Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

multiple zjuqfuhetbw.exe*32 (google chrome) [Solved]

chrome

  • This topic is locked This topic is locked

#16
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 1

 

Done.


  • 0

Advertisements


#17
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 2 : OTL Fix log

 

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
========== FILES ==========
<  ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\MBG\Desktop\cmd.bat deleted successfully.
C:\Users\MBG\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: MBG
->Temp folder emptied: 11982673 bytes
->Temporary Internet Files folder emptied: 213453501 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 26274 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50132 bytes
RecycleBin emptied: 240441114 bytes
 
Total Files Cleaned = 444.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10292014_000051

Files\Folders moved on Reboot...
File move failed. C:\Users\MBG\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\8a3ed24525dc3a3dcdcb98ef9e756b8_fce8395f8fd8a84b_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\MBG\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\8a3ed24525dc3a3dcdcb98ef9e756b8_fce8395f8fd8a84b_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\MBG\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\c47def462398f363683aa06fa32c6bd8_fce8395f8fd8a84b_f3279b66e87c6f22_0_0.bin moved successfully.
C:\Users\MBG\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\c47def462398f363683aa06fa32c6bd8_fce8395f8fd8a84b_f3279b66e87c6f22_0_0.toc moved successfully.
C:\Users\MBG\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\c47def462398f363683aa06fa32c6bd8_fce8395f8fd8a84b_f3279b66e87c6f22_0_1.bin moved successfully.
C:\Users\MBG\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\c47def462398f363683aa06fa32c6bd8_fce8395f8fd8a84b_f3279b66e87c6f22_1_0.bin moved successfully.
C:\Users\MBG\AppData\Local\Temp\Low\NVIDIA Corporation\NV_Cache\c47def462398f363683aa06fa32c6bd8_fce8395f8fd8a84b_f3279b66e87c6f22_1_0.toc moved successfully.
C:\Users\MBG\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\MBG\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TT6FTM4W\cJZKeOuBrn4kERxqtaUH3fY6323mHUZFJMgTvxaG2iE[1].eot moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TT6FTM4W\PRmiXeptR36kaC0GEAetxrFt29aCHKT7otDW9l62Aag[1].eot moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MRZRVKW8\k3k702ZOKiLJc3WVjuplzHZ2MAKAc2x4R1uOSeegc5U[1].eot moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MRZRVKW8\xjAJXh38I15wypJXxuGMBmfQcKutQXcIrRfyR5jdjY8[1].eot moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ITVZR46M\344462-multiple-zjuqfuhetbwexe32-google-chrome[1].htm moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7E8XMS5I\2719662[1].htm moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1I24UYJV\c[1].gif moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RS63KV1C\ads[2].htm moved successfully.
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O30LKB41\2554[1].htm not found!
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O30LKB41\disp[1].htm not found!
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O30LKB41\px[1].htm not found!
C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O30LKB41\zrt_lookup[1].htm moved successfully.
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYK2Q02J\989002608[1].htm not found!
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYK2Q02J\addons-v4[1].htm not found!
File\Folder C:\Users\MBG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYK2Q02J\rt=ifr[1].htm not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


  • 0

#18
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 3 : Junkware Removal Tool  : JRT.txt

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by MBG on Wed 10/29/2014 at  0:20:18.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/29/2014 at  0:21:29.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#19
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 4 : ADWCleaner log   (NOTE:  There was nothing listed in any of the tabs after I ran this.  They were all blank.  I still selected "Clean" as instructed, however.)

 

 

 

# AdwCleaner v4.002 - Report created 29/10/2014 at 00:27:53
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MBG - MBG-DESK
# Running from : C:\Users\MBG\Desktop\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584

*************************

AdwCleaner[R0].txt - [1010 octets] - [24/10/2014 21:19:08]
AdwCleaner[R1].txt - [1070 octets] - [24/10/2014 21:21:13]
AdwCleaner[R2].txt - [881 octets] - [29/10/2014 00:26:15]
AdwCleaner[S0].txt - [1133 octets] - [24/10/2014 21:23:43]
AdwCleaner[S1].txt - [796 octets] - [29/10/2014 00:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [855 octets] ##########


Edited by zithal, 28 October 2014 - 11:33 PM.

  • 0

#20
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 5 : Part 1 : FRST log

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by MBG (administrator) on MBG-DESK on 29-10-2014 00:35:47
Running from C:\Users\MBG\Desktop
Loaded Profile: MBG (Available profiles: MBG)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Curse) C:\Users\MBG\AppData\Local\Apps\2.0\MGQBY0QK.1M2\VKKHWEO1.22T\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2014-02-19] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-19] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3555026539-685861094-718957387-1001\...\MountPoints2: {4877ee77-edf0-11e3-a358-54bef70bca0c} - G:\MotorolaDeviceManagerSetup.exe -a
Startup: C:\Users\MBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\MBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\MBG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portalguild.enjin.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.techadvanced.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn [2014-10-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014-07-17]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-04-04] (Adobe Systems) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-15] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-12] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20141028.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141027.032\ENG64.SYS [129752 2014-09-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141027.032\EX64.SYS [2137304 2014-09-18] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 00:35 - 2014-10-29 00:35 - 00013473 _____ () C:\Users\MBG\Desktop\FRST.txt
2014-10-29 00:35 - 2014-10-29 00:35 - 00000000 ____D () C:\FRST
2014-10-29 00:34 - 2014-10-29 00:34 - 02113024 _____ (Farbar) C:\Users\MBG\Desktop\FRST64.exe
2014-10-29 00:25 - 2014-10-29 00:25 - 01998336 _____ () C:\Users\MBG\Desktop\adwcleaner_4.002.exe
2014-10-29 00:21 - 2014-10-29 00:21 - 00000631 _____ () C:\Users\MBG\Desktop\JRT.txt
2014-10-29 00:18 - 2014-10-29 00:18 - 00000631 _____ () C:\Users\MBG\Desktop\JRT2.txt
2014-10-29 00:17 - 2014-10-29 00:17 - 00000000 ____D () C:\Windows\ERUNT
2014-10-29 00:11 - 2014-10-29 00:11 - 01706144 _____ (Thisisu) C:\Users\MBG\Desktop\JRT.exe
2014-10-29 00:10 - 2014-10-29 00:10 - 00010776 _____ () C:\Users\MBG\Desktop\10292014_000051.log
2014-10-27 14:17 - 2014-10-27 14:17 - 00103288 _____ () C:\Users\MBG\Desktop\OTLallusers.Txt
2014-10-27 14:06 - 2014-10-27 14:15 - 00103288 _____ () C:\Users\MBG\Desktop\OTL.Txt
2014-10-27 14:00 - 2014-10-27 14:00 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-10-27 13:59 - 2014-10-27 13:56 - 00000821 _____ () C:\Users\MBG\Desktop\fix.txt
2014-10-27 13:57 - 2014-10-29 00:05 - 00000000 ____D () C:\Users\MBG\Desktop\temp fix stuff
2014-10-26 11:08 - 2014-10-26 11:08 - 00000000 ____D () C:\_OTL
2014-10-24 23:00 - 2014-10-24 23:00 - 00602112 _____ (OldTimer Tools) C:\Users\MBG\Desktop\OTL.exe
2014-10-24 21:19 - 2014-10-29 00:27 - 00000000 ____D () C:\AdwCleaner
2014-10-22 23:41 - 2014-10-16 09:11 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-22 23:41 - 2014-10-16 07:27 - 00614544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-22 23:40 - 2014-10-16 11:54 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 24555840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 18499648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 17260864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 13190288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-22 23:40 - 2014-10-16 11:54 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00962376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00931984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00921928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00895176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00392008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00348488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-22 23:40 - 2014-10-16 11:54 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-21 22:08 - 2014-10-21 22:08 - 00000000 ____D () C:\Program Files (x86)\Warcraft Logs Uploader
2014-10-15 06:45 - 2014-10-15 06:45 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-15 06:45 - 2014-10-15 06:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-15 06:45 - 2014-10-15 06:45 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-15 06:45 - 2014-10-15 06:45 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 06:45 - 2014-10-15 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-15 06:45 - 2014-10-15 06:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-14 23:41 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 23:41 - 2014-09-19 19:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 23:41 - 2014-09-19 18:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 23:41 - 2014-09-19 18:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 23:41 - 2014-09-19 18:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 23:41 - 2014-09-19 18:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 23:41 - 2014-09-19 18:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 23:41 - 2014-09-19 18:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-14 23:41 - 2014-09-19 18:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 23:41 - 2014-09-19 18:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 23:41 - 2014-09-19 18:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-14 23:41 - 2014-09-19 18:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 23:41 - 2014-09-19 18:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 23:41 - 2014-09-19 18:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 23:41 - 2014-09-19 18:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 23:41 - 2014-09-19 18:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 23:41 - 2014-09-19 18:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 23:41 - 2014-09-19 18:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 23:41 - 2014-09-19 18:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-14 23:41 - 2014-09-19 18:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-14 23:41 - 2014-09-19 18:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 23:41 - 2014-09-19 18:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-14 23:41 - 2014-09-19 17:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 23:41 - 2014-09-19 17:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 23:41 - 2014-09-19 17:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 23:41 - 2014-09-19 17:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 23:41 - 2014-09-19 17:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 23:41 - 2014-09-19 17:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 23:41 - 2014-09-19 17:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-14 23:41 - 2014-09-19 17:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 23:41 - 2014-09-19 17:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 23:41 - 2014-09-19 17:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 23:41 - 2014-09-19 17:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-14 23:41 - 2014-09-19 17:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 23:41 - 2014-09-19 17:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 23:41 - 2014-09-19 17:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-14 23:41 - 2014-09-19 17:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 23:41 - 2014-09-19 17:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 23:41 - 2014-09-19 17:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 23:41 - 2014-09-19 17:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 23:41 - 2014-09-19 17:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-14 23:41 - 2014-09-19 17:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-14 23:41 - 2014-09-19 17:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 23:41 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 23:40 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 23:40 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 23:40 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 23:40 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 23:40 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 23:40 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 23:40 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 23:40 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 23:40 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 23:40 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 23:40 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 23:40 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 23:40 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 23:40 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 23:40 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 23:40 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 23:40 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 23:40 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 23:40 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 23:40 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 23:40 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 23:40 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 23:40 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 23:40 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 23:40 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 23:40 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 23:40 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 23:40 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 23:40 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 23:40 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 23:40 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 23:40 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 23:40 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 23:40 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 23:40 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 23:40 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 23:40 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 23:40 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 23:40 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 23:40 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 23:40 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 23:40 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 23:40 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 23:40 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 23:40 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 23:40 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 23:40 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 23:40 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 23:40 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 23:40 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 23:40 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 23:40 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 23:40 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 23:40 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 23:40 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 23:40 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 23:40 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-09-30 22:16 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 22:16 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 00:35 - 2009-07-14 00:13 - 00783114 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 00:35 - 2009-07-13 23:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 00:35 - 2009-07-13 23:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-29 00:31 - 2014-02-19 17:42 - 01409067 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 00:28 - 2014-02-22 16:04 - 00000000 ____D () C:\Users\MBG\AppData\Local\Deployment
2014-10-29 00:28 - 2014-02-19 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-29 00:28 - 2010-11-20 22:47 - 00134926 _____ () C:\Windows\PFRO.log
2014-10-29 00:28 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 00:28 - 2009-07-13 23:51 - 00042185 _____ () C:\Windows\setupact.log
2014-10-28 23:57 - 2014-03-09 15:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 23:54 - 2014-02-22 10:58 - 00000000 ____D () C:\Users\MBG\AppData\Roaming\Mumble
2014-10-28 23:50 - 2014-03-01 12:10 - 00000000 ____D () C:\Users\MBG\AppData\Local\Battle.net
2014-10-26 11:58 - 2014-04-04 21:15 - 00000000 ____D () C:\Users\MBG\Desktop\wow stuff
2014-10-26 01:18 - 2014-03-01 12:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-24 21:03 - 2014-04-17 10:03 - 00000000 ____D () C:\Users\MBG\AppData\Local\CrashDumps
2014-10-24 09:29 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-10-24 00:16 - 2014-02-22 00:55 - 00000000 ____D () C:\Users\MBG
2014-10-23 17:19 - 2014-08-22 20:20 - 00000000 ____D () C:\Users\MBG\AppData\Local\Adobe
2014-10-23 17:18 - 2014-03-09 15:13 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-23 17:18 - 2014-03-09 15:13 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-23 17:18 - 2014-02-19 13:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-22 23:41 - 2014-04-24 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-22 23:41 - 2014-02-19 18:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-21 22:08 - 2014-07-17 18:59 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft Logs Uploader.lnk
2014-10-21 22:08 - 2014-07-17 18:59 - 00001015 _____ () C:\Users\Public\Desktop\Warcraft Logs Uploader.lnk
2014-10-16 11:54 - 2014-09-19 22:59 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-16 11:54 - 2014-05-27 16:49 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-16 11:54 - 2014-02-19 18:08 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-10-16 11:54 - 2014-02-19 18:08 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-10-16 11:54 - 2014-02-19 18:07 - 20968040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-16 11:54 - 2014-02-19 18:07 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-16 11:54 - 2014-02-19 18:07 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-16 11:54 - 2014-02-19 18:07 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-16 09:11 - 2014-02-19 18:08 - 06883136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-16 09:11 - 2014-02-19 18:08 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-16 09:11 - 2014-02-19 18:08 - 00933064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-16 09:11 - 2014-02-19 18:08 - 00384200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-16 09:11 - 2014-02-19 18:08 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-15 06:46 - 2014-02-19 14:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-15 06:34 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-15 03:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-15 03:18 - 2009-07-13 23:45 - 00279008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 03:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 03:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 03:01 - 2014-02-19 16:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 03:00 - 2014-02-19 16:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 19:48 - 2014-02-19 18:08 - 04047877 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-04 01:42 - 2014-06-03 10:26 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-04 01:42 - 2014-04-24 02:17 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-10-04 01:41 - 2014-06-03 10:26 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-04 01:41 - 2014-04-24 02:17 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

Some content of TEMP:
====================
C:\Users\MBG\AppData\Local\Temp\Quarantine.exe
C:\Users\MBG\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 13:01

==================== End Of Log ============================


  • 0

#21
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Step 5 : Part 2 : Addition txt

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by MBG at 2014-10-29 00:35:58
Running from C:\Users\MBG\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Disabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version:  - SEIKO EPSON Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel® Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel® Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17800 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Control Panel 344.48 (Version: 344.48 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1284 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
PdaNet+ for Android 4.15 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 2.0.2 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 2.0.2 - UNKNOWN) Hidden
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3555026539-685861094-718957387-1001_Classes\CLSID\{6057eb24-f865-4007-82c1-3bd68abcba52}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

15-10-2014 08:00:14 Windows Update
15-10-2014 11:45:01 Installed Java 7 Update 71
23-10-2014 05:11:25 Scheduled Checkpoint
26-10-2014 16:19:12 OTL Restore Point - 10/26/2014 11:19:11 AM
27-10-2014 19:01:00 OTL Restore Point - 10/27/2014 2:01:00 PM
29-10-2014 04:58:38 Installed Microsoft Fix it 50906
29-10-2014 05:01:01 OTL Restore Point - 10/29/2014 12:01:01 AM

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {15D51531-C567-4EC5-B261-803832F1FFE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23] (Adobe Systems Incorporated)
Task: {567E39A9-8E13-4D04-AEA6-B1272C9060C0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {616FE809-6216-46EA-B21D-DB15B35F09D9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {77D2C71C-8C35-4650-A3BD-BDFA55F32187} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A0512D35-9BBB-47F8-B86C-70006B0B93F0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {BDAC034D-8741-4662-9BAC-F9A190BA52EE} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-02-19 18:08 - 2014-10-16 09:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-08 21:31 - 2014-01-07 16:30 - 01054432 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2014-10-13 00:57 - 2014-10-13 00:57 - 00016384 ____N () C:\Users\MBG\AppData\Local\Apps\2.0\MGQBY0QK.1M2\VKKHWEO1.22T\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2014-02-22 16:04 - 2014-02-22 16:04 - 00035840 _____ () C:\Users\MBG\AppData\Local\Apps\2.0\MGQBY0QK.1M2\VKKHWEO1.22T\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-10-13 00:57 - 2014-10-13 00:57 - 00099840 ____N () C:\Users\MBG\AppData\Local\Apps\2.0\MGQBY0QK.1M2\VKKHWEO1.22T\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
2014-02-19 14:56 - 2013-05-15 20:09 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3555026539-685861094-718957387-500 - Administrator - Disabled)
Guest (S-1-5-21-3555026539-685861094-718957387-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3555026539-685861094-718957387-1003 - Limited - Enabled)
MBG (S-1-5-21-3555026539-685861094-718957387-1001 - Administrator - Enabled) => C:\Users\MBG

==================== Faulty Device Manager Devices =============

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16345.9 MB
Available physical RAM: 14263.43 MB
Total Pagefile: 32689.98 MB
Available Pagefile: 30366 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:223.57 GB) (Free:125.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:8.61 GB) (Free:8.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (SPACE) (Fixed) (Total:922.82 GB) (Free:880.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DAFA2802)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F0000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=8.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=922.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#22
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hi zithal :)

 

Excellent work! :thumbsup:    Your logs look good. :)   How is the computer running?   Any more evidence of the google chrome junk? 

Now we'll do a scan with Malwarebytes and check your Security to help make sure there are no known vulnerabilities we can see.
 Following this I have one more scan for you, and I'll clean up my mess ;)
Then I'll give you some tips to help your computer stay clean and maybe make your computer life a little easier.

 

 

Step 1
Install and Run Malwarebytes' Anti-Malware

 

Please download Malwarebytes' Anti-Malware from Here or Here

 

  • Double Click the downloaded mbam-setup-x.x.x.xxxx.exe to install the application.  (x.x.x.xxxx represents the current version number).

     

     

  • During installation, make sure uncheck Enable free trial of Malwarebytes Anti-Malware Premium, then click Finish.  You can always upgrade later ;) :
    MBAM1_zps65d773c0.png

     

     

  • If an update is found, it will download and install the latest updates automatically:
    MBAM2_zps52e3211b.png

     

     

  • Now select the Settings tab, and check the box next to Scan for rootkits:
    MBAM3_zps83324155.png

     

     

  • Go back to the Dashboard tab, and click the Scan Now button:
    MBAM4_zpse3cd4a79.png

     

     

  • The scan may take some time to finish,so please be patient.
    MBAM5_zps36d7537b.png

     

     

  • When the scan is complete, it will show you the results.  (This one is clean):
    MBAM65_zpsb0aa143c.png

     

     

  • Make sure that everything is checked, and click Quarantine All (or similar).

     

     

  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.  (See Extra Note below)  If the log doesn't open, select View detailed log in the Scan tab:
    MBAM7_zps782405f0.png

     

     

  • The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs:
    MBAM9_zps1f87702b.png

     

     

  • Choose the latest Scan Log, and click on the View button:
    MBAM10_zps5a48f689.png

     

     

  • In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt).  Save the report to your Desktop.
    MBAM8_zpsad402941.png

     

     

  • Copy & Paste the entire contents of the report log in your next reply.

     

     

 

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

 

*** In your next reply, I need you to Copy & Paste the contents of the MBAM log file.

 

 

Step 2

SecurityCheck by Screen317:

 

Please also download Security Check by screen317.

•Save it to your Desktop.

•Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

•A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED!  Try rebooting the system and then run SecurityCheck again.

 

Step 3
Post!:

 

When you return, please post:

 

1.  Answers to the above questions

2.  Mbam log
3.  checkup.txt

Thank you :)


  • 0

#23
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

"How is the computer running?"

  • Seems to be running great, back to how it was previously when I didnt have any issues. 

 

"Any more evidence of the google chrome junk?"

  • No not at all, not at least in any of the places I saw it previously.  And all of the issues I had noticed are gone now. 
  • Thank you so much for all your help with this so far!

  • 0

#24
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

MBAM Log:

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/29/2014
Scan Time: 11:00:23 PM
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.30.03
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MBG

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 301794
Time Elapsed: 2 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


  • 0

#25
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

checkup.txt

 

 

 

 Results of screen317's Security Check version 0.99.89 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 71 
 Java version out of Date!
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 10%
````````````````````End of Log``````````````````````

 

 

 

In reference to the Java version being out of date...  In the past, and prior to your assistance, I periodically get a notification that says it is out of date, but when I go to update it it informs me that I have the latest version.


Edited by zithal, 29 October 2014 - 10:54 PM.

  • 0

Advertisements


#26
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Hi zithal :)

 

My apologies for the delay.  Work kept me way too busy the last two days.

Excellent work!  :thumbsup:   And the best part:  Your logs look great! :D

 

As for the Java Update ~ the Java updater on a computer seems to be good at it's job ~ even though it may be updated already. 

Remember not to take updates on the fly, most of those are no good.  Same with Adobe.  Their updaters do their work on startup. 

 

We need to remove the tools we've used during cleaning your machine

 

 

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg

     

     

  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the

 

log in your next reply

 

Thank you :)


  • 0

#27
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

# DelFix v10.8 - Logfile created 31/10/2014 at 17:37:32
# Updated 29/07/2014 by Xplode
# Username : MBG - MBG-DESK
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\MBG\Desktop\adwcleaner_4.002.exe
Deleted : C:\Users\MBG\Desktop\FRST64.exe
Deleted : C:\Users\MBG\Desktop\JRT.exe
Deleted : C:\Users\MBG\Desktop\OTL.exe
Deleted : C:\Users\MBG\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #62 [Windows Update | 10/15/2014 08:00:14]
Deleted : RP #63 [Installed Java 7 Update 71 | 10/15/2014 11:45:01]
Deleted : RP #64 [Scheduled Checkpoint | 10/23/2014 05:11:25]
Deleted : RP #65 [OTL Restore Point - 10/26/2014 11:19:11 AM | 10/26/2014 16:19:12]
Deleted : RP #66 [OTL Restore Point - 10/27/2014 2:01:00 PM | 10/27/2014 19:01:00]
Deleted : RP #67 [Installed Microsoft Fix it 50906 | 10/29/2014 04:58:38]
Deleted : RP #68 [OTL Restore Point - 10/29/2014 12:01:01 AM | 10/29/2014 05:01:01]

New restore point created !

########## - EOF - ##########


  • 0

#28
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

 Hi zithal xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
Thank you for the log xhappy.png.pagespeed.ic.w4JpNxlSQh.png
 
Now that you are clean, to help protect your computer in the future ~ A few tips and great information to help your future travels ~
 
Preventing New Infections
 
Your Antivirus and Firewall are good to go. xsmile.png.pagespeed.ic.CwSpBGGvqN.png
You now have Malwarebytes.  It's one of the best if not The best antimalware tool.
It catches many items any Antivirus might miss yes.gif.pagespeed.ce.-FW1vOke9g.gif
Update and run weekly to help keep your system clean.
 

1.
Windows Updates
 
It is critical to have both a firewall and an anti virus to protect your system and to keep them updated, and to keep your operating system up to date make sure Windows Updates are kept current:
A major essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.
If they are not already or if you need to check:
 
1. Open Windows Update by clicking the Start Orb. In the search box, type Update, and then, in the list of results, click Windows Update.
 
2. In the left pane, click Change settings.
 
3. Under Important updates, choose the option that you want. Recommended setting: Install updates automatically
 
4. Under Recommended updates, select the Give me recommended updates the same way I receive important updates check box, and then click OK. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 

2.
Program Updates
 
Keep Installed Programs Up to Date
It's important to keep all other programs on your computer updated because older versions can also have security vulnerabilities exploited by the malware to infect you.
Both Adobe and Java updates are legitimately done on reboot.  Do not take updates on the fly.  Both programs supply a balloon in the lower right of the screen, not a pop up window. 
If in doubt, reboot and the real one will ask to update if needed.
 
It is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use the following program to help you with this:
 
FileHippo Update Checker
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~* 
 
3.
CryptoLocker Warning
 
There is a particularly nasty infection out there at the moment. 
Go here for information about CryptoLocker Ransomeware. Learning about what is out there may help prevent infection. The main thing with this infection here ~ is Backup. If you're using an external, keep it unplugged to the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.
 
We suggest users to Download CryptoPrevent free for home use. It will help prevent CryptoLocker.

 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
4.
Backup
 
Keep a backup of your important Files. Now, more than ever, it's especially important to
protect your digital Files and memories. This article is full of good information on
alternatives for home backup solutions
 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
 
5.
When installing\updating ANY program, make sure you always select Custom installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
 
When looking to download a program whenever possible go to the authors site.
For example: Don't necessarily click on the top Firefox install listed after a search.  Look at the website it goes to.  In this case it should be Mozilla.org.
FileHippo is also a good place to look for safe downloads.
 
If you're not positive about a download or file go to jotti or VirusTotal and have it scanned. 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
 
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Please confirm all is well and good with the computer and you are happy with its current state xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
Thank you xsmile.png.pagespeed.ic.CwSpBGGvqN.png
 
Surf safe xbiggrin.png.pagespeed.ic.XhpYJIv77v.png


  • 0

#29
zithal

zithal

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

yessir thank you very much for all your help.  I am 100% satisfied with the result, and truly could not have done any of this without you or this website.  I was skeptical at first tbh, but now I am a huge fan !  I will refer anyone I come across with similar or any computer related issues to this site.  Thanks again!  Hopefully I wont need your services in the future, but if I believe that I do, this will be the first place I come.

 

again thank you very much, and have a great day!


  • 0

#30
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts

Thank you zithal ;)  You are very welcome ~ I'm glad you are happy :happy:

 

Take good care, surf safe!


  • 0






Similar Topics


Also tagged with one or more of these keywords: chrome

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP