Jump to content

jmood88

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I just clicked on both, is there something else I'm supposed to do?
  2. mbam-check result log version: 2.0.0.1000 Malwarebytes Version: REG_SZ 1.75.0.1300 Date Log Created: 06/30/13 Time Log Created: 00:16:55 User Account type: Administrator 64 bit Operating System Product Name: REG_SZ Windows 7 Home Premium Current Build Number: 7601 Current Version Number: 6.1 Current CSDVersion: Service Pack 1 Proxy Status: No proxy is Set Proxy Override: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ ProxyOverride REG_SZ *.local;<local> LAN Settings: ============= only 'Automatically detect settings' is selected SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume1 Balloon Tips Status: ==================== Enabled Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ h:mm:ss tt REG_SZ AM REG_SZ PM REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's Startup Folder Exists. Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== TERMService: ============== Type : 32 State : 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE : 1084 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 TermService Start is set to: 3 (Manual Startup) Compatibility Flag Settings (Any MBAM file listings should be removed): ======================================================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers C:\Users\Jordan\Desktop\Software\LogitechHarmonySoftware.exeREG_SZ VISTARTM C:\Users\Jordan\Desktop\Burnout Paradise- The Ultimate Box (Download)\EASetup.exeREG_SZ WINXPSP2 Malwarebytes Anti-Malware Shell Extension Block Check: ====================================================== MBAM Startup Entries: ===================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Service and Driver Status: ========================== <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon MBAMProtector Registry Values: ============================== MBAMService Registry Values: ============================ MBAMScheduler Registry Values: ============================== MBAM DLL's and Runtime Files: ============================= HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid (Default): REG_SZ vbAccelerator Grid Control HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid (Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67} HKEY_CLASSES_ROOT\SSubTimer6.GSubclass (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid (Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.CTimer (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid (Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.ISubclass (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid (Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ _ISubclass HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ ISubclass HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ __CTimer HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ CTimer HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ __vbalGrid HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ vbalGrid HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 MBAM Registry Settings and License Info: ======================================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware advancedheuristics REG_DWORD 1 downloadprogram REG_DWORD 1 hidereg REG_DWORD 0 detectp2p REG_DWORD 0 detectpum REG_DWORD 1 detectpup REG_DWORD 2 updatewarn REG_DWORD 1 updatewarndays REG_DWORD 7 useproxy REG_DWORD 0 useauthentication REG_DWORD 0 contextmenu REG_DWORD 1 reportthreats REG_DWORD 1 startwithwindows REG_DWORD 1 startfsdisabled REG_DWORD 0 startipdisabled REG_DWORD 0 silentipmode REG_DWORD 0 autoquarantine REG_DWORD 1 notifyinstallprogram REG_DWORD 1 trialpromptshown REG_DWORD 0 autoquarantinenotify REG_DWORD 1 alwaysscanarchives REG_DWORD 1 InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware dbdate REG_SZ Wed, 26 Jun 2013 12:30:39 GMT dbversion REG_SZ v2013.06.26.03 programversion REG_SZ 1.75.0.1300 programbuild REG_SZ consumer HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 Language REG_SZ English.lng selectedrives REG_SZ C:\|D:\| HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1 Inno Setup: Setup Version REG_SZ 5.5.3-dev (a) Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware Inno Setup: User REG_SZ Jordan Inno Setup: Selected Tasks REG_SZ quicklaunchicon Inno Setup: Deselected Tasks REG_SZ desktopicon Inno Setup: Language REG_SZ English DisplayName REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300 DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT DisplayVersion REG_SZ 1.75.0.1300 Publisher REG_SZ Malwarebytes Corporation URLInfoAbout REG_SZ http://www.malwarebytes.org NoModify REG_DWORD 1 NoRepair REG_DWORD 1 InstallDate REG_SZ 20130626 MajorVersion REG_DWORD 1 MinorVersion REG_DWORD 75 EstimatedSize REG_DWORD 19743 Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. Scheduler Queue: ================ Context Menu Entries: ===================== HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1 (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE} (Default): REG_SZ IMBAMShlExt HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID (Default): REG_SZ MBAMExt.MBAMShlExt HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware MBAM Drivers: ============= C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0 Required Dependencies: ====================== BFE: ============== Type : 32 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002 ObjectName REG_SZ NT AUTHORITY\LocalService ErrorControl REG_DWORD 1 Start REG_DWORD 2 Type REG_DWORD 32 DependOnService REG_MULTI_SZ RpcSs ServiceSidType REG_DWORD 3 RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege FailureActions REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll ServiceDllUnloadOnStop REG_DWORD 1 ServiceMain REG_SZ BfeServiceMain HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout {22001ee0-8e87-4f75-ba58-248f5918a63a}REG_BINARY Binary Data {79f2a265-b693-4cc9-b480-cbcd87bd4747}REG_BINARY Binary Data {c4b50f21-503e-4d7a-abd4-ed0a823a2453}REG_BINARY Binary Data {91e902db-2cef-4040-b8e2-02fe4fd49c25}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data {56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}REG_BINARY Binary Data {1ba41ed8-151d-4577-9272-317856bc637c}REG_BINARY Binary Data {9248d57e-f843-4159-807d-3813173e2096}REG_BINARY Binary Data {4658cd86-525d-44ed-98a5-791a7b8655f1}REG_BINARY Binary Data {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data {d4bd4a0f-7591-4da2-ae67-3aa97c3c34c2}REG_BINARY Binary Data {839cd73f-1907-49ea-9aa5-0e6be9048087}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data {8c36b346-4e0c-4049-8b55-5295ac35567c}REG_BINARY Binary Data fltmgr: ============== Type : 2 State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr AttachWhenLoaded REG_DWORD 1 DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 Group REG_SZ FSFilter Infrastructure ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000 ErrorControl REG_DWORD 3 Start REG_DWORD 0 Tag REG_DWORD 1 Type REG_DWORD 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514 C:\Windows\SysWOW64\mscomctl.ocx File Size: 1070152 BYTES FileVersion: 6.1.98.34 C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514 List of MBAM Related Directories: ================================= C:\Program Files (x86)\Malwarebytes' Anti-Malware 7z.dll File Size: 914432 BYTES FileVersion: 9.20.0.0 changes.txt File Size: 200 BYTES license.rtf File Size: 17916 BYTES mbam.chm File Size: 474148 BYTES mbam.dll File Size: 527944 BYTES FileVersion: 1.70.0.0 mbam.exe File Size: 887432 BYTES FileVersion: 1.75.0.1 mbamcore.dll File Size: 1127496 BYTES FileVersion: 1.70.0.0 mbamext.dll File Size: 95304 BYTES FileVersion: 1.70.0.0 mbamgui.exe File Size: 532040 BYTES FileVersion: 1.70.0.0 mbamnet.dll File Size: 2191944 BYTES FileVersion: 1.70.0.0 mbampt.exe File Size: 40008 BYTES FileVersion: 1.70.0.0 mbamscheduler.exe File Size: 418376 BYTES FileVersion: 1.70.0.0 mbamservice.exe File Size: 701512 BYTES FileVersion: 1.70.0.0 ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3 unins000.dat File Size: 15620 BYTES unins000.exe File Size: 712264 BYTES FileVersion: 51.52.0.0 unins000.msg File Size: 11277 BYTES vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon chameleon.chm File Size: 186068 BYTES firefox.com File Size: 218184 BYTES firefox.exe File Size: 218184 BYTES firefox.pif File Size: 218184 BYTES firefox.scr File Size: 218184 BYTES iexplore.exe File Size: 218184 BYTES mbam-chameleon.com File Size: 218184 BYTES mbam-chameleon.exe File Size: 218184 BYTES mbam-chameleon.pif File Size: 218184 BYTES mbam-chameleon.scr File Size: 218184 BYTES mbam-killer.exe File Size: 896072 BYTES rundll32.exe File Size: 218184 BYTES svchost.exe File Size: 218184 BYTES winlogon.exe File Size: 218184 BYTES C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages arabic.lng File Size: 21894 BYTES belarusian.lng File Size: 26884 BYTES bosnian.lng File Size: 27108 BYTES bulgarian.lng File Size: 27574 BYTES catalan.lng File Size: 28252 BYTES chineseSI.lng File Size: 11024 BYTES chineseTR.lng File Size: 11952 BYTES croatian.lng File Size: 26670 BYTES czech.lng File Size: 24874 BYTES danish.lng File Size: 26582 BYTES dutch.lng File Size: 28342 BYTES english.lng File Size: 24542 BYTES estonian.lng File Size: 25146 BYTES finnish.lng File Size: 25950 BYTES french.lng File Size: 29830 BYTES german.lng File Size: 29894 BYTES greek.lng File Size: 29300 BYTES hebrew.lng File Size: 19362 BYTES hungarian.lng File Size: 28666 BYTES indonesian.lng File Size: 26854 BYTES italian.lng File Size: 28194 BYTES japanese.lng File Size: 16266 BYTES korean.lng File Size: 14188 BYTES latvian.lng File Size: 27100 BYTES lithuanian.lng File Size: 27838 BYTES norwegian.lng File Size: 25116 BYTES polish.lng File Size: 26644 BYTES portugueseBR.lng File Size: 28654 BYTES portuguesePT.lng File Size: 29062 BYTES romanian.lng File Size: 28290 BYTES russian.lng File Size: 27302 BYTES serbian.lng File Size: 26804 BYTES slovak.lng File Size: 25644 BYTES slovenian.lng File Size: 24852 BYTES spanish.lng File Size: 30060 BYTES swedish.lng File Size: 25992 BYTES thai.lng File Size: 26092 BYTES turkish.lng File Size: 25876 BYTES vietnamese.lng File Size: 29528 BYTES C:\Users\Jordan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware C:\Users\Jordan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs mbam-log-2013-06-26 (10-38-08).txt File Size: 1950 BYTES mbam-log-2013-06-26 (13-16-33).txt File Size: 1860 BYTES C:\Users\Jordan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware rules.ref File Size: 6605579 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration build.conf File Size: 140 BYTES config.conf File Size: 4076 BYTES custom.conf File Size: 20 BYTES database.conf File Size: 432 BYTES html.conf File Size: 2904 BYTES local.conf File Size: 538 BYTES manifest.conf File Size: 1752 BYTES messaging.conf File Size: 1430 BYTES news.conf File Size: 272 BYTES =============================================================== END OF FILE
  3. Still not working. This just doesn't make any sense cause my Steam friends list is available but I can't connect to the store or any other website.
  4. Farbar Service Scanner Version: 27-06-2013 Ran by Jordan (administrator) on 28-06-2013 at 03:21:31 Running from "C:\Users\Jordan\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Network **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Other errors Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ SDRSVC Service is not running. Checking service configuration: The start type of SDRSVC service is OK. The ImagePath of SDRSVC service is OK. The ServiceDll of SDRSVC service is OK. VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration: The start type of BITS service is OK. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. EventSystem Service is not running. Checking service configuration: The start type of EventSystem service is OK. The ImagePath of EventSystem service is OK. The ServiceDll of EventSystem service is OK. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  5. I'm still having problems connecting to the internet. In Chrome, I'm getting error 102, in IE I'm getting the "remote device won't accept connection" message and in Firefox, I'm just told that the page can't be found. ComboFix 13-06-27.02 - Jordan 06/27/2013 23:25:51.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8144.6364 [GMT -4:00] Running from: c:\users\Jordan\Desktop\ComboFix.exe AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\programdata\ReadOnlyInstaller.msi c:\programdata\uninstaller.exe c:\users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\snapshot9x7.png c:\windows\SysWow64\frapsvid.dll . . ((((((((((((((((((((((((( Files Created from 2013-05-28 to 2013-06-28 ))))))))))))))))))))))))))))))) . . 2013-06-28 03:32 . 2013-06-28 03:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-06-28 03:32 . 2013-06-28 03:32 -------- d-----w- c:\users\Mcx1-JORDAN-PC\AppData\Local\temp 2013-06-28 03:32 . 2013-06-28 03:32 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-26 18:29 . 2013-06-26 18:29 -------- d-----w- c:\users\Jordan\AppData\Local\VS Revo Group 2013-06-26 18:29 . 2013-06-26 18:29 -------- d-----w- c:\programdata\VS Revo Group 2013-06-26 17:01 . 2013-06-26 17:01 -------- d-----w- c:\program files\CCleaner 2013-06-26 16:02 . 2013-06-26 16:02 -------- d-----w- c:\windows\ERUNT 2013-06-26 16:02 . 2013-06-27 21:39 -------- d-----w- C:\JRT 2013-06-26 14:37 . 2013-06-26 14:37 -------- d-----w- c:\users\Jordan\AppData\Roaming\Malwarebytes 2013-06-26 14:37 . 2013-06-26 14:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-26 14:37 . 2013-06-26 14:37 -------- d-----w- c:\programdata\Malwarebytes 2013-06-26 14:37 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-26 14:36 . 2013-06-26 14:36 -------- d-----w- c:\users\Jordan\AppData\Local\Programs 2013-06-26 14:10 . 2013-06-26 14:10 -------- d-----w- c:\users\Jordan\AppData\Local\ElevatedDiagnostics 2013-06-25 20:33 . 2013-06-27 15:19 -------- d-----w- c:\program files (x86)\Video Thumbnails Maker 2013-06-25 20:16 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{81F25E42-137C-4DEB-BF2B-9944C7F68927}\mpengine.dll 2013-06-25 13:40 . 2013-06-25 13:40 -------- d-----w- c:\users\Jordan\AppData\Roaming\Smaller Animals Software 2013-06-25 02:03 . 2013-06-25 02:03 -------- d-----w- c:\users\Jordan\AppData\Roaming\FastStone 2013-06-24 20:15 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-23 09:31 . 2013-06-23 09:31 -------- d-----w- c:\users\Jordan\AppData\Roaming\2K Sports 2013-06-23 02:33 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2013-06-23 02:33 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys 2013-06-22 12:19 . 2013-06-22 12:19 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96E713FC-7101-4B9D-AC9B-67A016493EA0}\gapaengine.dll 2013-06-19 04:58 . 2013-06-19 04:58 -------- d-----w- c:\users\Jordan\AppData\Roaming\runic games 2013-06-19 04:54 . 2013-06-20 11:36 -------- d-----w- c:\users\Jordan\AppData\Local\GOG.com 2013-06-19 04:54 . 2013-06-24 12:56 -------- d-----w- c:\program files (x86)\GOG.com 2013-06-14 17:12 . 2013-06-14 17:12 -------- d-----w- c:\users\Jordan\AppData\Local\techland 2013-06-11 23:37 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-06-10 21:58 . 2013-06-11 00:23 -------- d-----w- c:\users\Jordan\AppData\Roaming\Rainmeter 2013-06-10 21:03 . 2013-06-10 21:03 -------- d-----w- c:\program files\Rainmeter 2013-06-10 21:03 . 2013-06-10 21:03 -------- d-----w- c:\programdata\Package Cache 2013-06-09 19:50 . 2013-06-09 19:50 -------- d-----w- c:\users\Jordan\AppData\Roaming\Trine2 2013-06-09 12:48 . 2013-06-09 12:48 -------- d-----w- c:\program files\iPod 2013-06-09 12:48 . 2013-06-09 12:49 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-09 12:48 . 2013-06-09 12:49 -------- d-----w- c:\program files\iTunes 2013-06-09 12:48 . 2013-06-09 12:49 -------- d-----w- c:\program files (x86)\iTunes 2013-06-01 04:57 . 2013-06-01 04:57 -------- d-----w- c:\users\Jordan\AppData\Local\Chromium 2013-06-01 04:57 . 2013-06-01 04:57 -------- d-----w- c:\programdata\Rockstar Games 2013-06-01 04:57 . 2013-06-01 04:57 -------- d-----w- c:\program files (x86)\Rockstar Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-28 03:23 . 2013-03-19 23:48 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-28 03:23 . 2012-06-24 21:59 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-06-28 03:23 . 2012-06-24 21:59 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-21 19:55 . 2012-06-25 17:28 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2013-06-21 19:55 . 2012-06-25 17:28 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-06-21 19:55 . 2012-06-25 17:28 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2013-06-21 19:55 . 2012-06-25 17:28 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-06-12 07:01 . 2012-07-19 04:54 75825640 ----a-w- c:\windows\system32\MRT.exe 2013-06-12 03:19 . 2012-06-24 22:02 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-06-12 03:19 . 2012-06-24 22:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-21 07:35 . 2013-03-12 22:05 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-05-16 11:08 . 2012-07-17 19:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-09 08:59 . 2013-03-19 23:48 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-09 08:59 . 2012-06-24 21:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-05-09 08:59 . 2012-06-24 21:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-09 08:59 . 2012-06-24 22:09 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2013-05-09 08:59 . 2012-06-24 21:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-09 08:59 . 2012-06-24 21:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-09 08:58 . 2012-06-24 21:59 41664 ----a-w- c:\windows\avastSS.scr 2013-05-09 08:58 . 2012-06-24 21:59 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-05-02 15:29 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-05-01 07:59 . 2013-05-01 07:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2013-05-01 07:59 . 2013-05-01 07:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2013-04-13 05:49 . 2013-05-15 11:36 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-15 11:36 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-15 11:36 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-15 11:36 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-15 11:36 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-15 11:36 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 14:45 . 2013-04-24 05:43 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-10 06:01 . 2013-05-15 11:36 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-04-10 06:01 . 2013-05-15 11:36 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-04-10 03:30 . 2013-05-15 11:36 3153920 ----a-w- c:\windows\system32\win32k.sys 2013-04-05 02:44 . 2013-04-05 02:43 121416 ----a-w- c:\windows\system32\drivers\MijXfilt.sys 2013-04-04 09:35 . 2013-05-16 11:14 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-03 11:50 . 2012-06-25 05:45 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-04-03 11:50 . 2012-06-25 05:45 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-04 00:49 222832 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-04 00:49 222832 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-04 00:49 222832 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2013-06-06 1641896] "SkyDrive"="c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-06-04 257136] "Akamai NetSession Interface"="c:\users\Jordan\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608] "RoccatIsku"="c:\program files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE" [2011-05-12 539688] "IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-02 140640] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720] "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392] . c:\users\Jordan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968] Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-6-9 38072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 aswKbd;aswKbd; [x] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x] S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys;c:\windows\SYSNATIVE\drivers\aswFW.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] S3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-19 08:39 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 03:19] . 2013-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 21:59] . 2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 21:59] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2013-06-04 00:49 261744 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2013-06-04 00:49 261744 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2013-06-04 00:49 261744 ----a-w- c:\users\Jordan\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-03-06 22:32 133840 ------w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 164016 ----a-w- c:\users\Jordan\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\csjsnfh4.default-1372267240893\ FF - ExtSQL: 2013-06-22 22:32; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-399010065-3411709917-534582811-1000\Software\SecuROM\License information*] "datasecu"=hex:a4,30,ba,1a,19,e9,6f,eb,e8,12,32,fc,62,f7,82,78,7f,39,3e,ba,be, 63,12,e7,bc,64,7c,25,72,27,0f,13,ea,8b,4f,2a,0a,71,86,08,08,20,28,81,d2,45,\ "rkeysecu"=hex:d2,ee,d2,af,ef,57,9a,8d,ee,cd,1d,9a,49,75,39,46 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-06-27 23:33:41 ComboFix-quarantined-files.txt 2013-06-28 03:33 . Pre-Run: 119,452,487,680 bytes free Post-Run: 119,075,319,808 bytes free . - - End Of File - - C4F5217BB9FB86D0720643166E37211E D41D8CD98F00B204E9800998ECF8427E
  6. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Jordan on Thu 06/27/2013 at 17:39:37.20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 06/27/2013 at 17:40:33.74 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  7. # AdwCleaner v2.303 - Logfile created 06/27/2013 at 17:38:55 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jordan - JORDAN-PC # Boot Mode : Safe mode with networking # Running from : C:\Users\Jordan\Desktop\Malware Removal\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16490 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\csjsnfh4.default-1372267240893\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.116 File : C:\Users\Jordan\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [5222 octets] - [26/06/2013 12:19:39] AdwCleaner[R2].txt - [5341 octets] - [26/06/2013 12:24:06] AdwCleaner[R3].txt - [1300 octets] - [26/06/2013 12:38:18] AdwCleaner[R4].txt - [1360 octets] - [26/06/2013 13:16:50] AdwCleaner[R5].txt - [1103 octets] - [27/06/2013 17:38:55] AdwCleaner[s1].txt - [340 octets] - [26/06/2013 12:23:39] AdwCleaner[s2].txt - [5332 octets] - [26/06/2013 12:31:53] ########## EOF - C:\AdwCleaner[R5].txt - [1282 octets] ##########
  8. Oh and if this changes anything, I am in safe mode right now with networking.
  9. Thanks for your help DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORKInternet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2Run by Jordan at 9:01:22 on 2013-06-27Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8144.4322 [GMT -4:00].AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Explorer.EXEC:\Windows\system32\ctfmon.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Jordan\Desktop\OTL.exeC:\Windows\notepad.exeC:\Windows\notepad.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [skyDrive] "C:\Users\Jordan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /backgrounduRun: [Akamai NetSession Interface] "C:\Users\Jordan\AppData\Local\Akamai\netsession_win.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"mRun: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exemRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\Users\Jordan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jordan\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\Jordan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.1.254TCP: Interfaces\{4C500552-79EA-4C9A-89CF-A0666DEA2AFB} : DHCPNameServer = 192.168.1.254TCP: Interfaces\{4C500552-79EA-4C9A-89CF-A0666DEA2AFB}\2375942554737363 : DHCPNameServer = 192.168.1.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrunx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logonx64-RunOnce: [GrpConv] grpconv -ox64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Jordan\AppData\Roaming\Mozilla\Firefox\Profiles\csjsnfh4.default-1372267240893\FF - ExtSQL: 2013-06-22 22:32; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF.============= SERVICES / DRIVERS ===============.R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-6-24 22600]R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-6-24 12368]R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2013-6-22 270824]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-6-24 16152]R1 aswFW;avast! TDI Firewall Driver;C:\Windows\System32\drivers\aswFW.sys [2013-6-22 131232]R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-6-24 355096]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-6-24 786200]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-24 646248]R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-19 65336]S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-19 189936]S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-6-24 1025808]S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-6-24 378432]S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-6-24 33400]S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-6-24 80816]S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-19 45248]S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-6-22 137960]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-24 13592]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-24 161560]S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 130008]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-24 363800]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-30 57856]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-4-4 121416]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-25 1255736].=============== Created Last 30 ================.2013-06-26 18:29:34 -------- d-----w- C:\Users\Jordan\AppData\Local\VS Revo Group2013-06-26 18:29:32 -------- d-----w- C:\ProgramData\VS Revo Group2013-06-26 17:01:18 -------- d-----w- C:\Program Files\CCleaner2013-06-26 16:02:22 -------- d-----w- C:\Windows\ERUNT2013-06-26 16:02:18 -------- d-----w- C:\JRT2013-06-26 14:37:23 -------- d-----w- C:\Users\Jordan\AppData\Roaming\Malwarebytes2013-06-26 14:37:18 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-06-26 14:37:18 -------- d-----w- C:\ProgramData\Malwarebytes2013-06-26 14:37:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-06-26 14:36:59 -------- d-----w- C:\Users\Jordan\AppData\Local\Programs2013-06-26 14:10:10 -------- d-----w- C:\Users\Jordan\AppData\Local\ElevatedDiagnostics2013-06-25 20:33:46 -------- d-----w- C:\Program Files (x86)\Video Thumbnails Maker2013-06-25 20:16:57 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{81F25E42-137C-4DEB-BF2B-9944C7F68927}\mpengine.dll2013-06-25 13:40:42 -------- d-----w- C:\Users\Jordan\AppData\Roaming\Smaller Animals Software2013-06-25 02:03:54 -------- d-----w- C:\Users\Jordan\AppData\Roaming\FastStone2013-06-24 21:38:04 33958 ----a-w- C:\ProgramData\uninstaller.exe2013-06-24 20:15:56 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-06-23 09:31:37 -------- d-----w- C:\Users\Jordan\AppData\Roaming\2K Sports2013-06-23 02:33:02 270824 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys2013-06-23 02:33:02 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys2013-06-22 12:19:49 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96E713FC-7101-4B9D-AC9B-67A016493EA0}\gapaengine.dll2013-06-19 04:58:47 -------- d-----w- C:\Users\Jordan\AppData\Roaming\runic games2013-06-19 04:54:12 -------- d-----w- C:\Users\Jordan\AppData\Local\GOG.com2013-06-19 04:54:07 -------- d-----w- C:\Program Files (x86)\GOG.com2013-06-14 17:12:52 -------- d-----w- C:\Users\Jordan\AppData\Local\techland2013-06-11 23:37:32 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-10 21:58:14 -------- d-----w- C:\Users\Jordan\AppData\Roaming\Rainmeter2013-06-10 21:03:33 -------- d-----w- C:\Program Files\Rainmeter2013-06-10 21:03:23 -------- d-----w- C:\ProgramData\Package Cache2013-06-09 19:50:06 -------- d-----w- C:\Users\Jordan\AppData\Roaming\Trine22013-06-09 12:48:48 -------- d-----w- C:\Program Files\iPod2013-06-09 12:48:47 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-06-09 12:48:47 -------- d-----w- C:\Program Files\iTunes2013-06-09 12:48:47 -------- d-----w- C:\Program Files (x86)\iTunes2013-06-01 04:57:42 -------- d-----w- C:\Users\Jordan\AppData\Local\Chromium2013-06-01 04:57:32 -------- d-----w- C:\ProgramData\Rockstar Games2013-06-01 04:57:22 -------- d-----w- C:\Program Files (x86)\Rockstar Games2013-05-29 03:26:46 -------- d-sh--w- C:\found.000.==================== Find3M ====================.2013-06-21 19:55:44 466456 ----a-w- C:\Windows\System32\wrap_oal.dll2013-06-21 19:55:44 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll2013-06-21 19:55:44 122904 ----a-w- C:\Windows\System32\OpenAL32.dll2013-06-21 19:55:44 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll2013-06-12 03:19:12 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-06-12 03:19:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-05-09 08:59:06 22600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-04-05 02:44:46 121416 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys2013-04-04 09:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-04-03 11:50:47 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-04-03 11:50:47 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll.============= FINISH: 9:01:41.40 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 6/24/2012 1:50:35 PMSystem Uptime: 6/26/2013 1:36:02 PM (20 hours ago).Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-V LXProcessor: Intel® Core i5-3570K CPU @ 3.40GHz | LGA1155 | 3410/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 931 GiB total, 112.424 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: aswRvrtDevice ID: ROOT\LEGACY_ASWRVRT\0000Manufacturer: Name: aswRvrtPNP Device ID: ROOT\LEGACY_ASWRVRT\0000Service: aswRvrt.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: avast! Network Shield SupportDevice ID: ROOT\LEGACY_ASWTDI\0000Manufacturer: Name: avast! Network Shield SupportPNP Device ID: ROOT\LEGACY_ASWTDI\0000Service: aswTdi.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: aswVmmDevice ID: ROOT\LEGACY_ASWVMM\0000Manufacturer: Name: aswVmmPNP Device ID: ROOT\LEGACY_ASWVMM\0000Service: aswVmm.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: Security Processor Loader DriverDevice ID: ROOT\LEGACY_SPLDR\0000Manufacturer: Name: Security Processor Loader DriverPNP Device ID: ROOT\LEGACY_SPLDR\0000Service: spldr.==== System Restore Points ===================.RP219: 6/25/2013 9:40:54 AM - Installed ThumbNailerRP220: 6/25/2013 9:42:30 AM - Removed ThumbNailerRP221: 6/25/2013 4:16:35 PM - Windows UpdateRP222: 6/26/2013 12:54:18 PM - Removed YTD Toolbar v7.2..==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.7)Akamai NetSession InterfaceAmazon MP3 Downloader 1.0.17Apple Application SupportApple Mobile Device SupportApple Software UpdateAsus 802.11n Network Adapteravast! Internet SecurityBonjourBurnout Paradise The Ultimate BoxCanon IJ Network Scan UtilityCanon IJ Network ToolCanon Inkjet Printer/Scanner/Fax Extended Survey ProgramCanon MG5200 series MP DriversCanon MG5200 series User RegistrationCanon My PrinterCapsuleCCleanerCompany of HeroesCrayon Physics Deluxe version 55Crysis 2 Maximum EditionD3DX10DarksidersInstallerDear EstherDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDishonoredDon't StarveDropboxDual-Core OptimizerDuplicate Cleaner Free 3.0.1DustforceEA SPORTS Game Face Browser Plugin 1.5.3.0EVGA OC Scanner X 2.1.2EVGA Precision 2.0.4EVGA SLI Enhancement PatchFable - The Lost ChaptersFar Cry 3FLV to MP3 Free Converter 3.2.20FrapsFree WMA to MP3 Converter 1.16GameSpy ComradeGoogle ChromeGoogle Update HelperGrand Theft Auto IVHitman: AbsolutionHotline MiamiIntel® Control CenterIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyIntel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientIntel® Watchdog Timer Driver (Intel® WDT)iTunesJava 7 Update 21Java Auto UpdaterJavaFX 2.1.1Junk Mail filter updateL.A. NoireLogitech Harmony Remote SoftwareMafia IIMalwarebytes Anti-Malware version 1.75.0.1300Mark of the NinjaMax Payne 3Microsoft .NET Framework 1.1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bitMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106Microsoft Xbox 360 Accessories 1.2Microsoft XNA Framework Redistributable 3.1MotioninJoy Gamepad tool 0.7.0000Movie MakerMozilla Firefox 21.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSVCRT110MSVCRT110_amd64NBA 2K13Nexus Mod ManagerNVIDIA 3D Vision Controller Driver 310.70NVIDIA 3D Vision Driver 311.06NVIDIA Control Panel 311.06NVIDIA Graphics Driver 311.06NVIDIA HD Audio Driver 1.3.18.0NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.12.1031NVIDIA Stereoscopic 3D DriverNVIDIA Update 1.11.3NVIDIA Update ComponentsOpenALOriginPhoto CommonPhoto GalleryPid PunkBuster ServicesQuickTimeRainmeterRapture3D 2.4.11 GameRealtek Ethernet Controller DriverRealtek High Definition Audio DriverRed Faction: Guerrilla Remember MeROCCAT Isku Keyboard DriverRochardRockstar Games Social ClubScribblenauts UnlimitedSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit EditionSecurity Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687501) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft OneNote 2010 (KB2760600) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760410) 32-Bit EditionSEGA Genesis & Mega Drive ClassicsShank 2Sid Meier's Civilization VSleeping Dogs™SnapshotStar Wars: Knights of the Old RepublicStar Wars: Knights of the Old Republic IISteamSuper Meat BoySuper Meat Boy EditorSystem Requirements Lab CYRIThe Darkness IIThe Elder Scrolls V: SkyrimThe Witcher 2: Assassins of Kings Enhanced EditionTorchlightUnity Web PlayerUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553378) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687509) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2597090) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2598240) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUplayVideo Thumbnails Maker by Scorp (remove only)VLC media player 2.0.5Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 4.20 (64-bit)YTD Video Downloader 3.9.2.==== Event Viewer Messages From Past Week ========.6/27/2013 8:58:50 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.6/27/2013 1:45:15 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}6/26/2013 1:38:28 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.6/26/2013 1:37:49 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.6/26/2013 1:37:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/26/2013 1:37:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}6/26/2013 1:37:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/26/2013 1:37:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}6/26/2013 1:36:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache MpFilter spldr Wanarpv66/26/2013 1:36:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}6/26/2013 1:36:27 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.6/26/2013 1:34:03 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).6/26/2013 1:34:03 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.6/26/2013 1:32:05 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3. The computer with the IP address 192.168.1.13 did not allow the name to be claimed by this computer.6/26/2013 1:31:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the avast! Firewall service to connect.6/26/2013 1:31:36 PM, Error: Service Control Manager [7000] - The avast! Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/26/2013 1:30:16 PM, Error: BROWSER [8020] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is unknown.6/26/2013 1:10:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.6/26/2013 1:10:15 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/26/2013 1:10:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/26/2013 1:09:49 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.6/26/2013 1:09:49 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535..==== End Of File ===========================
  10. I recently downloaded a file from cnet and ended up getting sweetpacks/wecare installed on all of my browsers. I've used cccleaner, hijackthis, junkware removal, malwarebytes, rkill, and adwcleaner and their logs keep telling me that everything is gone but I still can't connect to the internet. At first, it seemed that this would only happen if I had Firefox open (I downloaded the file while using Firefox so I thought that that was the issue) but now, I just can't get on the internet no matter what browser I use. I've reset Firefox and have gone through IE and Chrome to make sure that the sweetpacks extensions were deleted but, though the toolbars no longer exist and the sweetpacks/wecare homepages don't show up, I can't do anything. I am occasionally able to search for something on google but if I click on one of the results, I get a message saying that the browser can't access the page. Does anyone have any idea what I could be missing? Thanks for any help you guys can provide.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.