17:51 - 2014-02-11 17:43 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-02-11 17:43 - 2014-02-11 17:43 - 00002865 _____ () C:\Users\Tony\Desktop\AppLocale.lnk
2014-02-11 16:20 - 2014-02-11 16:20 - 00002210 _____ () C:\Users\Public\Desktop\ドラゴンクエストX オンライン.lnk
2014-02-11 16:18 - 2014-02-11 16:18 - 00000000 ____D () C:\Program Files (x86)\SquareEnix
2014-02-11 16:18 - 2012-10-23 23:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-11 15:18 - 2013-10-23 17:17 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Media Player Classic
2014-02-10 13:38 - 2014-02-10 13:38 - 00000998 _____ () C:\Windows\PFRO.log
2014-02-10 12:25 - 2014-01-01 00:46 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Skype
2014-02-10 11:47 - 2014-02-10 11:47 - 00025572 _____ () C:\ComboFix.txt
2014-02-10 11:47 - 2014-01-21 10:49 - 00000000 ____D () C:\Qoobox
2014-02-10 11:46 - 2012-07-25 21:26 - 00000215 _____ () C:\Windows\system.ini
2014-02-10 11:40 - 2013-10-23 13:25 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Adobe
2014-02-10 11:39 - 2013-10-23 13:25 - 00000000 ___RD () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-10 11:22 - 2014-01-12 01:23 - 00000000 ____D () C:\Users\Tony\AppData\Local\Ihbsoft
2014-02-09 07:36 - 2013-10-23 14:39 - 00000000 ____D () C:\Users\Tony\Desktop\Tony's Stuff
2014-02-06 00:03 - 2013-11-10 23:52 - 00000157 _____ () C:\Windows\SysWOW64\SystemPreferences.xml
2014-02-03 21:39 - 2014-02-01 15:32 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 11:44 - 2014-02-03 11:44 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Lavasoft
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files\Lavasoft
2014-02-03 11:29 - 2014-02-03 11:29 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-02-02 20:14 - 2014-02-02 20:14 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\QuickScan
2014-02-01 17:12 - 2013-12-26 12:43 - 00000000 ____D () C:\Users\Tony\Desktop\Pokemon XY DOR
2014-02-01 17:12 - 2013-12-26 00:09 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\FileZilla
2014-02-01 17:02 - 2013-10-24 12:11 - 00000000 ____D () C:\Users\Tony\AppData\Local\WMTools Downloaded Files
2014-02-01 16:30 - 2013-10-24 12:10 - 00016896 _____ () C:\Users\Tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 15:33 - 2013-10-23 13:39 - 00000000 ____D () C:\Users\Tony\AppData\Local\Google
2014-02-01 15:32 - 2013-10-23 13:39 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-01 15:32 - 2013-10-23 13:38 - 00000000 ____D () C:\Users\Tony\AppData\Local\Deployment
2014-02-01 15:32 - 2013-10-23 13:38 - 00000000 ____D () C:\Users\Tony\AppData\Local\Apps\2.0
2014-02-01 15:31 - 2013-11-25 22:01 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\Sony
2014-02-01 15:31 - 2013-10-23 13:37 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\uTorrent
2014-02-01 15:27 - 2013-10-24 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 01:20 - 2014-02-11 17:44 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 01:19 - 2014-02-11 17:44 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 01:19 - 2014-02-11 17:44 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 01:19 - 2014-02-11 17:44 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 01:19 - 2014-02-11 17:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 01:18 - 2014-02-11 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 01:18 - 2014-02-11 17:43 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 01:18 - 2014-02-11 17:43 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 01:18 - 2014-02-11 17:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-31 23:58 - 2014-02-11 17:44 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-31 23:58 - 2014-02-11 17:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-31 23:58 - 2014-02-11 17:44 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-31 23:57 - 2014-02-11 17:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-31 23:57 - 2014-02-11 17:43 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-31 23:57 - 2014-02-11 17:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-31 23:57 - 2014-02-11 17:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-31 23:57 - 2014-02-11 17:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-31 23:40 - 2014-02-11 17:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-31 23:34 - 2014-02-11 17:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-31 21:08 - 2014-02-11 17:44 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-30 13:10 - 2012-07-26 00:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 13:10 - 2012-07-26 00:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-29 21:30 - 2014-01-13 09:52 - 00000000 ____D () C:\Windows\pss
2014-01-29 12:40 - 2014-01-29 12:40 - 00000299 _____ () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (3).lnk
2014-01-29 04:33 - 2014-01-29 04:33 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-01-28 19:45 - 2013-11-12 14:05 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\vlc
2014-01-28 19:31 - 2013-10-23 14:38 - 00000000 ____D () C:\Users\Tony\Desktop\Metal Fight Beyblade Zero G scripts
2014-01-27 03:30 - 2014-01-27 03:30 - 00000299 _____ () C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
2014-01-27 01:40 - 2013-10-29 09:25 - 00011607 _____ () C:\Users\Tony\AppData\Roaming\Requiem.log
2014-01-27 00:18 - 2013-11-12 13:56 - 00000000 ____D () C:\Users\Tony\AppData\Local\WinAVI
2014-01-26 21:15 - 2014-01-26 21:14 - 00000000 ____D () C:\Program Files (x86)\Ppsspp
2014-01-26 21:14 - 2014-01-26 21:14 - 00001473 _____ () C:\Users\Tony\Desktop\PPSSPP.lnk
2014-01-25 11:33 - 2014-01-09 23:05 - 00000000 ____D () C:\Users\Tony\Desktop\BeyRaiderz
2014-01-25 00:35 - 2014-01-26 21:10 - 1003782144 _____ () C:\Users\Tony\Desktop\Fairy Tail Portable Guild 3.iso
2014-01-24 07:02 - 2014-01-24 07:02 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-24 07:02 - 2013-10-29 09:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-24 07:02 - 2013-10-29 09:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-24 07:02 - 2013-10-23 16:09 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-01-22 17:09 - 2014-01-22 17:09 - 22574455 _____ () C:\Users\Tony\AppData\Local\census.cache
2014-01-22 17:00 - 2014-01-22 17:00 - 00103216 _____ () C:\Users\Tony\AppData\Local\ars.cache
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\winlogon.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\smss.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\services.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\lsass.exe
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 _____ () C:\Windows\SysWOW64\csrss.exe
2014-01-22 10:46 - 2014-01-22 10:46 - 00000036 _____ () C:\Users\Tony\AppData\Local\housecall.guid.cache
2014-01-21 15:03 - 2013-10-23 13:24 - 00000000 ____D () C:\Users\Tony
2014-01-21 10:57 - 2014-01-21 10:49 - 00000000 ____D () C:\Windows\erdnt
2014-01-18 02:11 - 2013-10-23 17:45 - 00000000 ____D () C:\Program Files (x86)\Perfect Dark
2014-01-17 13:45 - 2014-01-17 13:45 - 00001113 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-01-17 13:45 - 2014-01-17 13:45 - 00000000 ____D () C:\Users\Tony\AppData\Local\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-01-17 13:44 - 2014-01-17 13:44 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-01-17 08:36 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\WinStore
2014-01-15 13:35 - 2013-10-23 20:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 13:32 - 2013-10-23 20:36 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 09:57 - 2014-01-13 09:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-13 09:54 - 2014-01-12 02:35 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-13 06:03 - 2014-01-13 06:03 - 00000000 ____D () C:\Users\Tony\AppData\Roaming\LavasoftStatistics
2014-01-13 05:49 - 2014-01-13 05:49 - 00000000 ____D () C:\ProgramData\Lavasoft
 
Some content of TEMP:
====================
C:\Users\Tony\AppData\Local\temp\avgnt.exe
C:\Users\Tony\AppData\Local\temp\ntdll_dump.dll
C:\Users\Tony\AppData\Local\temp\Quarantine.exe
C:\Users\Tony\AppData\Local\temp\winsvc.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-06 03:00
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014
Ran by Tony at 2014-02-12 14:01:34
Running from C:\Users\Tony\Desktop\Tony's Stuff\Combo Fix
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (x32 Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3011 - Acer Incorporated)
Acer System Information (x32 Version: 1.0.0 - Acer)
AcerCloud (x32 Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (x32 Version: 1.00.3201 - Acer Incorporated)
Ad-Aware Antivirus (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Aegisub 3.0.4 (Version: 3.0.4 - Aegisub Team)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (x32 Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.4 - Atheros Communications Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Boilsoft Video Joiner 6.57 (x32 Version:  - Boilsoft, Inc.)
Boilsoft Video Splitter 6.34 (x32 Version:  - Boilsoft, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (x32 Version: 8.0.1.903 - TechSmith Corporation)
CCleaner (Version: 4.10 - Piriform)
Combined Community Codec Pack 2013-10-17 (x32 Version: 2013.10.17.0 - CCCP Project)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
DivX Setup (x32 Version: 2.6.1.84 - DivX, LLC)
Dolby Home Theater v4 (x32 Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dolphin (x32 Version: 4.0.1 - Dolphin Development Team)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Decrypter (Remove Only) (x32 Version:  - )
Emicsoft Video Converter (x32 Version:  - )
ETDWare PS/2-X64 11.6.8.001_WHQL (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
ffdshow v1.3.4515 [2013-06-12] (x32 Version: 1.3.4515.0 - )
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Free Video Flip and Rotate version 2.1.9.827 (x32 Version: 2.1.9.827 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
HijackThis 1.99.1 (x32 Version: 1.99.1 - Soeperman Enterprises Ltd.)
Identity Card (x32 Version: 2.00.3004 - Acer Incorporated)
Intel® Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (Version: 10.6.0.40 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Launch Manager (x32 Version: 7.0.4 - Acer Inc.)
Live Updater (x32 Version: 2.00.3004 - Acer Incorporated)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft AppLocale (x32 Version: 1.0.0 - MS)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (Version:  - )
mIRC (x32 Version: 7.32 - mIRC Co. Ltd.)
MPC-HC 1.7.0 (64-bit) (Version: 1.7.0.7858 - MPC-HC Team)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Mumble 1.2.4 (x32 Version: 1.2.4 - Thorvald Natvig)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA Control Panel 331.58 (Version: 331.58 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8 (Version: 1.8 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.58 (Version: 331.58 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12 - NVIDIA Corporation)
Office Addin (x32 Version: 2.01.3200 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41 - Qualcomm Atheros)
Ragnarok Online 2 (x32 Version: 1.0.0 - Gravity Interactive, Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Replay Video Capture 6 (x32 Version: 6.0.6 - Applian Technologies Inc.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Smart Cutter for DV and DVB (x32 Version: 1.00.0000 - FameRing)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update for Japanese Microsoft IME Postal Code Dictionary (x32 Version: 15.0.1157 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (x32 Version: 15.0.1080 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (x32 Version: 15.0.1080 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
USB Gamepad (x32 Version: 1.00.0000 - GASIA)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (Version: 12.0.670 - Sony)
VirtualCloneDrive (x32 Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
VLC media player 2.1.0 (x32 Version: 2.1.0 - VideoLAN)
VobSub v2.23 (Remove Only) (x32 Version:  - )
WildTangent Games (x32 Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
WinAVI Video Converter 9.0 (x32 Version: 9.0 - WinAVI Video Converter 9.0)
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0 - Microsoft Corporation)
World of Warcraft (x32 Version:  - Blizzard Entertainment)
XSplit Broadcaster (x32 Version: 1.3.1401.0901 - SplitMediaLabs)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
Yahoo! Messenger (x32 Version:  - Yahoo! Inc.)
Yahoo! Software Update (x32 Version:  - )
ZD Soft Screen Recorder (x32 Version: 6.1.0 - ZD Soft)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
ドラゴンクエストX オンライン (x32 Version: 1.0.1.0 - SQUARE ENIX CO., LTD.)
 
==================== Restore Points  =========================
 
09-02-2014 17:42:04 Scheduled Checkpoint
12-02-2014 01:41:02 Installed Microsoft AppLocale
 
==================== Hosts content: ==========================
 
2013-12-28 11:22 - 2014-01-29 21:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {18F0C60E-F67B-49D7-A895-2071D297C120} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {19897DC5-32FB-4BFE-9A9A-E7354AF50D6D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {342524A1-0684-4798-801F-58610E54325D} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {39618927-74F5-48BD-A1D8-8DDCFC3D37B8} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {3D49F6DD-95AF-453E-8B44-ECE5BC823455} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {4E322CE1-6C88-4319-9187-75007C28B0AA} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: {6045A01F-5662-4ED2-B5D8-7783F161474F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)
Task: {9B634D61-135C-4D6E-89A3-FEC5657F312F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {9CF8FF75-8DEB-444F-80C9-EB5AFB02054B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-29] ()
Task: {A2A114C1-8CB3-4953-AAE7-9DE89101904B} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE8ED81C-DD41-4687-B7C5-2990A176E5E0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CF4B517E-81E8-465A-A7ED-FDDF3864A0D0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {D081B7F8-14CD-4030-9B7D-3AE02CB02C28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01] (Google Inc.)
Task: {D644DE6B-F6C6-44FB-A983-C169AC86A085} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E3D8A3DE-6B2C-4E87-8B58-C4CBBFAF7B52} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EE4AF2B6-CB5C-45C6-832D-9F28461C11ED} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-10-28 20:16 - 2012-10-22 19:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2012-08-22 14:04 - 2012-08-22 14:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-22 14:04 - 2012-08-22 14:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2014-01-12 01:16 - 2014-01-12 01:16 - 02493440 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
2014-01-12 01:16 - 2014-01-12 01:16 - 02179584 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2013-10-23 13:42 - 2013-10-10 18:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 22:26 - 2012-08-22 22:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-22 22:25 - 2012-08-22 22:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-22 22:26 - 2012-08-22 22:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-22 22:25 - 2012-08-22 22:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-22 22:25 - 2012-08-22 22:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-22 22:25 - 2012-08-22 22:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-22 22:26 - 2012-08-22 22:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-10-23 19:30 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2013-10-23 19:29 - 2012-05-25 03:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2013-10-24 13:35 - 2013-10-15 16:48 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-27 10:23 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-10 11:46:06.085
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-10 11:46:06.048
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-10 11:39:40.864
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-10 11:39:40.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-01-29 21:24:29.444
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-01-29 21:24:29.397
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-01-29 00:03:19.145
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-01-29 00:03:19.118
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-01-21 10:56:06.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 23%
Total physical RAM: 8010.27 MB
Available physical RAM: 6118.77 MB
Total Pagefile: 9226.27 MB
Available Pagefile: 7160.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:913.7 GB) (Free:784.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 42740210)
 
Partition: GPT Partition Type
==================== End Of Log ============================


#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:49 PM

Posted 13 February 2014 - 08:32 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start


[B]SearchScopes: HKLM - DefaultScope {CD2A7961-D03F-42E2-BB97-C949F3D87D9E} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dstrmsd&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzzyCtBzz0CyD0CyEzytDtN0D0Tzu0CyCzztBtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1Q1B2Z1C1H1B1Q&cr=296488721&ir=
SearchScopes: HKLM - {CD2A7961-D03F-42E2-BB97-C949F3D87D9E} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dstrmsd&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzzyCtBzz0CyD0CyEzytDtN0D0Tzu0CyCzztBtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1Q1B2Z1C1H1B1Q&cr=296488721&ir=
SearchScopes: HKCU - {CD2A7961-D03F-42E2-BB97-C949F3D87D9E} URL =
CHR HKLM-x32\...\Chrome\Extension: [jhjjdgbhohaallcimgcmakfiobacimkm] - C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx [2014-02-01]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X][/B]
DisableService: AppMgmt
C:\Program Files (x86)\BuzzSearch

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please let me know what problem persists.

#10 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 13 February 2014 - 08:52 PM

 Results of screen317's Security Check version 0.99.79  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Ad-Aware Antivirus   
Windows Defender     
Avira Desktop        
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Out of date HijackThis  installed! 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 HijackThis 1.99.1    
 Java 7 Update 51  
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareService.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:49 PM

Posted 14 February 2014 - 09:05 AM


HijackThis is not compatible with Windows 7. I suggest you remove it using the Add/Remove Program.

Out of date HijackThis installed!
HijackThis 1.99.1


In the future you should now use the DDS tool to report a problem.

+++

Any remaining issue?

#12 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 14 February 2014 - 04:04 PM

it was fine til lthis morning. When I was watching YouTube, Chrome crashed twice, but maybe because I had Adblock Plus enabled on YouTube? I'll let you know if it crashes again after this weekend.


Edited by DranzerX13, 14 February 2014 - 04:04 PM.


#13 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 18 February 2014 - 02:02 AM

Chrome has crashes like 4 times over the weekend for me. it's come back again whatever it is.



#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:49 PM

Posted 18 February 2014 - 08:57 AM

Please run the AdwCleaner tool. You will be prompted to update please do.

Post a fresh log for my review.

#15 DranzerX13

DranzerX13
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 18 February 2014 - 02:42 PM

# AdwCleaner v3.019 - Report created 18/02/2014 at 11:38:42
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Tony - DRANZERX13
# Running from : C:\Users\Tony\Desktop\Tony's Stuff\Combo Fix\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\TechSmith
Folder Deleted : C:\Users\Tony\AppData\Local\TechSmith
Folder Deleted : C:\Users\Tony\AppData\Roaming\TechSmith
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\caphyon
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Tony\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3544 octets] - [21/01/2014 10:37:00]
AdwCleaner[R1].txt - [1257 octets] - [29/01/2014 00:06:33]
AdwCleaner[R2].txt - [996 octets] - [29/01/2014 21:13:25]
AdwCleaner[R3].txt - [1116 octets] - [10/02/2014 11:20:38]
AdwCleaner[R4].txt - [1236 octets] - [12/02/2014 13:48:56]
AdwCleaner[R5].txt - [2194 octets] - [18/02/2014 11:36:53]
AdwCleaner[S0].txt - [3260 octets] - [21/01/2014 10:39:10]
AdwCleaner[S1].txt - [1326 octets] - [29/01/2014 00:07:54]
AdwCleaner[S2].txt - [1056 octets] - [29/01/2014 21:14:11]
AdwCleaner[S3].txt - [1178 octets] - [10/02/2014 11:21:45]
AdwCleaner[S4].txt - [1298 octets] - [12/02/2014 13:49:53]
AdwCleaner[S5].txt - [2133 octets] - [18/02/2014 11:38:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2193 octets] ##########





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users