Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ssaVe Google Chrome Extension Problem that won't go away


  • This topic is locked This topic is locked
4 replies to this topic

#1 MonDen

MonDen

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 07 July 2014 - 09:07 AM

Hi all, first post on the website and I've really been struggling to remove this problem that I have, I was reading this forum (http://www.bleepingcomputer.com/forums/t/537305/ssave-onu-is-it-malware-how-to-delete-it/) because it was the same problem I was having and was wandering if anybody here would be able to help me out, my DDS logs follow and I have attached the file I have to attach, thanks in advance for any help.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17126
Run by Andrew at 15:01:15 on 2014-07-07
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.8134.5193 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
d:\PROGRA~1\AVG\AVG2014\avgrsa.exe
D:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
D:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
D:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
D:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
D:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Plantronics\GameCom780\GameCom780.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
D:\Program Files (x86)\Steam\Steam.exe
D:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files (x86)\AVG\AVG2014\avgui.exe
D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3323924&octid=EB_ORIGINAL_CTID&ISID=MD21CDACF-FD23-46CC-ABD0-1C656175D686&SearchSource=55&CUI=&UM=6&UP=SP56D92667-8C8F-4199-A8D4-D4CB7A2AF142&SSPV=
mWinlogon: Userinit = userinit.exe
uRun: [Steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Facebook Update] "C:\Users\Andrew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [PWRISOVM.EXE] D:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [D3DOverrider] "D:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVG_UI] "D:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{232B7C8E-5348-4B6F-BAC5-41075B2B107A} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{232B7C8E-5348-4B6F-BAC5-41075B2B107A}\35B4953343834343 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{84D46474-4C11-4540-B3AD-B83E74954421} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-17 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-7-7 50464]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-18 239616]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-9-2 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-9-2 951936]
R2 AVGIDSAgent;AVGIDSAgent;D:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
R2 avgwd;AVG WatchDog;D:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-4 2222416]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-6-5 190824]
R2 vToolbarUpdater3.1.0;vToolbarUpdater3.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [2014-7-7 1814040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2013-10-3 12032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-8-29 49152]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 PlantronicsGC;PLTGC Interface;C:\Windows\System32\drivers\PLTGC.sys [2013-7-26 1327104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-26 20992]
S3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2013-11-15 33448]
S3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2013-11-15 30888]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;WatAdminSvc;C:\Windows\System32\Wat\WatAdminSvc.exe --> C:\Windows\System32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2014-07-07 13:14:46 -------- d-----w- C:\Users\Andrew\AppData\Local\AVG Web TuneUp
2014-07-07 13:14:44 -------- d-----w- C:\ProgramData\AVG Security Toolbar
2014-07-07 13:14:43 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-07-07 13:14:11 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2014-07-07 13:14:11 -------- d-----w- C:\ProgramData\AVG Secure Search
2014-07-07 13:14:11 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-07-07 13:14:10 -------- d-----w- C:\Program Files (x86)\AVG Web TuneUp
2014-07-04 17:45:26 -------- d-----w- C:\Users\Andrew\AppData\Roaming\AVG2014
2014-07-04 17:45:09 -------- d-----w- C:\Users\Andrew\AppData\Roaming\TuneUp Software
2014-07-04 17:45:05 -------- d--h--w- C:\$AVG
2014-07-04 17:45:05 -------- d-----w- C:\ProgramData\AVG2014
2014-07-04 17:41:37 -------- d--h--w- C:\ProgramData\Common Files
2014-07-04 17:41:37 -------- d-----w- C:\Users\Andrew\AppData\Local\MFAData
2014-07-04 17:41:37 -------- d-----w- C:\Users\Andrew\AppData\Local\Avg2014
2014-07-04 17:41:37 -------- d-----w- C:\ProgramData\MFAData
2014-07-04 17:38:08 -------- d-----w- C:\Users\Andrew\AppData\Local\SearchProtect
2014-07-04 17:38:04 -------- d-----w- C:\Program Files (x86)\SearchProtect
2014-07-04 17:37:01 -------- d-----w- C:\ProgramData\Teddy App
2014-07-04 17:36:50 -------- d-----w- C:\Program Files (x86)\SW-Booster
2014-07-04 17:36:38 -------- d-----w- C:\ProgramData\Adblocker
2014-07-04 17:36:38 -------- d-----w- C:\Program Files (x86)\Adblocker
2014-07-04 17:36:33 -------- d-----w- C:\Users\Andrew\AppData\Local\Packages
2014-07-04 17:36:33 -------- d-----w- C:\ProgramData\savve oni
2014-07-04 17:36:33 -------- d-----w- C:\Program Files (x86)\savve oni
2014-07-04 17:36:28 -------- d-----w- C:\Users\Andrew\AppData\Local\Torch
2014-07-04 17:36:28 -------- d-----w- C:\Users\Andrew\AppData\Local\Comodo
2014-07-04 17:36:28 -------- d-----w- C:\Users\Andrew\AppData\Local\Chromatic Browser
2014-07-04 17:36:28 -------- d-----w- C:\ProgramData\be2a64533a48888f
2014-07-04 17:36:10 -------- d-----w- C:\ProgramData\InstallMate
2014-07-04 12:13:35 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EABEC9FC-CB22-4AAF-926C-2D0A7AF4D5D7}\mpengine.dll
2014-07-02 13:42:07 -------- d-----w- C:\Users\Andrew\AppData\Local\storage
2014-06-22 21:36:35 -------- d-----w- C:\Users\Andrew\AppData\Local\Uber Entertainment
2014-06-18 16:56:58 -------- d-----w- C:\Users\Andrew\AppData\Local\ATI
2014-06-18 16:56:53 0 ----a-w- C:\Windows\ativpsrm.bin
2014-06-18 16:55:52 -------- d-----w- C:\ProgramData\AMD
2014-06-18 16:55:51 -------- d-----w- C:\Program Files (x86)\AMD AVT
2014-06-18 16:55:29 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2014-06-18 16:55:25 -------- d-----w- C:\Program Files\ATI
2014-06-18 16:54:58 -------- d-----w- C:\Program Files\ATI Technologies
2014-06-18 16:54:22 -------- d-----w- C:\AMD
2014-06-17 17:20:37 -------- d-----w- C:\Program Files (x86)\Raptr
2014-06-17 17:09:41 -------- d-----w- C:\Users\Andrew\AppData\Local\WindowsApplication1
2014-06-17 16:24:50 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-06-17 15:53:11 -------- d-----w- C:\Program Files\AMD
2014-06-17 15:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 15:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2014-06-17 15:06:58 269080 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 15:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 15:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 15:06:22 153368 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 15:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 15:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2014-06-11 07:14:32 -------- d-----w- C:\ProgramData\Steam
.
==================== Find3M  ====================
.
2014-07-02 13:17:17 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-07-02 13:17:17 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-06-26 17:37:23 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-06-24 18:24:05 291944 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-13 18:03:17 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 18:03:17 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-08 09:32:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-18 02:43:08 127872 ----a-w- C:\Windows\System32\amdhcp64.dll
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2014-04-18 02:43:06 117560 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2014-04-18 02:43:00 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2014-04-18 02:42:58 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2014-04-18 02:42:58 117584 ----a-w- C:\Windows\System32\atiu9p64.dll
2014-04-18 02:42:56 99520 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2014-04-18 02:42:54 1343272 ----a-w- C:\Windows\System32\aticfx64.dll
2014-04-18 02:42:52 1117184 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2014-04-18 02:42:48 10335208 ----a-w- C:\Windows\System32\atidxx64.dll
2014-04-18 02:42:46 8866928 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2014-04-18 02:42:40 6796592 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2014-04-18 02:42:36 6799688 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2014-04-18 02:42:30 7520200 ----a-w- C:\Windows\System32\atiumd6a.dll
2014-04-18 02:42:28 8010968 ----a-w- C:\Windows\System32\atiumd64.dll
2014-04-18 02:39:06 274656 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-04-18 02:36:46 15376384 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-04-18 02:23:08 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-04-18 02:22:58 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2014-04-18 02:22:58 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2014-04-18 02:22:56 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2014-04-18 02:22:56 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2014-04-18 02:22:54 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-04-18 02:22:48 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-04-18 02:22:42 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-04-18 02:22:38 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-04-18 02:22:32 28685824 ----a-w- C:\Windows\System32\amdocl64.dll
2014-04-18 02:19:54 24107520 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-04-18 02:17:28 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-04-18 02:17:24 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-04-18 02:13:30 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-04-18 02:13:10 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-04-18 02:12:54 27907584 ----a-w- C:\Windows\System32\atio6axx.dll
2014-04-18 02:12:48 5442048 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-04-18 01:58:32 4358656 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-04-18 01:51:44 23409152 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-04-18 01:46:34 368128 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-04-18 01:46:26 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-04-18 01:46:24 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-04-18 01:46:18 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-04-18 01:46:18 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-04-18 01:46:04 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-04-18 01:45:56 91136 ----a-w- C:\Windows\System32\mantleaxl64.dll
2014-04-18 01:45:46 85504 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2014-04-18 01:42:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-04-18 01:33:06 48128 ----a-w- C:\Windows\System32\amdmmcl6.dll
2014-04-18 01:33:02 37888 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2014-04-18 01:30:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2014-04-18 01:30:02 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2014-04-18 01:29:54 586240 ----a-w- C:\Windows\System32\atieclxx.exe
2014-04-18 01:29:24 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-04-18 01:28:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2014-04-18 01:21:30 806912 ----a-w- C:\Windows\System32\coinst_14.100.dll
2014-04-18 01:09:20 1177600 ----a-w- C:\Windows\System32\atiadlxx.dll
2014-04-18 01:09:00 848896 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2014-04-18 01:08:50 95744 ----a-w- C:\Windows\System32\amdave64.dll
2014-04-18 01:08:44 90112 ----a-w- C:\Windows\SysWow64\amdave32.dll
2014-04-18 01:08:34 89088 ----a-w- C:\Windows\System32\atisamu64.dll
2014-04-18 01:08:28 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2014-04-18 01:07:54 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2014-04-18 01:07:46 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2014-04-18 01:07:46 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2014-04-18 01:07:36 146944 ----a-w- C:\Windows\System32\atig6txx.dll
.
============= FINISH: 15:01:24.95 ===============

Attached Files


Edited by hamluis, 07 July 2014 - 09:31 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:14 PM

Posted 07 July 2014 - 03:30 PM

Good evening. :)

Do you have any bookmarks that you are bothered about saving as the simple way to remove this should be to fully remove Chrome and then reinstall it. Let me know if this is acceptable to you and i'll post the instructions as you'll need to remove a folder or two as well as using the Control Panel.


So long, and thanks for all the fish.

 

 


#3 MonDen

MonDen
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 07 July 2014 - 04:08 PM

Thanks for the reply, but I don't think that's the problem as I have uninstalled the extension in Chrome, but whenever I restart my PC, it simply reinstalls itself.

I'll give reinstalling chrome a try though



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:14 PM

Posted 07 July 2014 - 05:38 PM

You'll need to delete the following folder: C:\Users\USERNAME\AppData\Local\Google\Chrome\

 

Let me know how you get on.


So long, and thanks for all the fish.

 

 


#5 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:11:14 PM

Posted 12 July 2014 - 12:54 PM

Let me know how you get on.

 

Or not.

 

As there has been no response for five days this thread is now closed.


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users