Jump to content

solarsailer

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. solarsailer
    Everything seems much better. Are there any other scans that I should run?
  2. solarsailer
    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BarowwsoeSave4.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\Documents and Settings\All Users\Start Menu\Programs\RAR File Open Knife - Free Opener\RAR File Open Knife - Free Opener Updates.lnk LNK/URL.B trojan cleaned by deleting - quarantined C:\Documents and Settings\Greg\Desktop\Paul USB\Computer Stuff\Finished programs\capslock.vbs MSIL/Agent.EH trojan cleaned by deleting - quarantined C:\Documents and Settings\Greg\Desktop\Paul USB\Computer Stuff\Finished programs\cd.vbs VBS/EjectCD.D application cleaned by deleting - quarantined C:\Documents and Settings\Greg\Desktop\Paul USB\Computer Stuff\Vbs outline\capslock.txt MSIL/Agent.EH trojan cleaned by deleting - quarantined C:\Documents and Settings\Greg\Desktop\Paul USB\Computer Stuff\Vbs outline\cd code.txt VBS/EjectCD.D application cleaned by deleting - quarantined C:\Documents and Settings\Greg\Desktop\Paul USB\Computer Stuff\Vbs outline\cd code.vbs VBS/EjectCD.D application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP799\A0135945.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142231.exe a variant of Win32/Conduit.SearchProtect.B application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142244.exe Win32/GenUpdater application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142261.exe a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142264.exe a variant of Win32/SpeedingUpMyPC application deleted - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142286.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142287.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142288.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142290.dll probably a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142294.exe multiple threats cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142295.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142296.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142297.dll a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142298.exe a variant of Win32/Conduit.SearchProtect.B application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP832\A0142300.dll probably a variant of Win32/Conduit.SearchProtect.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0142949.exe Win32/InstalleRex.J application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0142950.exe Win32/InstalleRex.J application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0142974.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0142975.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0142976.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0143033.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP835\A0143064.exe Win32/InstalleRex.J application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP837\A0143512.dll Win32/GenUpdater application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP837\A0143514.exe Win32/GenUpdater application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP837\A0143521.exe Win32/OpenCandy application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP837\A0143522.exe Win32/OpenCandy application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0143885.rbf Win32/Toolbar.Widgi application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0143886.rbf a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0143899.msi probably a variant of Win32/Toolbar.Widgi application deleted - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144296.exe Win32/InstalleRex.J application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144297.exe a variant of Win32/YourFileDownloader.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144298.exe a variant of Win32/YourFileDownloader.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144299.exe Win32/Adware.1ClickDownload.AJ application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144327.exe Win32/InstalleRex.J application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144329.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144330.exe Win32/OpenCandy application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144331.exe Win32/TopMedia.B application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144332.exe a variant of Win32/YourFileDownloader.B application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144333.exe Win32/InstallCore.BL application cleaned by deleting - quarantined C:\System Volume Information\_restore{55038D67-B95D-40FC-9558-3D035E600623}\RP839\A0144335.exe Win32/InstallCore.BL application cleaned by deleting - quarantined
  3. solarsailer
    ComboFix 13-06-24.01 - Greg 06/24/2013 9:04.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1790.935 [GMT -4:00] Running from: c:\documents and settings\Greg\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_ctypes.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_elementtree.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_hashlib.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_multiprocessing.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_socket.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\_ssl.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\pyexpat.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\pysqlite2._sqlite.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\python27.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\pythoncom27.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\PyWinTypes27.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\select.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\unicodedata.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32api.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32com.shell.shell.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32crypt.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32event.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32file.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32inet.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32pdh.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32process.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32profile.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32security.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\win32ts.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\windows._cacheinvalidation.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._controls_.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._core_.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._gdi_.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._html2.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._misc_.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._windows_.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wx._wizard.pyd c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxbase294u_net_vc90.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxbase294u_vc90.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxmsw294u_adv_vc90.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxmsw294u_core_vc90.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxmsw294u_html_vc90.dll c:\docume~1\Greg\LOCALS~1\Temp\_MEI27522\wxmsw294u_webview_vc90.dll c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Greg\Local Settings\Application Data\assembly\tmp c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_ctypes.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_elementtree.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_hashlib.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_multiprocessing.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_socket.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\_ssl.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\pyexpat.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\pysqlite2._sqlite.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\python27.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\pythoncom27.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\PyWinTypes27.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\select.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\unicodedata.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32api.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32com.shell.shell.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32crypt.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32event.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32file.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32inet.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32pdh.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32process.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32profile.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32security.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\win32ts.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\windows._cacheinvalidation.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._controls_.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._core_.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._gdi_.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._html2.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._misc_.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._windows_.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wx._wizard.pyd c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxbase294u_net_vc90.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxbase294u_vc90.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxmsw294u_adv_vc90.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxmsw294u_core_vc90.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxmsw294u_html_vc90.dll c:\documents and settings\Greg\Local Settings\Temp\_MEI27522\wxmsw294u_webview_vc90.dll c:\documents and settings\Greg\WINDOWS c:\windows\system32\Cache c:\windows\system32\Cache\07d79ea6e9197458.fb c:\windows\system32\Cache\0b51027f0d1fc725.fb c:\windows\system32\Cache\123676587363b210.fb c:\windows\system32\Cache\26c630d098e22dd5.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\71edcc43c8e5b583.fb c:\windows\system32\Cache\937efc10453662c2.fb c:\windows\system32\Cache\95f567698be8a182.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\c70c951ed3fcd413.fb c:\windows\system32\Cache\cc1d4efff3a2d012.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\e9cd894ee8637e65.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\Cache\fa87d76cb1aaf7f0.fb c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2013-05-24 to 2013-06-24 ))))))))))))))))))))))))))))))) . . 2013-06-24 13:12 . 2013-06-24 13:12 63115 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS 2013-06-24 13:12 . 2013-06-24 13:12 4599 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS 2013-06-24 13:12 . 2013-06-24 13:12 6429 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS 2013-06-24 13:12 . 2013-06-24 13:12 9310 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS 2013-06-24 13:12 . 2013-06-24 13:12 8646 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS 2013-06-24 13:12 . 2013-06-24 13:12 5927 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS 2013-06-24 13:12 . 2013-06-24 13:12 8613 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS 2013-06-24 13:12 . 2013-06-24 13:12 1651 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS 2013-06-24 13:12 . 2013-06-24 13:12 6910 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS 2013-06-24 13:12 . 2013-06-24 13:12 8288 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS 2013-06-24 13:12 . 2013-06-24 13:12 6208 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS 2013-06-24 13:12 . 2013-06-24 13:12 18541 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS 2013-06-24 13:11 . 2013-06-24 13:11 51852 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS 2013-06-24 13:11 . 2013-06-24 13:11 7271 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS 2013-06-24 13:11 . 2013-06-24 13:11 23327 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS 2013-06-24 12:31 . 2013-06-24 12:31 -------- d-----w- c:\windows\ERUNT 2013-06-24 12:31 . 2013-06-24 12:31 -------- d-----w- C:\JRT 2013-06-23 22:23 . 2013-06-23 22:23 -------- d--h--w- c:\windows\PIF 2013-06-22 12:01 . 2013-06-22 12:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-06-22 12:01 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-21 21:38 . 2013-06-21 21:38 -------- d-----w- c:\documents and settings\Greg\Application Data\Passware 2013-06-21 21:38 . 2013-06-21 21:38 -------- d-----w- c:\program files\Passware 2013-06-21 13:02 . 2013-06-21 13:02 -------- d-----w- c:\documents and settings\Greg\Local Settings\Application Data\BCULog 2013-06-21 12:57 . 2013-06-21 12:57 -------- d-----w- c:\documents and settings\Greg\Application Data\DownLite 2013-06-21 12:57 . 2013-06-21 12:57 -------- d-----w- c:\program files\DownLite 2013-06-20 15:56 . 2013-06-20 15:56 -------- d-----w- c:\program files\CCleaner 2013-06-18 21:16 . 2013-06-18 21:16 -------- d-----w- c:\documents and settings\Greg\Local Settings\Application Data\CRE 2013-06-12 16:42 . 2013-06-18 20:06 -------- d-----w- c:\documents and settings\Greg\Application Data\.minecraft 2013-05-30 18:11 . 2013-05-30 18:11 -------- d-----w- c:\documents and settings\Greg\Application Data\SUPERAntiSpyware.com 2013-05-30 18:10 . 2013-06-03 17:31 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-05-30 18:10 . 2013-05-30 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2013-05-28 17:36 . 2013-05-28 17:36 -------- d-----w- c:\documents and settings\Greg\Application Data\Minecraft 1.5.2 2013-05-26 16:42 . 2013-05-26 16:42 -------- d-----w- c:\program files\TLC 2013-05-26 16:42 . 1997-09-23 15:02 289280 ----a-w- c:\windows\uninst.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-12 01:31 . 2012-04-10 20:27 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-12 01:31 . 2011-05-15 13:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-24 15:11 . 2013-05-24 15:11 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-05-24 15:11 . 2013-05-24 15:11 144896 ----a-w- c:\windows\system32\javacpl.cpl 2013-05-24 15:11 . 2012-07-17 20:07 866720 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-05-24 15:11 . 2010-05-04 21:03 788896 ----a-w- c:\windows\system32\deployJava1.dll 2013-05-21 16:06 . 2012-11-21 14:09 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-05-19 13:34 . 2009-11-11 00:37 17488 ----a-w- c:\windows\gdrv.sys 2013-05-07 22:30 . 2006-02-28 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:30 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:30 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 01:30 . 2006-02-28 12:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 00:38 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-13 02:36 . 2013-03-16 17:20 2379552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2013-04-10 01:31 . 2006-02-28 12:00 1876352 ----a-w- c:\windows\system32\win32k.sys 2013-03-29 06:53 . 2013-02-27 03:40 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-11-29 08:27 . 2012-12-18 23:05 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2008-01-04 202024] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-04-16 19662744] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-06-03 4760816] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-03 98304] "RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-29 4408368] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\documents and settings\Greg\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Maxis\\SimCity 3000 Unlimited\\Apps\\Updater\\UPDATER.EXE"= "c:\\Program Files\\Atari\\Axis & Allies\\AA.exe"= "c:\\Program Files\\Firaxis Games\\Civilization III Complete\\Conquests\\Civ3Conquests.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"= "c:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Documents and Settings\\Greg\\Application Data\\Spotify\\spotify.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"= "c:\\Documents and Settings\\Greg\\My Documents\\Software downloads\\Passware Kit Forensic 11\\PasswareKit Forensic 11 Portable\\PasswareKit Forensic 11 Portable\\PasswareKitForensic.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2/8/2013 4:37 AM 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2/8/2013 4:37 AM 245048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2/8/2013 4:37 AM 39224] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2/26/2013 11:40 PM 208184] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [3/1/2013 10:32 AM 22328] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/8/2013 4:37 AM 170808] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2/14/2013 3:52 AM 182072] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [11/21/2012 10:09 AM 37664] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [7/11/2012 2:54 PM 116608] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [5/14/2013 12:54 AM 4937264] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [4/18/2013 4:34 AM 283136] R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [5/21/2013 12:07 PM 1015984] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11/7/2009 8:22 PM 1684736] S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2/28/2011 6:44 PM 183560] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [3/10/2010 9:18 AM 24216] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/22/2009 11:08 PM 47128] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [3/30/2009 3:09 AM 239336] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [3/30/2009 3:23 AM 366936] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-21 12:40 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 01:31] . 2013-05-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57] . 2013-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 12:46] . 2013-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-08 12:46] . 2010-08-06 c:\windows\Tasks\switchDowngrade.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-05-08 22:39] . 2010-08-21 c:\windows\Tasks\switchShakeIcon.job - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-05-08 22:39] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Greg\Application Data\Mozilla\Firefox\Profiles\toc2u9t4.default\ FF - ExtSQL: 1969-12-31 19:00; {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}; c:\documents and settings\Greg\Application Data\Mozilla\Firefox\Profiles\toc2u9t4.default\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} FF - ExtSQL: !HIDDEN! 2009-12-07 21:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . - - - - ORPHANS REMOVED - - - - . AddRemove-EasylifeGadget Updater - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\EASYLI~1\Setup.exe AddRemove-SP_09b71135 - c:\program files\ContinueToSave\uninstall.exe AddRemove-{1F4BF66D-4E54-7EF3-043D-8B2605CDBDBC} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{BECE0~1\Setup.exe AddRemove-{74283913-E031-91A5-F964-235DA8C65ED2} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{2FF60~1\Setup.exe AddRemove-{815A9CB3-5785-A314-4B93-A1CCCBEF06C1} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{0D467~1\Setup.exe AddRemove-{8B319692-E94F-496C-AB87-A16D50D2B464} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{8B319~1\Setup.exe AddRemove-{EAECEA7B-AA29-FDB1-C943-FA7AC25EDCAF} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{7AF8B~1\Setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-06-24 09:14 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-842925246-1647877149-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(972) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3696) c:\windows\system32\WININET.dll c:\program files\Google\Drive\googledrivesync32.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\windows\RTHDCPL.EXE c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . ************************************************************************** . Completion time: 2013-06-24 09:20:36 - machine was rebooted ComboFix-quarantined-files.txt 2013-06-24 13:20 . Pre-Run: 237,638,549,504 bytes free Post-Run: 239,398,793,216 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - F9AD5B16B048BA5C510EDBED825728CA 8F558EB6672622401DA993E1E865C861
  4. solarsailer
    Malwarebytes Log -------------------------------- Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.24.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Greg :: GREG-NEW [administrator] 6/24/2013 8:45:01 AM mbam-log-2013-06-24 (08-45-01).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 228574 Time elapsed: 7 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  5. solarsailer
    AdwCleaner Log ------------------------ # AdwCleaner v2.303 - Logfile created 06/24/2013 at 08:38:09# Updated 08/06/2013 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : Greg - GREG-NEW# Boot Mode : Normal# Running from : C:\Documents and Settings\Greg\Desktop\AdwCleaner.exe# Option [Delete] ***** [services] ***** Stopped & Deleted : BCUService ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\chpkclalkifffkhkaccoekoiacinanddDeleted on reboot : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fghbhblegnnkealgjkkbipepjdedlbciDeleted on reboot : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ljaacnlcmahgkijflipagjmdippkbijoDeleted on reboot : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lofhccknnfomeehfjjhjjfbinfkhdmocDeleted on reboot : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofDeleted on reboot : C:\Program Files\Common Files\AVG Secure SearchFile Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xmlFolder Deleted : C:\DOCUME~1\Greg\LOCALS~1\Temp\IndustriyaFolder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure SearchFolder Deleted : C:\Documents and Settings\All Users\Application Data\continuetosayvieFolder Deleted : C:\Documents and Settings\All Users\Application Data\MAgniPiicFolder Deleted : C:\Documents and Settings\All Users\Application Data\safee ysavveFolder Deleted : C:\Documents and Settings\All Users\Application Data\SearchNewTabFolder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\continuetosayvieFolder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\safee ysavveFolder Deleted : C:\Documents and Settings\Greg\Application Data\AVG Secure SearchFolder Deleted : C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\toc2u9t4.default\ConduitFolder Deleted : C:\Documents and Settings\Greg\Application Data\NCdownloaderFolder Deleted : C:\Documents and Settings\Greg\Local Settings\Application Data\AVG Secure SearchFolder Deleted : C:\Documents and Settings\Greg\Local Settings\Application Data\PackageAwareFolder Deleted : C:\Program Files\AVG Secure SearchFolder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TBFolder Deleted : C:\Program Files\DeviceVM ***** [Registry] ***** Key Deleted : HKCU\Software\AVG Secure SearchKey Deleted : HKCU\Software\DeviceVMKey Deleted : HKCU\Software\ImeshKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3B5FB28-B857-904E-051A-7B5D15BE7EFD}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{279E9C3B-8CF5-F95D-048D-151345594AEB}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B2D71EF-DC10-D493-E66D-E91F834479D6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3B5FB28-B857-904E-051A-7B5D15BE7EFD}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKCU\Software\PrivitizeVPNInstallDatesKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKLM\Software\AVG Secure SearchKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}Key Deleted : HKLM\Software\DeviceVMKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dllKey Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pssKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{924C3DC2-8E4E-432E-F973-9A2174A39774}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EB03EF39-C655-D560-FA95-79182B837D64}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure SearchKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{924C3DC2-8E4E-432E-F973-9A2174A39774}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\Software\SP GlobalKey Deleted : HKLM\Software\SProtectorValue Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v17.0.1 (en-US) File : C:\Documents and Settings\Greg\Application Data\Mozilla\Firefox\Profiles\toc2u9t4.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.116 File : C:\Documents and Settings\Greg\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [11531 octets] - [24/06/2013 08:38:09] ########## EOF - C:\AdwCleaner[s1].txt - [11592 octets] ##########
  6. solarsailer
    JRT Log ----------------------------------- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 4.9.4 (05.06.2013:1)OS: Microsoft Windows XP x86Ran by Greg on Mon 06/24/2013 at 8:32:01.32~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLsSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-842925246-1647877149-725345543-1004\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownloadSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearchSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotectorSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\menuext\&searchSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\discoveryhelper.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\gifanimator.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imtrprogress.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imweb.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\scripthelper.exeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\viprotocol.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\wmhelper.dllSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discoverySuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapiSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocololeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip" Successfully deleted: [Registry Key] "hkey_local_machine\software\pip" ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\installmate"Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ytd video downloader"Successfully deleted: [Folder] "C:\Documents and Settings\Greg\Application Data\industriya"Successfully deleted: [Folder] "C:\Documents and Settings\Greg\Local Settings\Application Data\opencandy"Successfully deleted: [Folder] "C:\Program Files\continuetosave"Successfully deleted: [Folder] "C:\Documents and Settings\All Users\start menu\programs\ytd video downloader" ~~~ FireFox Successfully deleted: [File] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\user.jsSuccessfully deleted: [File] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\searchplugins\privitize.xmlSuccessfully deleted: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\conduitcommonSuccessfully deleted: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\extensions\stagedFailed to delete: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\extensions\ytd@mybrowserbar.comSuccessfully deleted: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\extensions\{739DF940-C5EE-4BAB-9D7E-270894AE687A}Successfully deleted: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\extensions\{7AFFBFAE-C4E2-4915-8C0F-00FA3EC610A1}Successfully deleted: [Folder] C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\extensions\{7B13EC3E-999A-4B70-B9CB-2617B8323822}Successfully deleted the following from C:\Documents and Settings\Greg\Application Data\mozilla\firefox\profiles\toc2u9t4.default\prefs.js user_pref("browser.search.selectedEngine", "Search The Web (privitize)");user_pref("browser.search.order.1", "Search The Web (privitize)"); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 06/24/2013 at 8:34:10.07End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  7. solarsailer
    DDS Log ------------------- DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2Run by Greg at 18:24:21 on 2013-06-23Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1790.883 [GMT -4:00].AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG2013\avgwdsvc.exeC:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\AVG\AVG2013\avgui.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Java\jre7\bin\jqs.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Google\Drive\googledrivesync.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binc:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exeC:\Program Files\Microsoft\BingBar\SeaPort.EXEc:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Google\Drive\googledrivesync.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Common Files\Java\Java Update\jucheck.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.6\ytdToolbarIE.dlluURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dlldURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllBHO: BHO Class: {DD92DE22-ED91-4560-B788-DEE2B26612E6} - c:\program files\devicevm\browser configuration utility\IEHelper.dllBHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.6\ytdToolbarIE.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\6.6\ytdToolbarIE.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostartuRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exemRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [RTHDCPL] RTHDCPL.EXEmRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exemRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLYmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"StartupFolder: c:\docume~1\greg\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: &Search - ?s=100000345&p=ZLman000&si=&a=N994RD1MNQxO_ouXnVSC4g&n=2010100310IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.2.0\ViProtocol.dllNotify: AtiExtEvent - Ati2evxx.dllAppInit_DLLs= c:\progra~1\contin~1\sprote~1.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\greg\application data\mozilla\firefox\profiles\toc2u9t4.default\FF - prefs.js: browser.search.selectedEngine - Search The Web (privitize)FF - plugin: c:\documents and settings\greg\application data\facebook\npfbplugin_1_0_1.dllFF - plugin: c:\documents and settings\greg\application data\mozilla\firefox\profiles\toc2u9t4.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\plugins\np-mswmp.dllFF - plugin: c:\documents and settings\greg\local settings\application data\unity\webplayer\loader\npUnity3D32.dllFF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dllFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npptools.dllFF - plugin: c:\windows\system32\npwmsdrm.dllFF - ExtSQL: 1969-12-31 19:00; {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}; c:\documents and settings\greg\application data\mozilla\firefox\profiles\toc2u9t4.default\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}FF - ExtSQL: !HIDDEN! 2009-12-07 21:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension.---- FIREFOX POLICIES ----FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(extensions.privitize.autoRvrt, falseFF - user.js: extensions.privitize.rvrt - falseFF - user.js: extensions.privitize.hmpg - trueFF - user.js: extensions.privitize.hpOld0 - FF - user.js: extensions.privitize.dfltSrch - trueFF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize)FF - user.js: extensions.privitize.dnsErr - trueFF - user.js: extensions.privitize.newTab - true.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-11-21 37664]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2009-11-7 212232]R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-7 1684736]S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 24216]S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVENG.SYS [?]S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVEX15.SYS [?]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936].=============== File Associations ===============.ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" .=============== Created Last 30 ================.2013-06-23 22:23:08 -------- d--h--w- c:\windows\PIF2013-06-22 12:01:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-22 12:01:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-06-21 21:38:59 -------- d-----w- c:\documents and settings\greg\application data\Passware2013-06-21 21:38:41 -------- d-----w- c:\program files\Passware2013-06-21 13:02:20 -------- d-----w- c:\documents and settings\greg\local settings\application data\BCULog2013-06-21 13:00:50 -------- d-----w- c:\documents and settings\all users\application data\MAgniPiic2013-06-21 12:57:36 -------- d-----w- c:\documents and settings\greg\application data\DownLite2013-06-21 12:57:09 -------- d-----w- c:\program files\DownLite2013-06-21 12:56:42 -------- d-----w- c:\documents and settings\greg\application data\Industriya2013-06-21 12:51:45 -------- d-----w- c:\documents and settings\all users\application data\SearchNewTab2013-06-20 15:56:33 -------- d-----w- c:\program files\CCleaner2013-06-18 21:16:21 -------- d-----w- c:\documents and settings\greg\local settings\application data\CRE2013-06-18 21:15:15 -------- d-----w- c:\documents and settings\all users\application data\safee ysavve2013-06-12 16:42:14 -------- d-----w- c:\documents and settings\greg\application data\.minecraft2013-05-30 18:11:06 -------- d-----w- c:\documents and settings\greg\application data\SUPERAntiSpyware.com2013-05-30 18:10:55 -------- d-----w- c:\program files\SUPERAntiSpyware2013-05-30 18:10:55 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com2013-05-28 17:36:54 -------- d-----w- c:\documents and settings\greg\application data\Minecraft 1.5.22013-05-26 16:42:31 -------- d-----w- c:\program files\TLC2013-05-26 16:42:17 289280 ----a-w- c:\windows\uninst.exe.==================== Find3M ====================.2013-06-12 01:31:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-06-12 01:31:59 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-05-24 15:11:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-05-24 15:11:20 144896 ----a-w- c:\windows\system32\javacpl.cpl2013-05-24 15:11:19 866720 ----a-w- c:\windows\system32\npDeployJava1.dll2013-05-24 15:11:19 788896 ----a-w- c:\windows\system32\deployJava1.dll2013-05-21 16:06:57 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2013-05-19 13:34:27 17488 ----a-w- c:\windows\gdrv.sys2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll2013-05-07 22:30:05 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-05-07 22:30:05 1469440 ------w- c:\windows\system32\inetcpl.cpl2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec2013-05-03 01:30:20 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe2013-05-03 00:38:17 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys2013-03-29 06:53:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys.============= FINISH: 18:25:31.03 ===============
  8. solarsailer
    Attach log ---------------------- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 11/7/2009 8:13:27 PMSystem Uptime: 6/23/2013 6:14:33 PM (0 hours ago).Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA785GM-US2HProcessor: AMD Athlon II X2 245 Processor | Socket M2 | 2913/200mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 298 GiB total, 221.481 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP787: 3/24/2013 7:42:30 PM - Software Distribution Service 3.0RP788: 4/12/2013 10:16:06 PM - Software Distribution Service 3.0RP789: 4/28/2013 2:52:06 PM - Removed AVG 2013RP790: 4/28/2013 2:53:34 PM - Removed AVG 2013RP791: 4/28/2013 2:56:29 PM - Installed AVG 2013RP792: 4/28/2013 3:03:07 PM - Installed AVG 2013RP793: 4/29/2013 3:42:29 PM - System CheckpointRP794: 4/30/2013 4:52:14 PM - System CheckpointRP795: 5/1/2013 5:12:41 PM - System CheckpointRP796: 5/2/2013 5:46:03 PM - System CheckpointRP797: 5/3/2013 7:34:00 PM - System CheckpointRP798: 5/5/2013 12:40:28 PM - System CheckpointRP799: 5/6/2013 1:21:46 PM - System CheckpointRP800: 5/8/2013 8:14:43 AM - System CheckpointRP801: 5/9/2013 11:31:46 AM - System CheckpointRP802: 5/11/2013 1:57:22 PM - System CheckpointRP803: 5/13/2013 9:19:01 PM - System CheckpointRP804: 5/15/2013 12:51:20 PM - System CheckpointRP805: 5/15/2013 6:00:36 PM - Software Distribution Service 3.0RP806: 5/17/2013 11:56:12 AM - System CheckpointRP807: 5/18/2013 12:40:44 PM - System CheckpointRP808: 5/19/2013 1:59:46 PM - System CheckpointRP809: 5/19/2013 3:43:27 PM - Removed EasySaver B9.0610.1 RP810: 5/20/2013 5:03:17 PM - System CheckpointRP811: 5/21/2013 5:24:50 PM - System CheckpointRP812: 5/22/2013 6:09:01 PM - System CheckpointRP813: 5/24/2013 10:52:37 AM - System CheckpointRP814: 5/24/2013 11:10:51 AM - Removed Java 7 Update 9RP815: 5/25/2013 12:34:32 PM - System CheckpointRP816: 5/26/2013 2:45:11 PM - System CheckpointRP817: 5/27/2013 4:01:48 PM - System CheckpointRP818: 5/28/2013 5:01:06 PM - System CheckpointRP819: 5/30/2013 2:30:13 PM - System CheckpointRP820: 5/31/2013 3:47:10 PM - System CheckpointRP821: 6/2/2013 2:17:38 PM - System CheckpointRP822: 6/4/2013 1:25:12 PM - System CheckpointRP823: 6/5/2013 1:58:34 PM - System CheckpointRP824: 6/6/2013 5:22:02 PM - System CheckpointRP825: 6/7/2013 5:46:27 PM - System CheckpointRP826: 6/8/2013 8:01:50 PM - System CheckpointRP827: 6/9/2013 8:53:12 PM - System CheckpointRP828: 6/11/2013 11:56:16 AM - System CheckpointRP829: 6/12/2013 11:57:54 AM - System CheckpointRP830: 6/12/2013 2:41:27 PM - Software Distribution Service 3.0RP831: 6/13/2013 3:10:58 PM - System CheckpointRP832: 6/14/2013 4:48:28 PM - System CheckpointRP833: 6/18/2013 5:55:48 PM - System CheckpointRP834: 6/19/2013 8:45:24 PM - System CheckpointRP835: 6/20/2013 11:54:48 AM - Removed Dotfuscator Software Services - Community EditionRP836: 6/21/2013 12:01:41 PM - System CheckpointRP837: 6/21/2013 5:38:41 PM - Installed Passware Kit Professional 12.3.==== Installed Programs ======================.Adobe AIRAdobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.2AMD Processor DriverApple Application SupportApple Mobile Device SupportApple Software UpdateArmored Fist 3ATI - Software Uninstall UtilityATI Catalyst Control CenterATI Display DriverAudacity 1.2.6AVG 2013AVS Update Manager 1.0AVS4YOU Software Navigator 1.4Axis & AlliesBing BarBonjourBrain Fitness ProgramBrowser Configuration UtilityCamStudio OSS Desktop RecorderCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Localization Allccc-core-preinstallccc-core-staticccc-utilityCCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCivilization III Complete EditionCompatibility Pack for the 2007 Office systemContinueToSave 1.74continuetosayvieCrystal Reports for Visual StudioDownLiteDungeon SiegeEasylifeGadgeteKnowledgeFacebook Plug-InFoxit ReaderFree CD Music Converter 10Google ChromeGoogle DriveGoogle EarthGoogle SketchUp 7Google Toolbar for Internet ExplorerGoogle Update HelperGTK+ Runtime 2.14.7 rev a (remove only)HandBrake 0.9.8High Definition Audio Driver Package - KB888111Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041)Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2565057)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB2756822)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB942288-v3)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB958655-v2)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)iTunesJava 7 Update 21Java Auto UpdaterJavaFX 2.1.1LAME v3.98.3 for AudacityMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft Age of Empires IIMicrosoft Application Error ReportingMicrosoft ASP.NET MVC 2Microsoft ASP.NET MVC 2 - Visual Studio 2010 ToolsMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Help Viewer 1.1Microsoft Kernel-Mode Driver Framework Feature Pack 1.5Microsoft Office File Validation Add-InMicrosoft Office Professional Edition 2003Microsoft Office Word Viewer 2003Microsoft Rise Of NationsMicrosoft SilverlightMicrosoft Silverlight 3 SDKMicrosoft Silverlight 4 SDKMicrosoft SQL Server 2008Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Common FilesMicrosoft SQL Server 2008 Database Engine ServicesMicrosoft SQL Server 2008 Database Engine SharedMicrosoft SQL Server 2008 Native ClientMicrosoft SQL Server 2008 R2 Data-Tier Application FrameworkMicrosoft SQL Server 2008 R2 Data-Tier Application ProjectMicrosoft SQL Server 2008 R2 Management ObjectsMicrosoft SQL Server 2008 R2 Transact-SQL Language ServiceMicrosoft SQL Server 2008 RsFx DriverMicrosoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Database Publishing Wizard 1.4Microsoft SQL Server System CLR TypesMicrosoft SQL Server VSS WriterMicrosoft Sync Framework Runtime v1.0 SP1 (x86)Microsoft Sync Framework SDK v1.0 SP1Microsoft Sync Framework Services v1.0 SP1 (x86)Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)Microsoft Team Foundation Server 2010 Object Model - ENUMicrosoft UI EngineMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft VC9 runtime librariesMicrosoft Visual Basic 2010 Express - ENUMicrosoft Visual C++ Compilers 2010 Standard - enu - x86Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219Microsoft Visual F# 2.0 RuntimeMicrosoft Visual Studio 2010 ADO.NET Entity Framework ToolsMicrosoft Visual Studio 2010 Office Developer Tools (x86)Microsoft Visual Studio 2010 Professional - ENUMicrosoft Visual Studio 2010 Service Pack 1Microsoft Visual Studio 2010 SharePoint Developer ToolsMicrosoft Visual Studio 2010 Tools for Office Runtime (x86)Microsoft Visual Studio Macro ToolsMicrosoft XML ParserMobileMe Control PanelMoon TycoonMozilla Firefox 17.0.1 (x86 en-US)Mozilla Maintenance ServiceMS Access 97 SP2MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML4 ParserNavyFIELD NorthAmericaNero 8 EssentialsneroxmlNotepad++OpenOffice.org 3.1Oregon Trail 3Paint.NET v3.5.1Passware Kit Professional 12.3Posit Science InSightPraetoriansPython 3.3.0QuickTimeREALTEK GbE & FE Ethernet PCI-E NIC DriverRealtek High Definition Audio DriverRhye's of Civilization ExpandedRise of Nations Thrones and PatriotsSafarisafee ysavveSecure Download ManagerSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)Security Update for Microsoft Visual Studio Macro Tools (KB2669970)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 8 (KB2183461)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB2792100)Security Update for Windows Internet Explorer 8 (KB2797052)Security Update for Windows Internet Explorer 8 (KB2809289)Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2847204)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB974455)Security Update for Windows Internet Explorer 8 (KB976325)Security Update for Windows Internet Explorer 8 (KB978207)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2761226)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2778344)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2799494)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2808735)Security Update for Windows XP (KB2813170)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2829361)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371-v2)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974455)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Service Pack 1 for SQL Server 2008 (KB968369)Sid Meier's Civilization 4 - Beyond the SwordSid Meier's Civilization 4 CompleteSimCity 3000 UnlimitedSkinsSpotifySpybot - Search & DestroySql Server Customer Experience Improvement ProgramSUPERAntiSpywareSwitch Sound File ConverterTeam ApacheTI InterActive!™TripleA Version 1_6_1_2Uninstall 1.0.0.1Unistall ModUnity Web PlayerUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Windows Internet Explorer 8 (KB975364)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB976749)Update for Windows Internet Explorer 8 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2718704)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)VCRedistSetupVisual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENUWCF RIA Services V1.0 SP1Web Deployment ToolWebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 8Windows Live ID Sign-in AssistantWindows Media Format 11 runtimeWindows Media Player 11Windows XP Service Pack 3WinRAR archiverWorld 2004 (remove only)Yahoo! DetectYTD Toolbar v6.6YTD Video Downloader 4.0.==== Event Viewer Messages From Past Week ========.6/22/2013 6:46:45 AM, error: Service Control Manager [7022] - The AVGIDSAgent service hung on starting.6/22/2013 3:36:34 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).6/18/2013 5:28:37 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.6/18/2013 5:20:28 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP SRTSPX6/18/2013 5:19:14 PM, error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The system cannot find the path specified..==== End Of File ===========================
  9. solarsailer
    Hi, Yesterday I ran a Malwarebytes scan of my computer and was told that Malwarebytes found spyware.passord. Malwarebytes removed it but, when browsing on the internet my browser will suddenly redirect me to bizcoaching.info. I'm unsure if Malwarebytes actually removed the program or this is a symptom of another infection. Thanks!!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.