Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91819 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Infection of some sort [Solved]


  • This topic is locked This topic is locked
48 replies to this topic

#1 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 12 June 2014 - 04:13 PM

From some reason I cannot paste nothing here, not sure if it due to my infections or not. but something happen Monday and MBAM say it reported a threat, at the same time in my tray it shows 2 internet connections one was Network Internet access and other Unidentfied Network Internet Access. So I went to update my scanners and they would not.

 

So when I went to reboot I lost all the internet connection, I ended up doing a system restore and got internet back but once I tried to update Windows I lose my internet. So once I got the internet back I end up running a esat online scanner and it found these infections.

 

A variant of win 32/toolbar

Conduit B pot. unwanted appicaltion

Conduit .I

Conduit .S

 

System Spec's

 

Win 7 Utlimate 32 bit SP1

AMD A10-6800k APU 4.10 GHZ

8 gb ran using only 2.77 due to being 32 bit

1 TH hard drive

 

But everytime I try to do a windows update I lose my internet connection and also few time my MBAM seams to get messed up also.

 

I tried to copy and pass the dds and attack info and when I do it locks up when trying to post here. So I had to attack

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Jim at 16:12:01 on 2014-06-12
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.2779.1378 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\program files\amd\steadyvideo\SteadyVideo.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [CloneCDElbyCDFL] "c:\program files\elaborate bytes\clonecd\ElbyCheck.exe" /L ElbyCDFL
mRun: [CloneCDTray] "c:\program files\elaborate bytes\clonecd\CloneCDTray.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{65E3F8FD-8177-4D60-A497-2E0867BD5075} : DHCPNameServer = 10.0.0.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - c:\program files\libronix dls\system\FileProt.dll
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - c:\program files\libronix dls\system\ResProt.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.114\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 0.0.0.0 fr.a2dfp.net
Hosts: 0.0.0.0 m.fr.a2dfp.net
Hosts: 0.0.0.0 ad.a8.net
Hosts: 0.0.0.0 asy.a8ww.net
Hosts: 0.0.0.0 abcstats.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2013-12-6 70824]
R0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2013-12-6 34984]
R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [2002-11-28 22016]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2013-12-6 19608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-7 119024]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-1-15 219136]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2013-1-15 291840]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-4-9 48256]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-6-12 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-6-12 860472]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-9-27 104264]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2014-3-15 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\rpds\bin\rpdsvc.exe [2014-4-9 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\real\updateservice\RealPlayerUpdateSvc.exe [2014-3-20 23552]
R2 TeamViewer9;TeamViewer 9;c:\program files\teamviewer\version9\TeamViewer_Service.exe [2013-12-6 5024576]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2013-12-6 85160]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2013-12-6 177832]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-6 80384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-6-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-6-12 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-6-12 51928]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-13 30576]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2014-3-11 279776]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-12-6 490088]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2013-12-6 45736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2013-12-6 17488]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files\intel\intel® integrated clock controller service\ICCProxy.exe [2013-12-6 160256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-4-17 108032]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-12-6 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2014-2-11 49152]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-12-6 1343400]
.
=============== Created Last 30 ================
.
2014-06-12 20:25:08 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-12 20:24:23 -------- d-----w- c:\users\jim\appdata\local\Adobe
2014-06-12 20:24:09 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-12 20:24:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-12 20:24:09 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-12 20:24:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-12 20:21:32 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{08d30457-4d1f-47f4-b8c8-e2f2341422e4}\gapaengine.dll
2014-06-12 20:21:17 8073384 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{337b169a-3e58-4b2e-85d1-fbd800e11e6c}\mpengine.dll
2014-06-12 20:14:27 -------- d-----w- c:\users\jim\appdata\local\Acelogix
2014-06-12 20:10:44 765968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{40c3ddd0-8a51-dff0-be2b-0211ba8ab267}\GapaEngine.dll
2014-06-12 20:06:27 8073384 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-06-11 20:42:37 -------- d-----w- c:\program files\ESET
2014-06-11 15:49:39 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c65cef60-29c2-4e74-9d09-ead5ad7218cd}\gapaengine.dll
2014-05-16 13:56:24 1619120 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
2014-05-14 14:11:52 369664 ----a-w- c:\windows\system32\aepdu.dll
2014-05-14 14:11:52 302592 ----a-w- c:\windows\system32\aeinv.dll
.
==================== Find3M  ====================
.
2014-05-28 19:11:09 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-28 19:11:09 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-06 03:07:39 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-15 01:13:52 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-12 02:15:13 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:15:13 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:12:09 15872 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:12:09 100352 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:12:06 22016 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:11:58 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:11:22 22528 ----a-w- c:\windows\system32\lsass.exe
2014-04-09 14:00:15 505416 ----a-w- c:\windows\system32\msvcp71.dll
2014-04-09 14:00:15 353864 ----a-w- c:\windows\system32\msvcr71.dll
2014-04-01 02:34:22 322248 ----a-w- c:\windows\WLXPGSS.SCR
2014-03-19 20:20:18 44752 ----a-w- c:\windows\system32\drivers\point32.sys
2014-03-19 20:20:18 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2004-07-30 15:56:22 90112 ----a-w- c:\program files\common files\PCSBclean.exe
2004-07-26 21:30:14 291840 ----a-w- c:\program files\common files\PCSBoff.exe
.
============= FINISH: 16:12:28.84 ===============

Attached Files


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)

    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 13 June 2014 - 10:32 AM

:welcome:

 

Lets do this first, bypass the scan right now for OTL and lets fix your hosts file first

 

 
OTL by OldTimer
  •  
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
 
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
 
 
 
 
 

Open OTL.exe
  •  
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
 
 
:OTL
 
 
:Services
 
:Reg
 
:Files
ipconfig /flushdns /c
 
 
:Commands
[purity]
[resethosts]
[EMPTYJAVA] 
[emptytemp]
[start explorer]
[Reboot]
 
  • Then click the Run Fix button at the top. <--Not run Scan
  • Let the program run unhindered, reboot when it is done
  • Then post the results of the log it produces
 
 
 
 
 
 
Then run this tool and post the log please, dont fix anything but if there is anything in the log you need to keep please let me know
 

-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
 
  •  
  • Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
 
 

 


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#3 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 11:21 AM

OTL. Txt info

 

OTL logfile created on: 6/13/2014 12:14:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jim\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.71 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 52.99% Memory free
5.43 Gb Paging File | 3.75 Gb Available in Paging File | 69.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195.21 Gb Total Space | 149.60 Gb Free Space | 76.63% Space Free | Partition Type: NTFS
Drive D: | 736.20 Gb Total Space | 710.60 Gb Free Space | 96.52% Space Free | Partition Type: NTFS
 
Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jim\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\921861ef36355e6f12a981a188f99b8a\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Program Files\Acelogix\System TuneUp\wipext.dll ()
MOD - C:\Windows\System32\DLAAPI_W.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TeamViewer9) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (RealPlayer Cloud Service) -- c:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
SRV - (RealPlayerUpdateSvc) -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe ()
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (ICCS) -- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (AppleChargerSrv) -- C:\Windows\System32\AppleChargerSrv.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows ® 2000 DDK provider)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (AppleCharger) -- C:\Windows\System32\drivers\AppleCharger.sys ()
DRV - (amd_sata) -- C:\Windows\System32\drivers\amd_sata.sys (Advanced Micro Devices)
DRV - (amd_xata) -- C:\Windows\System32\drivers\amd_xata.sys (Advanced Micro Devices)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (amdxhc) -- C:\Windows\System32\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV - (amdhub30) -- C:\Windows\System32\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV - (AODDriver4.2) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys (Advanced Micro Devices)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (DLADResM) -- C:\Windows\System32\DLA\DLADResM.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\Windows\System32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\Windows\System32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\Windows\System32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\Windows\System32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\Windows\System32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\Windows\System32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\Windows\System32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\Windows\System32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\Windows\System32\drivers\DLARTL_M.SYS (Roxio)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (Elaborate Bytes AG)
DRV - (ElbyVCD) -- C:\Windows\System32\drivers\ElbyVCD.sys (Elaborate Bytes AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 48 18 10 8A 86 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GUEA_enUS565
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.8.22: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.8: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.8: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.8: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.8.22: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/04/09 09:00:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0FAA5C82-A094-4541-8811-D3361F972A81}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/04/09 09:00:53 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer Downloader = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\17.0.8_0\
CHR - Extension: Google Wallet = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/12/14 15:22:24 | 000,530,828 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 0.0.0.0 fr.a2dfp.net
O1 - Hosts: 0.0.0.0 m.fr.a2dfp.net
O1 - Hosts: 0.0.0.0 ad.a8.net
O1 - Hosts: 0.0.0.0 asy.a8ww.net
O1 - Hosts: 0.0.0.0 abcstats.com
O1 - Hosts: 0.0.0.0 a.abv.bg
O1 - Hosts: 0.0.0.0 adserver.abv.bg
O1 - Hosts: 0.0.0.0 adv.abv.bg
O1 - Hosts: 0.0.0.0 bimg.abv.bg
O1 - Hosts: 0.0.0.0 ca.abv.bg
O1 - Hosts: 0.0.0.0 www2.a-counter.kiev.ua
O1 - Hosts: 0.0.0.0 track.acclaimnetwork.com
O1 - Hosts: 0.0.0.0 accuserveadsystem.com
O1 - Hosts: 0.0.0.0 www.accuserveadsystem.com
O1 - Hosts: 0.0.0.0 achmedia.com
O1 - Hosts: 0.0.0.0 csh.actiondesk.com
O1 - Hosts: 0.0.0.0 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 0.0.0.0 ads.activepower.net
O1 - Hosts: 0.0.0.0 app.activetrail.com
O1 - Hosts: 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 0.0.0.0 traffic.acwebconnecting.com
O1 - Hosts: 0.0.0.0 office.ad1.ru
O1 - Hosts: 0.0.0.0 cms.ad2click.nl
O1 - Hosts: 15614 more lines...
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CloneCDElbyCDFL] C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65E3F8FD-8177-4D60-A497-2E0867BD5075}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\lbxfile {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files\Libronix DLS\System\FileProt.dll (Libronix Corporation)
O18 - Protocol\Handler\lbxres {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files\Libronix DLS\System\ResProt.dll (Libronix Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2e1883ca-5e50-11e3-aa66-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2e1883ca-5e50-11e3-aa66-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/13 12:12:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2014/06/13 09:58:45 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Jim\Desktop\dds.scr
[2014/06/12 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Adobe
[2014/06/12 10:35:41 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/06/11 15:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/05/29 10:33:08 | 000,000,000 | ---D | C] -- C:\Users\Jim\AppData\Local\Acelogix
[1 C:\Users\Jim\AppData\Local\*.tmp files -> C:\Users\Jim\AppData\Local\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/13 12:12:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jim\Desktop\OTL.exe
[2014/06/13 11:41:04 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/13 11:25:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/13 10:53:00 | 000,015,328 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/13 10:53:00 | 000,015,328 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/13 10:50:17 | 000,708,342 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014/06/13 10:50:17 | 000,671,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/06/13 10:50:17 | 000,665,702 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2014/06/13 10:50:17 | 000,404,932 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2014/06/13 10:50:17 | 000,154,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014/06/13 10:50:17 | 000,145,652 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2014/06/13 10:50:17 | 000,126,770 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/06/13 10:50:17 | 000,119,716 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2014/06/13 10:46:39 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/13 10:45:43 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/13 10:45:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/13 10:45:34 | 2185,654,272 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/13 10:27:32 | 000,854,378 | ---- | M] () -- C:\Users\Jim\Desktop\SecurityCheck.exe
[2014/06/13 09:58:45 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Jim\Desktop\dds.scr
[2014/06/12 16:57:51 | 000,000,000 | ---- | M] () -- C:\Users\Jim\AppData\Local\{2656A51C-EE9E-4391-8981-C9193D8CAF1C}
[2014/06/10 17:31:49 | 016,666,679 | ---- | M] () -- C:\Users\Jim\Documents\Our God is an Awesome God!.mp4
[2014/06/10 17:28:54 | 010,975,544 | ---- | M] () -- C:\Users\Jim\Documents\Shout To The Lord (worship video w_ lyrics).mp4
[2014/06/10 17:17:54 | 010,611,780 | ---- | M] () -- C:\Users\Jim\Documents\In Christ Alone (worship video w_ lyrics).mp4
[2014/05/30 15:02:30 | 000,002,977 | ---- | M] () -- C:\Users\Jim\Desktop\config.js
[2014/05/30 13:15:32 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/28 14:11:09 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/28 14:11:09 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/27 14:43:17 | 1608,954,914 | ---- | M] () -- C:\Users\Jim\Desktop\10 Reasons To Attend Church (Pastor James Thibodeaux).wmv
[2014/05/23 11:58:33 | 012,833,917 | ---- | M] () -- C:\Users\Jim\Documents\Heaven Was Needing A Hero - fallen soldier tribute.mp4
[2014/05/23 11:56:12 | 017,526,212 | ---- | M] () -- C:\Users\Jim\Documents\In The Arms Of An Angel-American Soldiers Tribute.mp4
[2014/05/22 17:01:55 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/20 14:27:00 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/05/16 19:38:50 | 000,000,184 | ---- | M] () -- C:\Users\Jim\Desktop\69.42.211.125 [SSH].moba
[2014/05/16 11:25:01 | 000,002,205 | ---- | M] () -- C:\Users\Jim\Desktop\Logos Bible Software 5.lnk
[1 C:\Users\Jim\AppData\Local\*.tmp files -> C:\Users\Jim\AppData\Local\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/13 10:27:32 | 000,854,378 | ---- | C] () -- C:\Users\Jim\Desktop\SecurityCheck.exe
[2014/06/12 16:57:51 | 000,000,000 | ---- | C] () -- C:\Users\Jim\AppData\Local\{2656A51C-EE9E-4391-8981-C9193D8CAF1C}
[2014/06/10 17:31:49 | 016,666,679 | ---- | C] () -- C:\Users\Jim\Documents\Our God is an Awesome God!.mp4
[2014/06/10 17:28:54 | 010,975,544 | ---- | C] () -- C:\Users\Jim\Documents\Shout To The Lord (worship video w_ lyrics).mp4
[2014/06/10 17:17:39 | 010,611,780 | ---- | C] () -- C:\Users\Jim\Documents\In Christ Alone (worship video w_ lyrics).mp4
[2014/05/30 15:02:30 | 000,002,977 | ---- | C] () -- C:\Users\Jim\Desktop\config.js
[2014/05/27 13:49:28 | 1608,954,914 | ---- | C] () -- C:\Users\Jim\Desktop\10 Reasons To Attend Church (Pastor James Thibodeaux).wmv
[2014/05/23 11:58:15 | 012,833,917 | ---- | C] () -- C:\Users\Jim\Documents\Heaven Was Needing A Hero - fallen soldier tribute.mp4
[2014/05/23 11:55:49 | 017,526,212 | ---- | C] () -- C:\Users\Jim\Documents\In The Arms Of An Angel-American Soldiers Tribute.mp4
[2014/05/03 14:05:07 | 000,000,000 | ---- | C] () -- C:\Users\Jim\ping
[2014/05/03 14:04:52 | 000,000,000 | ---- | C] () -- C:\Users\Jim\trace
[2013/12/12 10:30:51 | 000,006,147 | ---- | C] () -- C:\Windows\PCLICSB.DAT
[2013/12/12 10:30:51 | 000,000,258 | RH-- | C] () -- C:\Windows\System32\LMF.DAT
[2013/12/10 17:51:05 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/12/10 16:42:08 | 000,000,120 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2013/12/07 15:46:03 | 000,090,112 | ---- | C] () -- C:\Program Files\Common Files\PCSBclean.exe
[2013/12/07 15:36:04 | 000,291,840 | ---- | C] () -- C:\Program Files\Common Files\PCSBoff.exe
[2013/12/07 15:19:56 | 000,164,842 | ---- | C] () -- C:\Windows\hpoins29.dat
[2013/12/07 15:19:56 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2013/12/06 18:51:59 | 000,404,932 | ---- | C] () -- C:\Windows\System32\prfh0404.dat
[2013/12/06 18:51:59 | 000,119,716 | ---- | C] () -- C:\Windows\System32\prfc0404.dat
[2013/12/06 18:51:59 | 000,117,840 | ---- | C] () -- C:\Windows\System32\prfi0404.dat
[2013/12/06 18:51:59 | 000,031,548 | ---- | C] () -- C:\Windows\System32\prfd0404.dat
[2013/12/06 18:42:04 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2013/12/06 18:42:03 | 000,665,702 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2013/12/06 18:42:03 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013/12/06 18:42:03 | 000,145,652 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2013/12/06 18:42:03 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2013/12/06 18:42:02 | 000,708,342 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013/12/06 18:42:02 | 000,154,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013/12/06 18:42:02 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2013/12/06 15:31:42 | 000,247,868 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013/12/06 13:55:38 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013/12/06 13:55:10 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013/12/06 13:47:51 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2013/12/06 13:47:51 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2013/12/06 13:09:28 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/12/06 12:01:35 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2013/12/06 12:01:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/12/06 11:58:07 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2013/12/06 11:58:07 | 000,019,608 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2013/12/06 11:56:03 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013/12/06 11:55:47 | 000,369,117 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/12/06 11:53:45 | 000,230,452 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2013/12/06 11:53:45 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2013/12/06 11:53:45 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2013/12/06 11:53:45 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2013/12/06 11:53:45 | 000,073,984 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2013/12/06 11:53:45 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013/12/06 11:50:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013/01/15 16:57:18 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/12/19 11:42:09 | 000,665,329 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/12/03 06:04:00 | 000,000,582 | ---- | C] () -- C:\Windows\System32\tx19_ic.ini
[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/04/22 16:23:37 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\AnvSoft
[2014/04/22 18:14:13 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Audacity
[2014/04/22 16:32:37 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\FreeVideoConverter
[2013/12/09 16:29:57 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Libronix DLS
[2014/04/19 09:37:53 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Oracle
[2013/12/06 12:44:22 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\TeamViewer
[2013/12/07 10:25:22 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\TuneUp Software
[2013/12/06 18:10:43 | 000,000,000 | ---D | M] -- C:\Users\Jim\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:037E156FD96C5E82
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:E965A533
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

 

Extras.txt info

 

OTL Extras logfile created on: 6/13/2014 12:14:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jim\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.71 Gb Total Physical Memory | 1.44 Gb Available Physical Memory | 52.99% Memory free
5.43 Gb Paging File | 3.75 Gb Available in Paging File | 69.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195.21 Gb Total Space | 149.60 Gb Free Space | 76.63% Space Free | Partition Type: NTFS
Drive D: | 736.20 Gb Total Space | 710.60 Gb Free Space | 96.52% Space Free | Partition Type: NTFS
 
Computer Name: JIM-PC | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenWithMobaXterm] -- C:\Program Files\Mobatek\MobaXterm Personal Edition\MobaXterm.exe -openfolder "%L" (Mobatek)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E06D790-AA6B-4709-8014-E4D284600E35}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{73FB189D-BCE7-4CBE-A72E-1B68371793CF}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{9E996E16-392F-457E-901B-77C32D24E90D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035C0730-A8EF-4852-A674-BAAAF694F7B0}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{13D84EB9-0E86-481E-8725-14F02393B560}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{16DF6A60-AE15-446E-9243-A9268475A446}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{180EF2B7-E030-4BB2-89A9-26E186AB3A8E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{20295AB3-49E2-482A-B644-CEADBBDAB6BE}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{20CB1E92-3744-4A6E-8A4F-7FFA6B05AE3B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{24517EC9-9A38-4507-B08D-85A66FBF82BA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{248F7716-1071-4622-9E43-112323876E1D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer_service.exe |
"{2A5F0787-61BC-44D6-BD76-0FA48714EB1F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BEFE443-BFF5-4D86-95BD-291962079763}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{335E81F9-C99B-45E3-AB27-01A9606E0D6A}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{46D68425-94F6-42A2-BCFC-CC9619843996}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{49E0F2A1-12F2-471F-82A7-74461C226E52}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{561763D6-1866-4C58-B9E3-BAF95171BE2A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{73E3D78B-D539-4A8F-86A7-D77A209C068A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{7F36DD2A-8975-41CE-B72F-212A2BF293FC}" = protocol=6 | dir=in | app=c:\program files\real\realplayer\rpds\bin\rpdsvc.exe |
"{82C55F13-50DC-4B84-A821-0BC9545BC50B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{A52F0FB1-9BCB-4F62-81A1-B501FE501C36}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{A717C29D-39B9-4D96-BEF5-25A425797D79}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version9\teamviewer.exe |
"{A8AAE2AB-2B12-42AF-BE3E-5BE6EE3B393A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F0D2EF46-CC56-4D5D-889A-A24223DC60F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{F6DF1577-4775-474B-86B1-C47201234E55}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{FBDD0F2A-BD69-4C43-98D9-A3AE7C3AE4AC}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"TCP Query User{53763619-869A-4764-B8BC-AD4FF84B75C7}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{9D792E51-2295-4E37-AE83-7A403C374DC8}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{CB4C4672-0D41-48B1-AED1-0D3EF28599F3}C:\users\jim\appdata\local\temp\mobaxterm7.0\bin\xwin.exe" = protocol=6 | dir=in | app=c:\users\jim\appdata\local\temp\mobaxterm7.0\bin\xwin.exe |
"UDP Query User{0EAD3951-508E-49C6-AFCF-2772C72D6036}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{79D0AD87-FDF1-4796-91E6-0739BFCE24F5}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{B1F6B7B1-97B0-49AD-9AEF-D87D62A81582}C:\users\jim\appdata\local\temp\mobaxterm7.0\bin\xwin.exe" = protocol=17 | dir=in | app=c:\users\jim\appdata\local\temp\mobaxterm7.0\bin\xwin.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{0C41D003-E38E-4C8A-BA67-AFF061E27F3F}" = Microsoft Mouse and Keyboard Center
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}" = Windows Live Writer Resources
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19991EAD-C273-47EB-87E8-0D274925230B}" = OEB Resource Driver
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.8
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1E71F60A-139C-796E-635A-D8D3DB5E4C12}" = CCC Help English
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205D71BC-0ADB-A230-1DB6-FEC38F3FD9EB}" = CCC Help Chinese Standard
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 55
"{286DDBD0-6355-428F-8BD5-822CF08606EC}" = Windows Live MIME IFilter
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{294B365B-32EF-49EE-99B3-A00558DC76E5}" = e-Sword
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A034D6B-9B3D-2799-23C4-75467FEC3C15}" = CCC Help Danish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3008AC29-C7E2-46CC-07AC-0A08B5ED8219}" = AMD Steady Video Plug-In
"{32470F86-B67E-7A1F-7375-8D262C363E10}" = CCC Help Italian
"{36A345C9-0691-45A1-AEEF-29ECEC8B5014}" = Microsoft Security Client
"{38F03569-A636-4CF3-BDDE-032C8C251304}" = Movie Maker
"{3927D465-7559-C585-148B-0EA6FAA4DC5A}" = CCC Help Hungarian
"{39467549-9693-13D8-B8DC-221B8AD0633A}" = Catalyst Control Center Localization All
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0323.1
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CFD99D7-1AB5-F750-9601-8480B7EEE7D1}" = CCC Help Russian
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5044501A-7E45-CB0C-2E2B-EAFD3C549C2D}" = CCC Help Greek
"{5047355D-BA0F-2CAE-9EDA-2036C888505F}" = CCC Help Japanese
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52292327-1833-43F5-FAD0-02C9CD62ED07}" = CCC Help Spanish
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5F2F27B1-F658-CC6E-B942-44F67604A9E1}" = AMD Fuel
"{5F81DD84-6A2F-11D4-903E-00E0293397B7}" = Bible Data Type System Files
"{5F81DD89-6A2F-11D4-903E-00E0293397B7}" = Common System Files
"{5F81DD92-6A2F-11D4-903E-00E0293397B7}" = Libronix Digital Library System
"{5F81DD97-6A2F-11D4-903E-00E0293397B7}" = Libronix DLS Application
"{5F81DD9B-6A2F-11D4-903E-00E0293397B7}" = Libronix Update
"{5F81DD9F-6A2F-11D4-903E-00E0293397B7}" = LLS Resource Driver
"{5F81DDA3-6A2F-11D4-903E-00E0293397B7}" = PDF Resource Driver
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{633A0911-77AE-4B18-BEF0-F46EC8CF54EA}" = WORDsearch Basic
"{6522F5F9-411B-4513-A75B-CEA00395F032}" = Windows Live UX Platform Language Pack
"{6599091B-D42D-4765-ABC3-8B25E844C746}" = Roxio Easy CD and DVD Burning
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{6606E0F5-11EF-E932-9753-04692DF98CC6}" = CCC Help German
"{66B5819D-DE70-42BE-B40F-978FBA12452E}" = Windows Live Essentials
"{672EB7DB-1F79-7CF8-E416-9186C6A810D9}" = CCC Help Finnish
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{72CB5335-6D2A-4207-B811-6CB6C6925039}" = Batch Update
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7C01770E-2A9F-8A2F-10CC-121E09E7A5D0}" = CCC Help Swedish
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C9531C3-3037-937F-C93E-8A9047986B1A}" = AMD Accelerated Video Transcoding
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8E72B982-D54F-486F-B35A-C24B6F171033}" = Nero 7 Essentials
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92E2E4F9-6664-7E83-516F-C2636F775511}" = CCC Help Norwegian
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055" = Microsoft .NET Framework 4.5.1 (Türkçe)
"{94751B72-E4C7-1F1D-367B-9F93EABDC4E1}" = CCC Help Chinese Traditional
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9AC4530B-58FE-2165-9B12-4E610C78B769}" = CCC Help Korean
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E871D09-064D-3BC9-963B-3AB8ABE1273D}" = Microsoft .NET Framework 4.5.1 (DEU)
"{9F090C71-8BF6-C79B-A99F-71D3D7402981}" = CCC Help Czech
"{A091781F-F910-51BE-37F8-4A087BB5E3D5}" = Catalyst Control Center InstallProxy
"{A0EFB06D-0C7C-4A85-B1D3-65AF82536A7B}" = Sentence Diagramming
"{A1FC4866-43FD-4078-9E80-71660345C335}" = Webster's 1828 Dictionary
"{A22732FD-0116-E113-08D5-DD1F8CB1ADFB}" = CCC Help Portuguese
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2DC527D-FA79-46E9-973F-920897CA55E9}" = Windows Live Writer
"{A341F74E-3797-7478-CCA3-F65BF57AB612}" = ccc-utility
"{A38BD82E-DF14-064E-5114-7E6855882547}" = AMD Catalyst Install Manager
"{A6FADC47-F3F9-8346-8033-D75DDFD7B651}" = CCC Help Dutch
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.5.180
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}" = Windows Live Mail
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3F2FA1A-0A2C-6C34-78AA-64D4845FAA7B}" = CCC Help Turkish
"{C4144ACA-F14B-4844-642F-CCAEAC134C4C}" = CCC Help French
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.1220.1
"{C91113DC-B860-43B8-9029-E2B71968631D}" = Logos 5 Prerequisites
"{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}" = Photo Gallery
"{CA0AF735-4583-413E-897F-E91A237EE2E1}" = Libronix DLS Shortcuts
"{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}" = Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC351B44-5610-43C5-81E6-A2C760CB0A20}" = Graphical Query Editor
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software  1.10.13.1
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D505442F-3CB1-3B2D-8FB4-35833672E24A}" = Microsoft .NET Framework 4.5.1 (TRK)
"{D7481150-9755-468E-9477-130A02648B58}" = Logos Bible Software
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE431304-8040-43D4-8419-A58E210A3894}" = RealDownloader
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E77EA12D-8E89-44CF-8980-027CE5D51BF8}" = MobaXterm
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F655604B-FFAB-798B-C7BA-955AB65C20EE}" = CCC Help Polish
"{F9AC4150-08F2-BDAB-87F3-CA084D6AE3E2}" = AMD VISION Engine Control Center
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF1E09A3-6A9C-3A5D-6945-F8CC9D78628A}" = CCC Help Thai
"7-Zip" = 7-Zip 9.20
"aBlaze Script" = aBlaze Script
"Ace Utilities_is1" = Ace Utilities
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Any Video Converter_is1" = Any Video Converter 5.5.8
"Audacity_is1" = Audacity 2.0.5
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"Defraggler" = Defraggler
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0323.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.1220.1
"Libronix DLS" = Libronix Digital Library System
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
"mIRC" = mIRC
"PC Study Bible" = PC Study Bible (remove only)
"Revo Uninstaller" = Revo Uninstaller 1.95
"SpywareBlaster_is1" = SpywareBlaster 5.0
"System TuneUp_is1" = System TuneUp
"TeamViewer 9" = TeamViewer 9
"The KMPlayer" = The KMPlayer (remove only)
"WinLiveSuite" = Windows Live Essentials
"WORDsearch Basic" = WORDsearch Basic
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/12/2014 5:52:55 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 7040
Description =
 
Error - 6/12/2014 5:52:55 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 7042
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 9002
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 3029
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 3029
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 3028
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 3058
Description =
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Windows Search Service | ID = 7010
Description =
 
Error - 6/13/2014 1:44:16 AM | Computer Name = Jim-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 6/13/2014 1:45:31 AM | Computer Name = Jim-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
 - search & destroy\DelZip179.dll" on line 8.  The value "*" of attribute "language"
 in element "assemblyIdentity" is invalid.
 
Error - 6/13/2014 1:45:40 AM | Computer Name = Jim-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{DE431304-8040-43D4-8419-A58E210A3894}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
[ System Events ]
Error - 6/12/2014 4:06:19 PM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
Error - 6/12/2014 4:10:15 PM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
Error - 6/12/2014 5:52:17 PM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.
 
Error - 6/12/2014 5:52:56 PM | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly.  It has done this
 1 time(s).  The following corrective action will be taken in 30000 milliseconds:
 Restart the service.
 
Error - 6/12/2014 5:55:30 PM | Computer Name = Jim-PC | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
 a preshutdown control.
 
Error - 6/12/2014 5:57:24 PM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
Error - 6/12/2014 6:01:48 PM | Computer Name = JIM-PC | Source = Microsoft Antimalware | ID = 2004
Description = %%860 has encountered an error trying to load signatures and will
attempt reverting back to a known-good set of signatures.     Signatures Attempted: %%824

 Error
 Code: 0x80070002     Error description: The system cannot find the file specified.      Signature
 version: 0.0.0.0;0.0.0.0     Engine version: 0.0.0.0
 
Error - 6/12/2014 6:01:39 PM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
Error - 6/13/2014 11:45:32 AM | Computer Name = Jim-PC | Source = Application Popup | ID = 876
Description = Driver DLACDBHM.SYS has been blocked from loading.
 
 
< End of report >


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#4 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 11:31 AM

I tried to copy and paste the info if the fix thing in otl, but it would not let me copy and paste. where is the file saved on the Hd to try this again and do I proceed with the next scan??


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#5 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 11:40 AM

All processes killed

========== OTL ==========

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\Jim\Desktop\cmd.bat deleted successfully.

C:\Users\Jim\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

[EMPTYJAVA]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Jim

->Java cache emptied: 947686 bytes

 

User: Public

 

Total Java Files Cleaned = 1.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Jim

->Temp folder emptied: 839368 bytes

->Temporary Internet Files folder emptied: 71995081 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 914 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 83856 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50461 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 70.00 mb

 

 

OTL by OldTimer - Version 3.2.69.0 log created on 06132014_122351

 

Files\Folders moved on Reboot...

C:\Users\Jim\AppData\Local\Temp\JavaDeployReg.log moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTIYM41R\EvPKapBawcLZ3hbihjhqAT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXPS8RTF\A4RWZsncmJ25G8iqn2EHN_esZW2xOQ-xsNqO47m55DA[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXPS8RTF\xIAtSaglM8LZOYdGmG1JqQ[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUIU5PG9\fastbutton[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUIU5PG9\like[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MJS2B47T\index[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT8ZF6BV\V80PAcvrynR[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT8ZF6BV\V80PAcvrynR[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\HqHm7BVC_nzzTui2lzQTDT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\s-BiyweUPV0v-yRb-cjciBsxEYwM7FgeyaSgU71cLG0[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\sp1_LTSOMWWV0K5VTuZzvQ[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OAF11TV\postmessageRelay[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

All processes killed

========== OTL ==========

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\Jim\Desktop\cmd.bat deleted successfully.

C:\Users\Jim\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

[EMPTYJAVA]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Jim

->Java cache emptied: 947686 bytes

 

User: Public

 

Total Java Files Cleaned = 1.00 mb

 

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Jim

->Temp folder emptied: 839368 bytes

->Temporary Internet Files folder emptied: 71995081 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 914 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 83856 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50461 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 70.00 mb

 

 

OTL by OldTimer - Version 3.2.69.0 log created on 06132014_122351

 

Files\Folders moved on Reboot...

C:\Users\Jim\AppData\Local\Temp\JavaDeployReg.log moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTIYM41R\EvPKapBawcLZ3hbihjhqAT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXPS8RTF\A4RWZsncmJ25G8iqn2EHN_esZW2xOQ-xsNqO47m55DA[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXPS8RTF\xIAtSaglM8LZOYdGmG1JqQ[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUIU5PG9\fastbutton[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUIU5PG9\like[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MJS2B47T\index[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT8ZF6BV\V80PAcvrynR[1].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT8ZF6BV\V80PAcvrynR[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\HqHm7BVC_nzzTui2lzQTDT8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\s-BiyweUPV0v-yRb-cjciBsxEYwM7FgeyaSgU71cLG0[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZ8AV3E2\sp1_LTSOMWWV0K5VTuZzvQ[1].woff moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OAF11TV\postmessageRelay[2].htm moved successfully.

C:\Users\Jim\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#6 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 11:48 AM

Well it was asking please uncheck the files you don't need I was not sure of this part so I clicked on report here is the info.

 

# AdwCleaner v3.212 - Report created 13/06/2014 at 12:42:08
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Jim - JIM-PC
# Running from : C:\Users\Jim\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Program Files\GreenTree Applications
Folder Found : C:\Users\Jim\AppData\Local\PackageAware
Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63377F42-0273-46E5-9ECE-EB31162864D2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63377F42-0273-46E5-9ECE-EB31162864D2}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [4972 octets] - [13/06/2014 12:42:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5032 octets] ##########


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#7 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 12:00 PM

Cannot edit so it asked me to check the items I do not want to removed, again no clue of this part or instructions of what to do at this stage. so I closed the program. Please let me know what to do next with this program or to uncheck to let it do whats needed.


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#8 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 13 June 2014 - 12:36 PM

  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
 
 
 
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 

Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#9 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 01:28 PM

# AdwCleaner v3.212 - Report created 13/06/2014 at 14:25:12
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Jim - JIM-PC
# Running from : C:\Users\Jim\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Jim\AppData\Local\PackageAware
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63377F42-0273-46E5-9ECE-EB31162864D2}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63377F42-0273-46E5-9ECE-EB31162864D2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Jim\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [5112 octets] - [13/06/2014 12:42:08]
AdwCleaner[R1].txt - [5172 octets] - [13/06/2014 12:57:50]
AdwCleaner[R2].txt - [5232 octets] - [13/06/2014 14:24:45]
AdwCleaner[S0].txt - [5261 octets] - [13/06/2014 14:25:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5321 octets] ##########


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#10 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 01:35 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x86
Ran by Jim on Fri 06/13/2014 at 14:31:49.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files\free youtube downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/13/2014 at 14:33:55.27
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)

    Advertisements

Register to Remove


#11 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 13 June 2014 - 02:10 PM

Good

 

GUZVCQN.jpg Please download Malwarebytes Anti-Malware to your desktop.
 
MBAM_zps65e8300e.jpg
 
  •  
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click Update Now
  • After the update completes, click the Scan Now Button.
 
 
MBAM2_zpsabeea657.jpg
 
 
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
 

Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#12 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 02:29 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/13/2014
Scan Time: 3:19:11 PM
Logfile: mbamscan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.13.09
Rootkit Database: v2014.06.02.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Jim

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 251693
Time Elapsed: 5 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#13 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 13 June 2014 - 02:49 PM

Looking good, how is your system behaving now ?


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#14 Jimbo1

Jimbo1

    Preacher / Computer Tech

  • Authentic Member
  • PipPipPipPipPip
  • 1,473 posts
  • Interests:Serving the Lord and Riding motorcycles and computers.

Posted 13 June 2014 - 03:01 PM

Well again this is why I came here. When I had the 2 Network Internet access and the Unidentified Network Internet access, I went to restore back to a early restore point and got only 1 Network Internet Access. But once I update windows, then I would lose my internet access and then I have the 2 network info again. Also if I rebooted after doing a restore I would not have Internet Access.

 

So I would have to revert back to that restore point that was giving me inter access, but during all this process MBAM became corrupted so I had to remove it and re-install it, and also I would get a red X  over my network icon, the problems were acting worse and worst. So last resort I used that restore point to boot back up to come here. Ran that east online scanner and it found those virus.

 

Now during this clean up process and following your instruction each time I booted back up I had internet and 1 Network Internet access icon only. But windows is ready to update and this is where all the issue may or may not come back.

 

So the real question is do we do further scans or do I go ahead and try to update my windows and see what happens, this either will work or I will lose my internet again. What do you want to do??

 

Jimbo


The help you receive here is free.
If you wish, you may Donate to help keep us online.

May your day be blessed by those you love and those you love be blessed by HIM ;-)


#15 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 13 June 2014 - 03:40 PM

Lets update Jimbo and go from there


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users