Jump to content

lauras2013

Honorary Members
  • Posts

    33
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I think we can close this topic & Thanks for your help. I wasn't able to get anything done, not even a reset. Apparently it's not seeing my hard drive at all. Luckily it's under warranty and Asus will put in a new one. I was using windows defender, is there any particular software you recommend for preventing this? I didn't see anything on the forums, but I'm probably missing it... Again, thanks. :0)
  2. I'm on windows 8. I'm downloading an installation disk & will post again if I am able to get into the computer via safe mode, it looks like it will take a while...
  3. I forgot to say that I hadn't done that last step yet- had to get to work.
  4. Ok, so this morning I woke up and malwarebytes found 308 infections. I woke my son up and asked what programs he has been using (although before I looked for any 'torrent' programs and found none.) I went to go to his log in and the computer stalled. It just wouldn't go anywhere. I shut it down (juts by pressing power button) and tried to start again- and again it is on but not doing anything. I tried F8 but nothing is happening. I am going to go insane. So first, if there is anyway I can get into my computer that would be great. Then second, how would I know if he is using any peer to peer software?
  5. Here is the doc... it shows windows defender was up but it didn't stop me or anything. let me know if you want me to try again with it turned off Results of screen317's Security Check version 0.99.96 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 31 Java version 32-bit out of Date! Java 64-bit 8 Update 31 Adobe Flash Player 16.0.0.305 Adobe Reader 10.1.13 Adobe Reader out of Date! Mozilla Firefox (35.0.1) Google Chrome (40.0.2214.111) Google Chrome (40.0.2214.115) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  6. Ok,last 2! Thanks again for your help! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.2 (02.02.2015:1)OS: Windows 8.1 x64Ran by Laura on Fri 02/20/2015 at 13:37:02.65~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin" ~~~ FireFox Emptied folder: C:\Users\Laura\AppData\Roaming\mozilla\firefox\profiles\jbpqc4lc.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Fri 02/20/2015 at 13:39:51.74End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 10 23:00:57 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0 Results Summary:----------------No infection found.Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 10 23:09:46 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 11:03:50 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 11:04:08 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 11:23:20 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 11:23:33 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 12:14:25 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 12:14:38 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 12:49:14 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 12:49:18 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 13:14:37 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 19:08:27 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 19:10:44 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 11 20:32:54 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 11 20:33:01 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 12 18:08:39 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 12 18:08:52 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 12 21:23:08 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 12 21:23:14 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 12 22:53:14 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 12 22:53:25 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 13 09:17:08 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 13 09:17:14 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 13 10:36:36 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 13 10:36:55 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 13 11:35:55 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 13 11:36:00 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 13 12:35:39 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 13 12:35:45 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 13 15:12:33 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 08:53:13 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 08:53:20 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 09:28:35 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 09:28:38 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 09:41:34 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 09:41:44 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 09:53:43 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 09:53:49 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 10:18:01 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 10:18:13 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 11:10:10 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 19:20:30 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 19:24:39 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 20:31:28 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 20:31:39 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 20:35:59 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 20:36:03 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 20:47:00 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 20:47:08 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sat Feb 14 21:04:10 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 14 21:04:15 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 13:02:35 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 13:35:39 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 15 13:37:26 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 14:23:58 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 15 14:24:05 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 14:33:16 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 15 14:33:18 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 17:50:09 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 15 17:50:18 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Sun Feb 15 21:58:00 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 11:07:04 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 11:07:43 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 16:01:24 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 16:01:29 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 17:29:26 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 17:29:30 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 20:43:51 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 20:43:54 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 20:46:51 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 20:46:54 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 21:03:32 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 21:03:36 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 21:19:53 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 21:19:57 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 21:25:41 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 21:25:43 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 21:33:38 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 21:33:42 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 21:42:42 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 21:42:47 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 22:01:38 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 16 22:01:43 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Mon Feb 16 22:35:25 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 09:28:31 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 09:28:44 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 10:05:34 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 10:05:37 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 13:11:26 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 13:11:30 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 13:51:22 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 13:51:24 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 14:50:45 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 14:50:52 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 17:33:18 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 17:33:24 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 17:43:23 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 17:43:28 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Tue Feb 17 19:33:57 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 17 19:34:13 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 09:40:10 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 09:40:31 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 10:48:12 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 11:18:04 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 11:19:11 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 11:50:45 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 11:50:51 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 12:09:54 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 12:09:57 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 13:00:44 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 13:00:52 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 13:15:34 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 13:15:35 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 13:29:56 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 13:29:58 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 17:18:30 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 17:18:41 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 21:17:32 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 22:49:46 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 22:50:01 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 23:06:17 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 23:06:21 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Wed Feb 18 23:24:29 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Wed Feb 18 23:24:33 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 19 16:47:09 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 19 16:58:03 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 19 18:14:14 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 19 18:14:20 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 19 20:35:34 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 19 20:36:03 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Thu Feb 19 23:33:45 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Thu Feb 19 23:34:06 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 20 11:05:06 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 20 11:06:54 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 20 12:48:24 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0Microsoft Windows Malicious Software Removal Tool Finished On Fri Feb 20 12:48:49 2015 Return code: 0 (0x0) ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 20 13:04:40 2015 ---------------------------------------------------------------------------------------Microsoft Windows Malicious Software Removal Tool v5.21, February 2015 (build 5.21.11102.0)Started On Fri Feb 20 13:43:28 2015 Engine: 1.1.11302.0Signatures: 1.191.3593.0
  7. First three steps done.. still working. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01Ran by Laura at 2015-02-20 12:14:26 Run:1Running from C:\Users\Laura\DesktopLoaded Profiles: Laura (Available profiles: Laura & Cole & Guest)Boot Mode: Normal============================================== Content of fixlist:*****************startHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONS2 csrcc; "C:\Program Files\shopperz\csrcc.exe" [X]C:\Program Files\shopperzU4 BthAvrcpTg; No ImagePathU4 BthHFEnum; No ImagePathU4 bthhfhid; No ImagePathU0 ikavq; C:\Windows\System32\drivers\dwuywgg.sys [79064 2015-02-19] (Malwarebytes Corporation)C:\Windows\System32\drivers\dwuywgg.sysU0 lndmkbit; C:\Windows\System32\drivers\daheeyp.sys [79064 2015-02-18] (Malwarebytes Corporation)C:\Windows\System32\drivers\daheeyp.sysU0 uinmwft; C:\Windows\System32\drivers\itftntls.sys [79064 2015-02-18] (Malwarebytes Corporation)C:\Windows\System32\drivers\itftntls.sysC:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBSC:\Users\Laura\AppData\Local\Temp\0EC7CA1C-442F-ACD8-5237-136F59B159D8.exeC:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.dllC:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.exeC:\Users\Laura\AppData\Local\Temp\Itibiti_Knctr_C.exeC:\Users\Laura\AppData\Local\Temp\OnlineBackup.exeC:\Users\Laura\AppData\Local\Temp\Quarantine.exeC:\Users\Laura\AppData\Local\Temp\sqlite3.dllC:\Users\Laura\AppData\Local\Temp\vcredist_x64.exeAlternateDataStreams: C:\Users\Cole\OneDrive:ms-propertiesEmptyTemp:end ***************** "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.csrcc => Error deleting Service"C:\Program Files\shopperz" => File/Directory not found.BthAvrcpTg => Service deleted successfully.BthHFEnum => Service deleted successfully.bthhfhid => Service deleted successfully.ikavq => Service deleted successfully.C:\Windows\System32\drivers\dwuywgg.sys => Moved successfully.lndmkbit => Service deleted successfully.C:\Windows\System32\drivers\daheeyp.sys => Moved successfully.uinmwft => Service deleted successfully.C:\Windows\System32\drivers\itftntls.sys => Moved successfully.C:\ProgramData\SetStretch.exe => Moved successfully.C:\ProgramData\SetStretch.VBS => Moved successfully.C:\Users\Laura\AppData\Local\Temp\0EC7CA1C-442F-ACD8-5237-136F59B159D8.exe => Moved successfully.C:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.dll => Moved successfully.C:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.exe => Moved successfully.C:\Users\Laura\AppData\Local\Temp\Itibiti_Knctr_C.exe => Moved successfully.C:\Users\Laura\AppData\Local\Temp\OnlineBackup.exe => Moved successfully.C:\Users\Laura\AppData\Local\Temp\Quarantine.exe => Moved successfully.C:\Users\Laura\AppData\Local\Temp\sqlite3.dll => Moved successfully.C:\Users\Laura\AppData\Local\Temp\vcredist_x64.exe => Moved successfully."C:\Users\Cole\OneDrive" => ":ms-properties" ADS not found.EmptyTemp: => Removed 973.8 MB temporary data. The system needed a reboot. ==== End of Fixlog 12:15:09 ====--- Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 2/20/2015Scan Time: 12:23:03 PMLogfile: Administrator: Yes Version: 2.00.4.1028Malware Database: v2015.02.20.07Rootkit Database: v2015.02.20.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Laura Scan Type: Threat ScanResult: CompletedObjects Scanned: 436656Time Elapsed: 19 min, 19 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 2PUP.Optional.Shopperz.A, HKLM\SOFTWARE\shopperz, Delete-on-Reboot, [dcdbde427a1065d1bf8d5e3cff0423dd], PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\shopperz, Delete-on-Reboot, [05b24ed26228f4422f1d44568b787789], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.Shopperz.A, C:\WINDOWS\SYSTEM32\drivers\bsdriver.sys, Delete-on-Reboot, [46d8e376f470bb7659741dd1c1bebdd3], Physical Sectors: 0(No malicious items detected) (end) --- # AdwCleaner v4.111 - Logfile created 20/02/2015 at 13:16:02# Updated 18/02/2015 by Xplode# Database : 2015-02-18.3 [server]# Operating system : Windows 8.1 (x64)# Username : Laura - LAPTOP# Running from : C:\Users\Laura\Desktop\its the clean desktop folder\AdwCleaner.exe# Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : csrcc ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu \Programs\turbodiagnosisFolder Deleted : C:\Program Files (x86)\download ManagerFile Deleted : C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Local Storage \hxxps_static.olark.com_0.localstorage ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v35.0.1 (x86 en-US) -\\ Google Chrome v40.0.2214.115 [C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default \Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}[C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default \Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} ************************* AdwCleaner[R0].txt - [5629 bytes] - [08/02/2015 23:23:49]AdwCleaner[R1].txt - [1870 bytes] - [09/02/2015 09:29:15]AdwCleaner[R2].txt - [1984 bytes] - [09/02/2015 11:15:38]AdwCleaner[R3].txt - [1724 bytes] - [20/02/2015 13:12:41]AdwCleaner[s0].txt - [5443 bytes] - [08/02/2015 23:32:34]AdwCleaner[s1].txt - [1964 bytes] - [09/02/2015 09:31:31]AdwCleaner[s2].txt - [2072 bytes] - [09/02/2015 11:19:05]AdwCleaner[s3].txt - [1667 bytes] - [20/02/2015 13:16:02] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1726 bytes] ##########
  8. Just a little info, my son downloaded malware (shopperz and others) and I tried to go to a restore point on the computer. Didn't work. Did Revo ununstaller. Caught some but not everything. I did the Malware bytes and it seemed to find everything. But then every few days more pops up in the malwarebytes scans so I'm assuming there is something left somewhere that is causing more to be downloaded to my computer. Ugh! Thanks so much. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01Ran by Laura (administrator) on LAPTOP on 20-02-2015 10:51:13Running from C:\Users\Laura\DownloadsLoaded Profiles: Laura (Available profiles: Laura & Cole & Guest)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe() C:\Program Files (x86)\Photodex\ProShow Gold\scsiaccess.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE(AMD) C:\Windows\System32\atieclxx.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\StikyNot.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Adobe Systems) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-18] (ASUS Cloud Corporation)HKLM-x32\...\Run: [btTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [374024 2012-10-23] (IVT Corporation)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)HKU\S-1-5-21-1432604938-1182428816-157698692-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-09-23] (Microsoft Corporation)HKU\S-1-5-21-1432604938-1182428816-157698692-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnkShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnkShortcutTarget: Curse.lnk -> C:\Users\Laura\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No FileShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No FileShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-1432604938-1182428816-157698692-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.comHKU\S-1-5-21-1432604938-1182428816-157698692-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.comSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 FireFox:========FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\jbpqc4lc.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1217157.dll No FileFF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKU\S-1-5-21-1432604938-1182428816-157698692-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Laura\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)FF Plugin HKU\S-1-5-21-1432604938-1182428816-157698692-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) Chrome: =======CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-20]CHR Extension: (Google Drive) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-20]CHR Extension: (YouTube) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-20]CHR Extension: (Google Search) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]CHR Extension: (Google Wallet) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]CHR Extension: (Gmail) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1616136 2012-11-20] (IVT Corporation)R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-10-23] (IVT Corporation)R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [186760 2014-12-03] ()R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)S2 csrcc; "C:\Program Files\shopperz\csrcc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc.)R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-04-24] (Advanced Micro Devices)R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [35832 2015-02-08] ()R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)U4 BthAvrcpTg; No ImagePathU4 BthHFEnum; No ImagePathU4 bthhfhid; No ImagePathR3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49504 2012-10-31] (Ralink Corporation)R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)U0 ikavq; C:\Windows\System32\drivers\dwuywgg.sys [79064 2015-02-19] (Malwarebytes Corporation)R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )U0 lndmkbit; C:\Windows\System32\drivers\daheeyp.sys [79064 2015-02-18] (Malwarebytes Corporation)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-20] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)U0 uinmwft; C:\Windows\System32\drivers\itftntls.sys [79064 2015-02-18] (Malwarebytes Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 10:51 - 2015-02-20 10:51 - 00019211 _____ () C:\Users\Laura\Downloads\FRST.txt2015-02-20 10:50 - 2015-02-20 10:51 - 00000000 ____D () C:\FRST2015-02-20 10:50 - 2015-02-20 10:50 - 02086912 _____ (Farbar) C:\Users\Laura\Downloads\FRST64.exe2015-02-19 23:44 - 2015-02-19 23:44 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\dwuywgg.sys2015-02-18 23:25 - 2015-02-18 23:25 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\daheeyp.sys2015-02-18 09:47 - 2015-02-18 09:47 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\itftntls.sys2015-02-15 22:04 - 2015-02-15 22:04 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler2015-02-14 08:23 - 2015-02-20 08:55 - 00000000 ____D () C:\Users\Laura\AppData\Local\LogMeIn Hamachi2015-02-14 08:23 - 2015-02-14 08:23 - 00000000 ____D () C:\Users\Laura\AppData\Local\LogMeIn2015-02-13 20:02 - 2015-02-19 19:42 - 00000000 ____D () C:\Users\Cole\AppData\Local\LogMeIn Hamachi2015-02-13 20:02 - 2015-02-13 20:02 - 00000000 ____D () C:\Users\Cole\AppData\Local\LogMeIn2015-02-13 20:02 - 2015-02-13 20:02 - 00000000 ____D () C:\ProgramData\LogMeIn2015-02-13 20:00 - 2015-02-13 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi2015-02-13 20:00 - 2015-02-13 20:00 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi2015-02-11 17:06 - 2015-01-22 21:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2015-02-11 17:06 - 2015-01-22 20:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2015-02-10 19:51 - 2015-01-10 00:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll2015-02-10 19:51 - 2015-01-09 23:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll2015-02-10 19:50 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll2015-02-10 19:50 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2015-02-10 19:50 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys2015-02-10 19:50 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll2015-02-10 19:50 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll2015-02-10 19:50 - 2015-01-13 15:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll2015-02-10 19:50 - 2015-01-13 15:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll2015-02-10 19:50 - 2015-01-11 20:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2015-02-10 19:50 - 2015-01-11 19:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2015-02-10 19:50 - 2015-01-11 19:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2015-02-10 19:50 - 2015-01-11 19:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll2015-02-10 19:50 - 2015-01-11 19:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll2015-02-10 19:50 - 2015-01-11 19:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2015-02-10 19:50 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2015-02-10 19:50 - 2015-01-11 19:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2015-02-10 19:50 - 2015-01-11 19:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2015-02-10 19:50 - 2015-01-11 19:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll2015-02-10 19:50 - 2015-01-11 19:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2015-02-10 19:50 - 2015-01-11 18:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll2015-02-10 19:50 - 2015-01-11 18:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll2015-02-10 19:50 - 2015-01-11 18:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll2015-02-10 19:50 - 2015-01-11 18:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2015-02-10 19:50 - 2015-01-11 18:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2015-02-10 19:50 - 2015-01-11 18:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2015-02-10 19:50 - 2015-01-11 18:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2015-02-10 19:50 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2015-02-10 19:50 - 2015-01-11 18:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2015-02-10 19:50 - 2015-01-11 18:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll2015-02-10 19:50 - 2015-01-11 18:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll2015-02-10 19:50 - 2015-01-11 18:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2015-02-10 19:50 - 2015-01-11 18:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2015-02-10 19:50 - 2015-01-11 18:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll2015-02-10 19:50 - 2015-01-11 18:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2015-02-10 19:50 - 2015-01-11 18:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2015-02-10 19:50 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2015-02-10 19:50 - 2015-01-11 18:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2015-02-10 19:50 - 2015-01-11 18:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2015-02-10 19:50 - 2015-01-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2015-02-10 19:50 - 2015-01-11 18:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2015-02-10 19:50 - 2015-01-11 17:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2015-02-10 19:50 - 2015-01-11 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2015-02-10 19:50 - 2015-01-10 02:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2015-02-10 19:50 - 2015-01-10 02:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2015-02-10 19:50 - 2015-01-10 01:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2015-02-10 19:50 - 2015-01-10 01:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2015-02-10 19:50 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll2015-02-10 19:50 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll2015-02-10 19:50 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll2015-02-10 19:50 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll2015-02-10 19:50 - 2014-12-08 16:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml2015-02-10 19:50 - 2014-10-28 19:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll2015-02-10 19:50 - 2014-10-28 19:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll2015-02-10 19:50 - 2014-10-28 19:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll2015-02-10 19:50 - 2014-10-28 19:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll2015-02-10 19:50 - 2014-10-28 19:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll2015-02-10 19:50 - 2014-10-28 19:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll2015-02-10 19:50 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll2015-02-10 19:50 - 2014-10-28 18:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2015-02-10 19:50 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll2015-02-10 19:50 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll2015-02-10 19:50 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe2015-02-10 19:50 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe2015-02-10 19:50 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe2015-02-09 21:31 - 2015-02-15 09:31 - 00000000 ____D () C:\Users\Cole\AppData\Local\CrashDumps2015-02-09 15:47 - 2015-02-13 17:23 - 00000000 ____D () C:\Users\Laura\AppData\Local\CrashDumps2015-02-09 13:33 - 2015-02-20 09:55 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-02-09 13:32 - 2015-02-09 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-02-09 13:32 - 2015-02-09 13:32 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-02-09 13:32 - 2015-02-09 13:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-02-09 13:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2015-02-09 13:32 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2015-02-09 13:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2015-02-09 13:31 - 2015-02-09 13:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Laura\Downloads\mbam-setup-2.0.4.1028.exe2015-02-09 11:44 - 2015-02-09 11:44 - 00000000 ____D () C:\NPE2015-02-09 11:42 - 2015-02-09 11:49 - 00000000 ____D () C:\Users\Laura\AppData\Local\NPE2015-02-09 11:42 - 2015-02-09 11:42 - 03060320 ____N (Symantec Corporation) C:\Users\Laura\Downloads\NPE.exe2015-02-09 11:42 - 2015-02-09 11:42 - 00000000 ____D () C:\ProgramData\Norton2015-02-09 11:41 - 2015-02-09 11:42 - 130955008 _____ (Microsoft Corporation) C:\Users\Laura\Downloads\msert.exe2015-02-09 11:21 - 2015-02-20 10:25 - 01224858 _____ () C:\WINDOWS\WindowsUpdate.log2015-02-09 11:19 - 2015-02-18 17:37 - 00002344 _____ () C:\WINDOWS\setupact.log2015-02-09 11:19 - 2015-02-17 18:41 - 00028860 _____ () C:\WINDOWS\PFRO.log2015-02-09 11:19 - 2015-02-09 11:19 - 00000000 _____ () C:\WINDOWS\setuperr.log2015-02-09 10:47 - 2015-02-09 10:47 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2015-02-09 10:46 - 2015-02-09 10:46 - 00000000 ____D () C:\Program Files\CCleaner2015-02-09 09:52 - 2015-02-09 09:54 - 05325208 _____ (Piriform Ltd) C:\Users\Laura\Downloads\ccsetup502.exe2015-02-08 23:23 - 2015-02-09 11:19 - 00000000 ____D () C:\AdwCleaner2015-02-08 13:45 - 2015-02-08 13:45 - 00001708 _____ () C:\ProgramData\tempimage.bmp2015-02-08 13:30 - 2015-02-08 13:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group2015-02-08 13:28 - 2015-02-08 13:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Laura\Downloads\revosetup.exe2015-02-08 13:02 - 2015-02-08 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR2015-02-08 13:02 - 2015-02-08 13:02 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone2015-02-08 12:59 - 2015-02-08 12:59 - 00035832 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys2015-02-08 12:58 - 2015-02-08 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\turbodiagnosis2015-02-08 12:58 - 2015-02-08 12:58 - 00003508 _____ () C:\WINDOWS\System32\Tasks\PastaLeads2015-02-08 12:58 - 2015-02-08 12:58 - 00000000 ____D () C:\Program Files (x86)\download Manager2015-02-08 12:46 - 2015-02-08 12:46 - 00329784 _____ () C:\Users\Cole\Downloads\EmeraldMod 1.7.10 Forge V3.5.2.jar2015-02-08 12:43 - 2015-02-08 12:43 - 00004709 _____ () C:\Users\Cole\Downloads\LuckyBlockProperties.zip2015-02-08 12:42 - 2015-02-08 12:42 - 00613392 _____ () C:\Users\Cole\Downloads\Free_Download.exe2015-02-08 12:36 - 2015-02-08 12:37 - 03092531 _____ () C:\Users\Cole\Downloads\forge-1.7.10-10.13.2.1291-installer.jar2015-02-08 12:34 - 2015-02-08 12:34 - 00083487 _____ () C:\Users\Cole\Downloads\[1-7-10]_Lucky_Block_v5-1-0.jar.zip2015-02-08 12:27 - 2015-02-08 12:27 - 00096632 _____ () C:\Users\Cole\Downloads\emerald and obsidian mod v1.2.zip2015-02-07 16:38 - 2015-02-07 16:38 - 00094438 _____ () C:\Users\Cole\Downloads\LuckyBlock_1-8-1_v5-2-0.jar (1).zip2015-02-07 16:34 - 2015-02-07 16:34 - 00000000 ____D () C:\Users\Cole\Downloads\LuckyBlock_1-8-1_v5-2-0.jar2015-02-07 16:27 - 2015-02-07 16:27 - 03340779 _____ () C:\Users\Cole\Downloads\forge-1.8-11.14.0.1299-installer (2).jar2015-02-07 16:27 - 2015-02-07 16:27 - 03340779 _____ () C:\Users\Cole\Downloads\forge-1.8-11.14.0.1299-installer (1).jar2015-02-07 16:25 - 2015-02-07 16:26 - 03340779 _____ () C:\Users\Cole\Downloads\forge-1.8-11.14.0.1299-installer.jar2015-02-07 16:23 - 2015-02-19 17:11 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\.minecraft2015-02-07 16:22 - 2015-02-07 16:14 - 00094438 _____ () C:\Users\Cole\Desktop\LuckyBlock_1-8-1_v5-2-0.jar.zip2015-02-07 16:14 - 2015-02-07 16:14 - 00094438 _____ () C:\Users\Cole\Downloads\LuckyBlock_1-8-1_v5-2-0.jar.zip2015-02-06 21:20 - 2015-02-06 21:20 - 02984529 _____ () C:\Users\Cole\Downloads\Babylon.zip2015-02-06 13:27 - 2015-02-06 13:27 - 00000000 __SHD () C:\Users\Laura\AppData\Local\EmieUserList2015-02-06 13:27 - 2015-02-06 13:27 - 00000000 __SHD () C:\Users\Laura\AppData\Local\EmieSiteList2015-02-06 13:27 - 2015-02-06 13:27 - 00000000 __SHD () C:\Users\Laura\AppData\Local\EmieBrowserModeList2015-02-04 20:26 - 2015-02-04 20:26 - 00000000 ____D () C:\Users\Cole\AppData\Local\Apple2015-01-28 15:30 - 2015-01-28 15:30 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\java2015-01-28 11:49 - 2015-01-28 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-01-24 22:31 - 2015-01-24 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime2015-01-24 22:30 - 2015-01-24 22:31 - 00000000 ____D () C:\Program Files (x86)\QuickTime2015-01-24 22:30 - 2015-01-24 22:30 - 00000000 ____D () C:\ProgramData\Apple Computer2015-01-23 09:06 - 2015-01-23 09:06 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Apple Computer2015-01-23 09:04 - 2015-02-03 12:31 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-01-23 09:04 - 2015-02-03 12:31 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2015-01-22 20:19 - 2015-01-22 20:19 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Apple Computer2015-01-22 19:03 - 2015-01-22 19:03 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk2015-01-22 19:03 - 2015-01-22 19:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple2015-01-22 19:03 - 2015-01-22 19:03 - 00000000 ____D () C:\Users\Laura\AppData\Local\Apple2015-01-22 19:03 - 2015-01-22 19:03 - 00000000 ____D () C:\ProgramData\Apple2015-01-22 19:03 - 2015-01-22 19:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update2015-01-22 19:02 - 2015-01-22 19:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-20 10:31 - 2014-08-09 12:56 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2015-02-20 10:16 - 2014-07-11 21:39 - 00000576 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1432604938-1182428816-157698692-1001.job2015-02-20 10:04 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2015-02-20 10:03 - 2014-06-20 22:41 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-02-20 10:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru2015-02-20 09:36 - 2012-10-23 17:34 - 00000834 _____ () C:\WINDOWS\SysWOW64\bscs.ini2015-02-20 09:33 - 2013-10-22 22:38 - 00004268 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI2015-02-20 09:33 - 2013-10-22 22:38 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI2015-02-20 09:28 - 2014-06-20 22:39 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1432604938-1182428816-157698692-10012015-02-20 08:59 - 2014-06-20 22:57 - 00000000 ____D () C:\Users\Laura\AppData\Local\Adobe2015-02-20 08:52 - 2014-06-20 22:33 - 00000062 _____ () C:\Users\Laura\AppData\Roaming\sp_data.sys2015-02-19 23:44 - 2013-05-01 02:37 - 00000000 ____D () C:\WINDOWS\fr2015-02-19 22:25 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2015-02-19 20:35 - 2014-11-27 21:53 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Curse Client2015-02-19 19:39 - 2014-06-28 19:10 - 00000062 _____ () C:\Users\Cole\AppData\Roaming\sp_data.sys2015-02-19 19:38 - 2015-01-17 09:46 - 00000000 ___RD () C:\Users\Cole\OneDrive2015-02-19 18:14 - 2014-06-28 19:16 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1432604938-1182428816-157698692-10022015-02-19 16:04 - 2014-06-20 22:41 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-18 18:56 - 2014-08-05 13:45 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-18 17:40 - 2014-09-24 00:15 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2015-02-17 22:51 - 2014-10-10 10:14 - 00000000 ____D () C:\Users\Laura2015-02-17 22:00 - 2014-10-10 10:14 - 00000000 ____D () C:\Users\Cole2015-02-17 18:41 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Speech2015-02-17 18:41 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2015-02-16 09:37 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2015-02-12 23:09 - 2014-07-11 21:39 - 00003572 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1432604938-1182428816-157698692-10012015-02-12 22:13 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed2015-02-11 19:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache2015-02-11 17:05 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2015-02-11 10:18 - 2013-08-22 07:44 - 00337864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2015-02-11 10:16 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker2015-02-10 23:09 - 2014-06-26 19:35 - 00000000 ____D () C:\WINDOWS\system32\MRT2015-02-10 23:00 - 2014-06-26 19:35 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2015-02-09 14:00 - 2014-06-30 09:26 - 00000000 ___RD () C:\Users\Laura\Desktop\its the clean desktop folder2015-02-09 13:54 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration2015-02-09 10:56 - 2014-10-10 11:03 - 00000000 ___DC () C:\WINDOWS\Panther2015-02-08 22:43 - 2014-06-28 19:16 - 00000000 ____D () C:\Users\Cole\AppData\Local\Battle.net2015-02-08 20:51 - 2014-06-24 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net2015-02-06 09:43 - 2014-06-20 23:05 - 00000000 ____D () C:\Users\Laura\Desktop\AAA FDP2015-02-04 15:58 - 2014-06-20 22:41 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-04 15:58 - 2014-06-20 22:41 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-04 15:58 - 2014-06-20 22:41 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-02-04 15:31 - 2014-08-09 12:56 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater2015-02-04 10:08 - 2014-08-09 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-02-01 16:48 - 2014-06-28 19:10 - 00000000 ____D () C:\Users\Cole\AppData\Local\Packages2015-01-28 10:35 - 2015-01-09 22:27 - 00000000 ____D () C:\Program Files (x86)\Java2015-01-28 10:16 - 2015-01-09 22:28 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2015-01-28 10:16 - 2015-01-09 22:28 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2015-01-28 10:16 - 2015-01-09 22:28 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2015-01-28 10:16 - 2015-01-09 22:28 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2015-01-28 10:16 - 2014-08-06 16:44 - 00000000 ____D () C:\ProgramData\Oracle2015-01-28 10:08 - 2013-05-01 02:34 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk2015-01-22 08:57 - 2015-01-06 22:30 - 00000000 ____D () C:\Users\Laura\Desktop\School ==================== Files in the root of some directories ======= 2014-06-20 22:33 - 2015-02-20 08:52 - 0000062 _____ () C:\Users\Laura\AppData\Roaming\sp_data.sys2014-10-15 12:34 - 2014-10-15 12:34 - 0001456 _____ () C:\Users\Laura\AppData\Local\Adobe Save for Web 13.0 Prefs2014-06-26 16:38 - 2014-06-26 19:19 - 0001217 _____ () C:\ProgramData\hpzinstall.log2013-05-01 02:34 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd2013-05-01 02:34 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe2013-05-01 02:34 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS2015-02-08 13:45 - 2015-02-08 13:45 - 0001708 _____ () C:\ProgramData\tempimage.bmp Files to move or delete:====================C:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBS Some content of TEMP:====================C:\Users\Laura\AppData\Local\Temp\0EC7CA1C-442F-ACD8-5237-136F59B159D8.exeC:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.dllC:\Users\Laura\AppData\Local\Temp\B663B43C-99A6-5DCF-9521-65BEDC2412F1.exeC:\Users\Laura\AppData\Local\Temp\Itibiti_Knctr_C.exeC:\Users\Laura\AppData\Local\Temp\OnlineBackup.exeC:\Users\Laura\AppData\Local\Temp\Quarantine.exeC:\Users\Laura\AppData\Local\Temp\sqlite3.dllC:\Users\Laura\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-17 19:33 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01Ran by Laura at 2015-02-20 10:52:13Running from C:\Users\Laura\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) HiddenAdobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)AMD Catalyst Install Manager (HKLM\...\{E3D3EE63-5570-DCB9-45F8-4CF03349AFD8}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) HiddenAsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)Azteca (x32 Version: 2.2.0.97 - WildTangent) HiddenBattle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) HiddenBing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenC410 (x32 Version: 140.0.353.000 - Hewlett-Packard) HiddenCanon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDestinations (x32 Version: 140.0.253.000 - Hewlett-Packard) HiddenDeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenDocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) HiddenFax (x32 Version: 140.0.307.000 - Hewlett-Packard) HiddenGalería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenGalerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenGarry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenGoToMeeting 6.4.12.2331 (HKU\S-1-5-21-1432604938-1182428816-157698692-1001\...\GoToMeeting) (Version: 6.4.12.2331 - CitrixOnline)GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) HiddenHi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{951AF289-1B6A-44CA-B4F3-259BFC49148F}) (Version: 14.0 - HP)HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) HiddenHPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) HiddenHPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) HiddenHPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) HiddenJava 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenLogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) HiddenMalwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenMicrosoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenMozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)Network64 (Version: 140.0.306.000 - Hewlett-Packard) HiddenOCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)OEM Application Profile (HKLM-x32\...\{769E695A-F93F-803E-3763-9A00A0E38786}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)Peggle (x32 Version: 2.2.0.95 - WildTangent) HiddenPenguins! (x32 Version: 2.2.0.98 - WildTangent) HiddenPhotodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)PS_AIO_07_C410_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) HiddenQuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) HiddenRalink Bluetooth Stack64 (HKLM\...\{91C2E5B8-B01E-C13A-24D7-957DA8A22821}) (Version: 9.0.727.3 - Ralink Corporation)Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.)Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) HiddenShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2529.2 - Hi-Rez Studios)SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) HiddenStatus (x32 Version: 140.0.342.000 - Hewlett-Packard) HiddenSteam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenTales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) HiddenTeam Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) HiddenTrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) HiddenUpdate Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenWebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) HiddenWildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) HiddenWindows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1432604938-1182428816-157698692-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Laura\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 08-02-2015 13:13:10 Restore Operation11-02-2015 19:08:27 Windows Update13-02-2015 19:59:47 Installed LogMeIn Hamachi ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {06482FDA-A496-45D4-A948-D0634B54DF3D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)Task: {0959E249-EBB3-4C7B-8DA6-AF7F9DFC7529} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)Task: {15121D7A-8C7A-41DC-87D7-49D65C6952B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)Task: {2283CD1F-122F-4747-9E88-0DF80A6063E2} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-Laura => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)Task: {39F85ADB-1421-4A4B-9E3C-895A15F8DC4A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)Task: {4ACE709B-A361-498C-A301-F3F821A23DE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)Task: {4FB7E107-77B3-4AF1-94BD-1DF6850EA2FC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)Task: {5CBC7B5F-0958-49AC-AFC6-47B012697A6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)Task: {71292AA7-C0C1-4AB6-89F9-2C8F6986F108} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)Task: {87EE6124-851B-435C-B87A-A196AE21D295} - System32\Tasks\{860962E8-CA2D-4C70-ABD8-A8AA92627A67} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"Task: {8DA8DB9E-F432-46C3-A97F-D5EE89F9815A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)Task: {8F598A82-836E-4B18-BB62-D5DBDBBD63F6} - System32\Tasks\G2MUpdateTask-S-1-5-21-1432604938-1182428816-157698692-1001 => C:\Users\Laura\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe [2015-02-12] (Citrix Online, a division of Citrix Systems, Inc.)Task: {9E5EA607-9846-4314-A91A-7A4EE52A6C48} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)Task: {A42B3946-5A11-4CE6-A606-19ECA42105D4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)Task: {B1929B17-156F-47B0-A6AB-6122DA2AD2D9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)Task: {B99E1F08-96D4-4257-99FB-2A763D6C2897} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)Task: {BAC1E830-3627-451B-848D-A20BB50E2DB6} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1432604938-1182428816-157698692-1002Task: {C822CC25-1108-4B98-B8B1-C03457735784} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exeTask: {E1E4928F-7E5E-46EA-8801-6C5D51EA4922} - System32\Tasks\PastaLeads => C:\Program Files (x86)\pastaleads\ScheduledTask.exeTask: {E7EA0BCC-7320-4DC0-83E7-6C45A22E1A70} - System32\Tasks\{FF345EDC-2B23-455D-BAD9-20572D8B31B5} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"Task: {E82F9C90-E040-4661-AF93-C1ACFB274434} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)Task: {EC7620B7-E065-40FF-B11F-B9A8BE2C5B5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {ECE52131-F74E-462A-9435-089FD4B809A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-10] (Microsoft Corporation)Task: {F69571A1-8F1E-409A-A975-4E65CFD107AC} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()Task: {F7E188FF-FD79-4F0D-8992-ADD62B0DCA62} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1432604938-1182428816-157698692-1001.job => C:\Users\Laura\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll2012-12-18 23:10 - 2012-12-18 23:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe2014-09-26 14:40 - 2014-12-03 23:38 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe2012-10-23 17:31 - 2012-10-23 17:31 - 00017160 _____ () C:\Windows\system32\BsHelpCSps.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00029960 _____ () C:\Windows\system32\BsTrace.dll2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll2013-06-19 20:49 - 2013-06-19 20:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll2014-11-08 19:22 - 2014-11-08 19:22 - 00575688 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\AgKernel.dll2014-11-08 19:23 - 2014-11-08 19:23 - 00368328 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\WFCore.dll2014-11-08 19:23 - 2014-11-08 19:23 - 00033992 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\WFSQLite.dll2014-11-08 19:23 - 2014-11-08 19:23 - 00097480 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\WFWeb.dll2014-11-08 19:23 - 2014-11-08 19:23 - 00892616 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\WFOzClient.dll2014-11-08 19:23 - 2014-11-08 19:23 - 00029896 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\LightroomModels.dll2014-11-08 19:24 - 2014-11-08 19:24 - 00114888 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\moxplugins\AppManagerLR.mox2014-11-08 19:24 - 2014-11-08 19:24 - 00246472 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\moxplugins\wpdmanager.mox2012-10-23 17:31 - 2012-10-23 17:31 - 00029960 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00017160 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00062216 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll2012-10-23 17:25 - 2012-10-23 17:25 - 00335176 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00079624 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00363784 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll2012-10-23 17:31 - 2012-10-23 17:31 - 00029960 _____ () C:\Windows\SYSTEM32\BsTrace.dll2015-02-19 16:04 - 2015-02-17 15:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll2015-02-19 16:04 - 2015-02-17 15:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll2015-02-19 16:04 - 2015-02-17 15:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Cole\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1432604938-1182428816-157698692-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaperDNS Servers: 68.105.28.11 - 68.105.29.11 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "shopperz" ==================== Accounts: ============================= Administrator (S-1-5-21-1432604938-1182428816-157698692-500 - Administrator - Disabled)Cole (S-1-5-21-1432604938-1182428816-157698692-1002 - Limited - Enabled) => C:\Users\ColeGuest (S-1-5-21-1432604938-1182428816-157698692-501 - Limited - Enabled) => C:\Users\GuestLaura (S-1-5-21-1432604938-1182428816-157698692-1001 - Administrator - Enabled) => C:\Users\Laura ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1023) (User: )Description: rdyboost4 Error: (02/19/2015 07:39:22 PM) (Source: PerfNet) (EventID: 2004) (User: )Description: Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: LsaC:\Windows\System32\Secur32.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: ESENTC:\WINDOWS\system32\esentprf.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4 Error: (02/19/2015 04:59:08 PM) (Source: Perflib) (EventID: 1008) (User: )Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (02/19/2015 04:59:08 PM) (Source: Perflib) (EventID: 1023) (User: )Description: rdyboost4 System errors:=============Error: (02/19/2015 11:34:28 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/19/2015 07:39:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service. Error: (02/19/2015 06:14:44 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/19/2015 04:58:23 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/19/2015 04:24:20 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/19/2015 03:33:11 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/19/2015 03:33:11 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/18/2015 10:17:17 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/17/2015 10:00:05 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (02/17/2015 10:00:05 PM) (Source: DCOM) (EventID: 10010) (User: Laptop)Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions:=========================Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1023) (User: )Description: rdyboost4 Error: (02/19/2015 07:39:22 PM) (Source: PerfNet) (EventID: 2004) (User: )Description: Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: LsaC:\Windows\System32\Secur32.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: ESENTC:\WINDOWS\system32\esentprf.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (02/19/2015 07:39:22 PM) (Source: Perflib) (EventID: 1008) (User: )Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4 Error: (02/19/2015 04:59:08 PM) (Source: Perflib) (EventID: 1008) (User: )Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (02/19/2015 04:59:08 PM) (Source: Perflib) (EventID: 1023) (User: )Description: rdyboost4 ==================== Memory info =========================== Processor: AMD A10-5750M APU with Radeon HD Graphics Percentage of memory in use: 30%Total physical RAM: 7378.4 MBAvailable physical RAM: 5137.13 MBTotal Pagefile: 8530.4 MBAvailable Pagefile: 5342.56 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:86.54 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:397.83 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 698.6 GB) (Disk ID: 098FA470) Partition: GPT Partition Type. ==================== End Of Log ============================
  9. I reset it and the program is working but I believe I just will have to have java on the web from now on... don't know how big a security threat that is?
  10. ummm I don't suppose you could help me with one other thing? I reinstalled java and took it off my internet. But I do use a program that uses it and I'm not sure now how to get it back working... http://www.roeslaunch.com/ROES/labs/WHCC/ I uploaded the launch.jnlp and accidentally assigned it to acrobat. It wouldn't open before I assigned it a program. I'm not sure how it uses java... (should I let java run in my browser?)
  11. Thanks so much- you've been awesome! Computer seems great! :0)
  12. ok- its like layers on layers here... The luma pix (last entry) *should* be a normal program that I use... C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Adobe.Photoshop.CS4.Extended-Crack.exe a variant of Win32/HackTool.Patcher.D application C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Adobe.Photoshop.CS4.Extended-Crack.exe a variant of Win32/HackTool.Patcher.D application C:\Users\Laura Siivola\Desktop\Adobe CD\Adobe CS4 Suite\PhsotoshopCS4\Adobe.Photoshop.CS4.Extended-Crack.exe a variant of Win32/HackTool.Patcher.D application C:\Users\Laura Siivola\Desktop\Adobe CD\Adobe_IndesignCS4\disable_activation.cmd BAT/HostsChanger.A application C:\_OTL\MovedFiles\03042013_122455\C_Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application E:\to drobo\Resources\LumaPixSetup(2).exe a variant of Win32/Packed.Themida application
  13. thaaat was... quicker than I expected! :0) As far as how it's running; I haven't really had any slowness problems since this morning, but I will restart and if there are any problems I will get back... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:57:12 PM, on 3/4/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\AVG\AVG2013\avgcsrvx.exe C:\PROGRA~2\HP\DIGITA~1\bin\hpqgpc01.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe C:\Users\Laura Siivola\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DDAssist] C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe O4 - HKUS\S-1-5-21-1603802303-299002482-1763937386-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1603802303-299002482-1763937386-1003\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN (User 'UpdatusUser') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = Laura Siivola\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - Unknown owner - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yontoo Desktop Updater - Unknown owner - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (file missing) -- End of file - 13482 bytes
  14. 1st.... (downloading hijack now, will post later) Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Laura Siivola :: HP [administrator] Protection: Enabled 3/4/2013 11:47:30 PM mbam-log-2013-03-04 (23-47-30).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 234206 Time elapsed: 5 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.