HJT a little is help needed

Page 1 of 5 123 ... LastLast

  1. well48
    Posts : 75
    Windows 7 Pro 64bit w/ Virtual XP Mode
       New #1

    HJT a little is help needed


    Could you please help me decide what to remove with this logfile? Thank you.

    Code:
    Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:05:21 PM, on 9/29/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)

Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
C:\downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search tlbrid=ZoneAlarmSecurity&Lan=en&utid=44dd894b000000000000ac8112685fac
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ctfmon.lnk = C:\ProgramData\lsass.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13361 bytes
    Last edited by Brink; 29 Sep 2013 at 21:13. Reason: code box
      My Computer
    Quote Quote

  3. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #2

    Please only have one thread on one computer with one problem.
    Next I highly recommend not doing anything until a security expert helps with that Hi jack log.

    In my opinion Micro HijackThis v2.0.5 should only be used under the supervision on qualified people.
      My Computer
    Quote Quote

  4. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #3

    well48,

    Let's check deeper that what HilackThis can go...

    Please go to the Farbar Recovery Scan Tool Download
    Select the version that applies to your system.

    Save it to your Desktop.
    Double-click the downloaded file to run it.

    When the tool opens click Yes to the disclaimer.
    Press the Scan button.

    FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).

    Please provide the FRST.txt in your reply.

    The first time the tool is run, it also makes another log: Addition.txt
    Also post the: Addition.txtin your reply.
      My Computer
    Quote Quote

  6. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #4

    That didn't take long. Thanks for dropping by Cottonball.

    well48 please follow Cottonball's instructions.
      My Computer
    Quote Quote

  7. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #5

    wlsidten.dll is normally not a good sign...like ransomware. Hopefully, I'm wrong.
      My Computer
    Quote Quote

  8. well48
    Posts : 75
    Windows 7 Pro 64bit w/ Virtual XP Mode
    Thread Starter
       New #6

    cottonball- here's the 2 logs you asked for. soory about taking so long to get back. I posted that other one on General board because I lost my way back here (forgot where)

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
    Ran by Tom (administrator) on THOMAS-KUSTUSZ on 29-09-2013 23:26:36
    Running from C:\Users\Tom\Desktop
    Windows 7 Home Premium (X64) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Normal
    ==================== Processes (Whitelisted) =================
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    (Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
    (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
    ==================== Registry (Whitelisted) ==================
    HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
    HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
    HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
    HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    ==================== Internet (Whitelisted) ====================
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    URLSearchHook: (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search
    SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results
    SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia}
    SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay
    SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search
    SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = {searchTerms} - Bing
    SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results
    SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia}
    SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay
    SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
    SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
    SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
    SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
    SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
    Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
    Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
    Toolbar: HKCU - No Name - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No File
    Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3
    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR RestoreOnStartup: "hxxp://www.google.com/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searc hClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
    CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
    CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (avast! Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
    CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
    ==================== Services (Whitelisted) =================
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
    ==================== Drivers (Whitelisted) ====================
    R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
    R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
    R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
    R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
    R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
    S3 mr8980; C:\Windows\System32\DRIVERS\dwcamx64.sys [84992 2010-05-11] (Mars Semiconductor Corp.)
    ==================== NetSvcs (Whitelisted) ===================
      My Computer
    Quote Quote

  10. well48
    Posts : 75
    Windows 7 Pro 64bit w/ Virtual XP Mode
    Thread Starter
       New #7

    ==================== One Month Created Files and Folders ========
    2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST
    2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
    2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304
    2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729}
    2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle
    2013-09-29 22:53 - 2013-09-29 22:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30
    2013-09-29 21:52 - 2013-09-29 21:55 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log
    2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-09-29 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2013-09-29 20:04 - 2013-09-29 20:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe
    ==================== One Month Modified Files and Folders =======
    2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST
    2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe
    2013-09-29 23:24 - 2011-06-09 20:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Orbit
    2013-09-29 23:24 - 2011-06-09 20:49 - 00000000 ____D C:\Users\Tom\TUBES
    2013-09-29 23:21 - 2013-01-10 21:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304
    2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729}
    2013-09-29 22:58 - 2011-04-13 03:23 - 01479723 _____ C:\Windows\WindowsUpdate.log
    2013-09-29 22:56 - 2013-05-30 09:53 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-09-29 22:55 - 2013-05-30 09:53 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-09-29 22:55 - 2011-04-13 03:42 - 00000000 ____D C:\ProgramData\PDFC
    2013-09-29 22:55 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-09-29 22:55 - 2009-07-14 00:51 - 00048870 _____ C:\Windows\setupact.log
    2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle
    2013-09-29 22:52 - 2013-09-29 22:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-29 22:52 - 2012-09-18 23:41 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
    2013-09-29 22:52 - 2011-06-09 19:52 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2013-09-29 22:43 - 2011-07-14 01:20 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$
    2013-09-29 22:43 - 2011-07-14 01:20 - 00000354 _____ C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job
    2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30
    2013-09-29 22:18 - 2013-05-30 09:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2013-09-29 21:55 - 2013-09-29 21:52 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log
    2013-09-29 21:49 - 2011-06-09 17:42 - 00000000 ____D C:\Users\Tom\AppData\Local\VirtualStore
    2013-09-29 21:36 - 2011-06-13 00:47 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
    2013-09-29 21:18 - 2011-04-13 05:35 - 00306852 _____ C:\Windows\PFRO.log
    2013-09-29 21:16 - 2011-06-09 17:43 - 00000000 ___RD C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-09-29 20:45 - 2013-05-30 09:58 - 00000000 ____D C:\Program Files\Google
    2013-09-29 20:45 - 2013-05-30 09:53 - 00000000 ____D C:\Program Files (x86)\Google
    2013-09-29 20:33 - 2013-05-30 23:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Google
    2013-09-29 20:03 - 2013-09-29 20:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe
    2013-09-29 19:32 - 2011-06-09 18:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt
    2013-09-29 19:13 - 2011-09-17 02:00 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTom
    2013-09-29 19:13 - 2011-09-17 02:00 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForTom.job
    2013-09-29 18:42 - 2013-06-30 14:00 - 00000000 ____D C:\Users\Tom\AppData\Local\DoNotTrackPlus
    2013-09-20 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT
    2013-09-20 03:02 - 2012-12-04 21:01 - 00743066 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2013-09-20 03:02 - 2012-12-04 21:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
    2013-09-20 03:00 - 2013-06-23 22:16 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-09-20 01:26 - 2013-01-10 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-09-20 01:26 - 2013-01-10 21:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-20 01:26 - 2011-07-28 19:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-08-30 03:48 - 2013-05-30 09:44 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
    2013-08-30 03:48 - 2013-05-30 09:44 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2013-08-30 03:48 - 2013-05-30 09:44 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
    2013-08-30 03:48 - 2011-06-09 18:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2013-08-30 03:48 - 2011-06-09 18:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
    2013-08-30 03:48 - 2011-06-09 18:44 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2013-08-30 03:48 - 2011-06-09 18:44 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2013-08-30 03:48 - 2011-06-09 18:44 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
    2013-08-30 03:47 - 2011-06-09 18:44 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2013-08-30 03:47 - 2011-06-09 18:44 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
    Files to move or delete:
    ====================
    C:\ProgramData\netdislw.pad

    Some content of TEMP:
    ====================
    C:\Users\Tom\AppData\Local\Temp\ApnStub.exe
    C:\Users\Tom\AppData\Local\Temp\contentDATs.exe
    C:\Users\Tom\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih[1].exe
    C:\Users\Tom\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
    C:\Users\Tom\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\Tom\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\Tom\AppData\Local\Temp\mssinstaller.exe
    C:\Users\Tom\AppData\Local\Temp\rsubea65.dll
    C:\Users\Tom\AppData\Local\Temp\SecurityScan_Release.exe
    C:\Users\Tom\AppData\Local\Temp\setup.exe
    C:\Users\Tom\AppData\Local\Temp\tbZon2.dll
    C:\Users\Tom\AppData\Local\Temp\Uninstall.exe

    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    LastRegBack: 2013-09-04 15:51
    ==================== End Of Log ============================
      My Computer
    Quote Quote

  11. well48
    Posts : 75
    Windows 7 Pro 64bit w/ Virtual XP Mode
    Thread Starter
       New #8

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
    Ran by Tom at 2013-09-29 23:27:08
    Running from C:\Users\Tom\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================
    AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ==================== Installed Programs ======================
    Adobe AIR (x32 Version: 1.5.3.9130)
    Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
    Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
    Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620)
    Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
    avast! Free Antivirus (x32 Version: 8.0.1497.0)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
    Bing Bar (x32 Version: 6.0.2282.0)
    Bing Bar Platform (x32 Version: 6.0.2282.0)
    Bing Rewards Client Installer (x32 Version: 16.0.345.0)
    Blackhawk Striker 2 (x32 Version: 2.2.0.95)
    Blasterball 3 (x32 Version: 2.2.0.95)
    Blio (x32 Version: 2.0.5350)
    Bounce Symphony (x32 Version: 2.2.0.95)
    Build-a-lot 2 (x32 Version: 2.2.0.95)
    Cake Mania (x32 Version: 2.2.0.95)
    Chuzzle Deluxe (x32 Version: 2.2.0.95)
    CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210)
    D3DX10 (x32 Version: 15.4.2368.0902)
    Digital Wireless Camera (x32 Version: 1.00.0000)
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
    Dora's World Adventure (x32 Version: 2.2.0.95)
    DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412)
    Escape Rosecliff Island (x32 Version: 2.2.0.95)
    Farm Frenzy (x32 Version: 2.2.0.95)
    FATE (x32 Version: 2.2.0.95)
    Final Drive Nitro (x32 Version: 2.2.0.95)
    FlashPeak SlimBrowser (x32 Version: 5.01.035)
    Google Chrome (x32 Version: 28.0.1500.95)
    Google Update Helper (x32 Version: 1.3.21.153)
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95)
    Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000)
    HP Auto (Version: 1.0.12494.3472)
    HP Client Services (Version: 1.0.12656.3472)
    HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
    HP Game Console (x32)
    HP Games (x32 Version: 1.0.1.5)
    HP MediaSmart DVD (x32 Version: 4.2.4725)
    HP MediaSmart Music (x32 Version: 4.2.4517)
    HP MediaSmart Photo (x32 Version: 4.2.4513)
    HP MediaSmart SmartMenu (Version: 3.1.2.4)
    HP MediaSmart Video (x32 Version: 4.2.4522)
    HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.4.0)
    HP MovieStore (x32 Version: 1.0.027)
    HP MovieStore (x32 Version: 2.0.2)
    HP Odometer (x32 Version: 2.10.0000)
    HP Setup (x32 Version: 8.4.4400.3525)
    HP Setup Manager (x32 Version: 1.0.12844.3519)
    HP Support Assistant (x32 Version: 6.0.5.4)
    HP Support Information (x32 Version: 10.1.1000)
    HP Update (x32 Version: 5.002.003.003)
    HP Vision Hardware Diagnostics (Version: 2.1.6.0)
    Hulu Desktop (HKCU Version: 0.9.13)
    Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2119)
    Java 7 Update 40 (x32 Version: 7.0.400)
    Java Auto Updater (x32 Version: 2.1.9.8)
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95)
    Junk Mail filter update (x32 Version: 15.4.3502.0922)
    Kobo (x32 Version: 1.6)
    LabelPrint (x32 Version: 2.5.3130)
    LightScribe System Software (x32 Version: 1.18.20.1)
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Default Manager (x32 Version: 2.2.114.0)
    Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
    Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)
    Microsoft Silverlight (Version: 5.1.20513.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
    Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412)
    MSVCRT (x32 Version: 15.4.2862.0708)
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
    MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
    Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
    Norton Online Backup (x32 Version: 2.1.17869)
    Orbit Downloader (x32)
    PDF Complete Special Edition (x32 Version: 4.0.57)
    Penguins! (x32 Version: 2.2.0.95)
    PhotoNow! (x32 Version: 1.1.7717)
    PictureMover (x32 Version: 3.5.0.33)
    Plants vs. Zombies (x32 Version: 2.2.0.95)
    PlayReady PC Runtime amd64 (Version: 1.3.0)
    PlayReady PC Runtime x86 (x32 Version: 1.3.0)
    Poker Superstars III (x32 Version: 2.2.0.95)
    Polar Bowler (x32 Version: 2.2.0.95)
    Polar Golfer (x32 Version: 2.2.0.95)
    Power2Go (x32 Version: 6.1.4329)
    PowerDirector (x32 Version: 8.0.3129)
    PressReader (x32 Version: 5.10.1102.0)
    Ralink RT2860 Wireless LAN Card (x32)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196)
    Recovery Manager (x32 Version: 5.5.3219)
    RoxioNow Player (x32 Version: 1.9.5.101)
    TeamViewer 7 (x32 Version: 7.0.12979)
    Uniden Surveillance System 5.0.0.302 (x32)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
    Virtual Families (x32 Version: 2.2.0.95)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95)
    VLC media player 1.1.10 (x32 Version: 1.1.10)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95)
    Windows Driver Package - OEM (mr8980) Image (05/10/2010 1.0.0.0) (Version: 05/10/2010 1.0.0.0)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3502.0922)
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
    Windows Live Installer (x32 Version: 15.4.3502.0922)
    Windows Live Language Selector (Version: 15.4.3502.0922)
    Windows Live Mail (x32 Version: 15.4.3502.0922)
    Windows Live Messenger (x32 Version: 15.4.3502.0922)
    Windows Live MIME IFilter (Version: 15.4.3502.0922)
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
    Windows Live Photo Common (x32 Version: 15.4.3502.0922)
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
    Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
    Windows Live SOXE (x32 Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
    Windows Live Writer (x32 Version: 15.4.3502.0922)
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
    Zinio Reader 4 (x32 Version: 4.0.3184)
    ZoneAlarm LTD Toolbar
    Zuma Deluxe (x32 Version: 2.2.0.95)
    ==================== Restore Points =========================
    03-08-2013 03:41:45 Windows Update
    07-08-2013 02:29:44 Windows Update
    11-08-2013 03:18:50 Windows Update
    15-08-2013 07:05:16 Windows Update
    23-08-2013 00:44:54 Windows Update
    27-08-2013 06:02:10 Windows Update
    04-09-2013 19:51:26 Scheduled Checkpoint
    04-09-2013 20:02:00 Windows Update
    20-09-2013 05:26:16 Scheduled Checkpoint
    20-09-2013 05:37:13 Windows Update
    20-09-2013 07:00:23 Windows Update
    29-09-2013 22:41:41 Windows Update
    30-09-2013 02:46:07 Removed Java(TM) 6 Update 26 (64-bit)
    30-09-2013 02:48:41 Removed Java 7 Update 25
    30-09-2013 02:52:36 Installed Java 7 Update 40
    ==================== Hosts content: ==========================
    2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
    ==================== Scheduled Tasks (whitelisted) =============
    Task: {00388E65-2CFC-4F9C-905D-D76A97B93C6B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
    Task: {05ECD425-B176-4EDE-A657-8A20350A3181} - System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {608FB861-FD45-436A-ADBA-DAD008E8C26A} - System32\Tasks\HPCeeScheduleForTom => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {99E1B576-CB72-4310-87C9-A3683EF1C1E8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()
    Task: {9B6B10FF-F72E-4F18-85E2-B467D1B5ADE7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {9EABF3DC-01FB-4398-99C1-6AC05FF6479D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.)
    Task: {AB3E5344-07D5-4C04-AF47-58CB231E3AA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.)
    Task: {B909DF93-40EB-4B77-8985-8918C2D4A4D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
    Task: {C52CE892-5C72-4376-8CB5-9F0BF8CFBC8F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-05] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForTom.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    ==================== Loaded Modules (whitelisted) =============
    2013-09-29 18:41 - 2013-09-29 15:33 - 02102784 _____ () C:\Program Files\AVAST Software\Avast\defs\13092901\algo.dll
    2011-06-09 17:44 - 2010-09-28 14:59 - 12286008 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\Bin\Core.dll
    2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
    2011-06-09 17:44 - 2010-09-28 15:10 - 01699384 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\EN-US\Presentation.dll
    2011-06-09 20:50 - 2011-06-07 13:47 - 00397312 _____ () C:\Program Files (x86)\Orbitdownloader\wtlctrl.dll
    ==================== Alternate Data Streams (whitelisted) =========

    ==================== Safe Mode (whitelisted) ===================

    ==================== Faulty Device Manager Devices =============
      My Computer
    Quote Quote

  12. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #9

    Let's get rid of the adware first. lease download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.


    Using AdwCleaner v3: Scan & Clean:

    Double click on AdwCleaner.exe to run the tool again.
    • Click on the Scan button.
    • AdwCleaner will begin to scan your computer like it did before.
    • After the scan has finished...
    • This time, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
      My Computer
    Quote Quote

  13. well48
    Posts : 75
    Windows 7 Pro 64bit w/ Virtual XP Mode
    Thread Starter
       New #10

    # AdwCleaner v3.005 - Report created 30/09/2013 at 01:29:55
    # Updated 22/09/2013 by Xplode
    # Operating System : Windows 7 Home Premium (64 bits)
    # Username : Tom - THOMAS-KUSTUSZ
    # Running from : C:\Users\Tom\Desktop\AdwCleaner.exe
    # Option : Scan
    ***** [ Services ] *****

    ***** [ Files / Folders ] *****
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    File Found : C:\Users\Public\Desktop\eBay.lnk
    File Found : C:\Users\Tom\AppData\Local\Temp\Uninstall.exe
    Folder Found C:\ProgramData\Ask
    Folder Found C:\Users\Tom\AppData\LocalLow\Conduit
    Folder Found C:\Users\Tom\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AppDataLow\Software\Toolbar
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKCU\Software\YahooPartnerToolbar
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    ***** [ Browsers ] *****
    -\\ Internet Explorer v8.0.7600.17267

    -\\ Google Chrome v28.0.1500.95
    [ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    *************************
    AdwCleaner[R0].txt - [4723 octets] - [30/09/2013 01:29:55]
    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4783 octets] ##########
      My Computer
    Quote Quote

 
Page 1 of 5 123 ... LastLast

  Related Discussions
Please Help Needed!
in General Discussion

i have just installed win 7 to win 9 theme pack,, :) it was reali good n i loved it,but i wanted to remove n uninstall it, after he reboot. all the icons were left like that, not my windows 7 icons, non of them came back,, and normally the log on screen was ,, default and the bottom it was...
help needed
in General Discussion

hello all i would like to know is there any way to stop any process permanently and make it acessible when i want for example download accelerator plus in taskmanager i have seen that the process always keep on running even i have not opened the program its not that i dnt need it it but i want...
Help needed????
in Installation & Setup

Hi everyone, my problem being i have installed w7 ultimate on my pc but installed the 32 bit by mistake but now i want to install my 64bit disk but i don't know how to do a clean inmstall, i read the tutorial but can't make head nor tail out of it because it really doesn't tell you how to perform...
Help Needed.
in Installation & Setup

Hiya first off, i am so happy to have found a forum like this. It is very much needed. Big thanks. Ok i bought windows 7 yesterday and followed the infomation just to upgrade from windows vista to the NEW O.S 7. Activated the product key and everything is great. But now What i want to...
Help needed
in Drivers

I gave my computer to install Windows 7. Before Windows 7 installation i had 2 hard discs, C with Vista and D for my own files. After i got my computer back i saw only 1 C hard disc. Now i installed Take a ownership in order to make a full controll, because i am the only one user/administrator on...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 20:45.
Find Us