Go Back   Web User Forums > Security > HijackThis logs help and analysis

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 11-12-13, 15:06
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Hijack This Log Help Please

Hiya, my sister bless her lol She passed me her laptop to make it go "faster" (remove the malware lol) and I have done the usual malwarebytes, AVG CC Cleaner but I think there's more on here still. The windows update wont work which is a massive clue.

Here is her hijack this log.......it would be great if someone can give it a browse and see if there are any virus left.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:03:14, on 11/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)


Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\lianne\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Pivot Stickfigure DB Toolbar\tbcore3.dll
O3 - Toolbar: Pivot Stickfigure DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Pivot Stickfigure DB Toolbar\tbcore3.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.ex e" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01...PUplden-gb.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe

--
End of file - 9573 bytes

Thanks as always
Reply With Quote
  #2  
Old 11-12-13, 17:49
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Re: Hijack This Log Help Please

Hi,

Just a quick one to say the Windows Updates have been successful. Im guessing they just werent done for a while.

Thanks again
Reply With Quote
  #3  
Old 12-12-13, 09:36
kevinf80's Avatar
kevinf80 kevinf80 is offline
Global Moderator
 
Join Date: Feb 2008
Location: Sunderland.UK.
Posts: 1,887
Default Re: Hijack This Log Help Please

If you still want a check done do the following:

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Post those logs...

Kevin
__________________

If you are satisfied with my help, consider a donation. Thank you...
Reply With Quote
  #4  
Old 12-12-13, 10:39
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Re: Hijack This Log Help Please

Thanks for your help Kevin

Ive just ran the Adw cleaner and there are a few things I think should be removed like AVG Toolbar etc.....here is the log.

# AdwCleaner v3.015 - Report created 12/12/2013 at 11:34:32
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : lianne - LIANNE-PC
# Running from : C:\Users\lianne\Downloads\AdwCleaner (1).exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater17.1.2

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\StartWeb.xml
File Found : C:\Users\lianne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.local storage
File Found : C:\windows\system32\conduitEngine.tmp
File Found : C:\windows\System32\Tasks\Dealply
File Found : C:\windows\System32\Tasks\QtraxPlayer
File Found : C:\windows\Tasks\Dealply.job
Folder Found : C:\Users\lianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadj fpblof
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\Nosibay
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\lianne\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\lianne\AppData\Local\Conduit
Folder Found C:\Users\lianne\AppData\Local\PackageAware
Folder Found C:\Users\lianne\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\lianne\AppData\LocalLow\Conduit
Folder Found C:\Users\lianne\AppData\LocalLow\IminentToolbar
Folder Found C:\Users\lianne\AppData\LocalLow\Smartbar
Folder Found C:\Users\lianne\AppData\LocalLow\Toolbar4
Folder Found C:\Users\lianne\AppData\Roaming\DSite
Folder Found C:\Users\lianne\AppData\Roaming\IminentToolbar
Folder Found C:\Users\lianne\AppData\Roaming\Nosibay
Folder Found C:\Users\lianne\Qtrax
Folder Found C:\windows\system32\Searchprotect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Nosibay
Key Found : HKCU\Software\qtrax
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\smartbarbackup
Key Found : HKCU\Software\smartbarlog
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\5a53d9dcb03fec46
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribu te
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobj ect
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplayst ate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi .1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2850927
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier .1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecur ityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecur ityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmop ecpmkdieinmbadjfpblof
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstalle r_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstalle r_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI3 2
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANC S
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _for_pivot-stickfigure-animator_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _for_pivot-stickfigure-animator_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASA PI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASM ANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\QtraxPl ayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88DD75 A5-FCD3-494B-9093-172D5C01A3ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F15F0 0B-1FCB-47E8-B3E5-FBAD7E93E441}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\SearchTheWebARP
Key Found : HKLM\Software\Minibar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Speedchecker Limited
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [bubbledock@nosibay.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\lianne\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : keyword
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [21045 octets] - [12/12/2013 11:34:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21106 octets] ##########


Thanks again mate
Reply With Quote
  #5  
Old 12-12-13, 11:39
kevinf80's Avatar
kevinf80 kevinf80 is offline
Global Moderator
 
Join Date: Feb 2008
Location: Sunderland.UK.
Posts: 1,887
Default Re: Hijack This Log Help Please

Yes remove all of those entries with the clean function.....

Continue with FRST and post logs, is purely diagnostic will make no changes..
__________________

If you are satisfied with my help, consider a donation. Thank you...
Reply With Quote
  #6  
Old 12-12-13, 12:23
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Re: Hijack This Log Help Please

Thanks again Kevin,

Ive cleaned using the Adw cleaner and then ran the FRST as requested. Here are the logs -

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013
Ran by lianne (administrator) on LIANNE-PC on 12-12-2013 13:15:33
Running from C:\Users\lianne\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) \\?\C:\windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.ex e [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797008 2010-07-21] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [EKStatusMonitor] - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [AVG-Secure-Search-Update_1113a] - C:\Users\lianne\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=b5a8998557e047d38344d16d12cee97f-4a68ec3c2e5ae9bba9f5728d523d77deaaaf9699 /CMPID=1113a
MountPoints2: F - F:\AutoRun.exe
MountPoints2: G - G:\AutoRun.exe
MountPoints2: {19ac5c9c-539d-11df-af4e-0024542a008c} - G:\AutoRun.exe
MountPoints2: {5d7d8a9b-ab1a-11df-86a6-0024542a008c} - F:\AutoRun.exe
MountPoints2: {5d7d8aa0-ab1a-11df-86a6-0024542a008c} - F:\AutoRun.exe
MountPoints2: {94324680-82cf-11df-9d55-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {94324688-82cf-11df-9d55-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {a4270270-a3ff-11df-8767-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {a471c675-c564-11df-9d7c-0024542a008c} - G:\Startme.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x05A363AC296FCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com
http://www.google.co.uk/
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:so urce?}
SearchScopes: HKCU - {286BC115-D895-4756-943F-6348F08D0128} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms }&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid =B072424E-D837-4578-9930-B9CA037E89CE&apn_sauid=B0F4A29C-A662-4AC0-8E4E-A767FD8AE63B
SearchScopes: HKCU - {7CB6123E-A003-4FB1-A704-F12986C54684} URL = http://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41647869&src=kw&q={searchTerms}&locale=&apn_ ptnrs=1S&apn_dtid=YYYYYYYYGB&apn_uid=709C9408-61FF-49C9-8BD2-57DF7D59524E&apn_sauid=C7EBB110-73BC-43A6-93F2-4F10898632E8
SearchScopes: HKCU - {D1D456FE-A6BE-4F5C-B740-08D0E4A1812F} URL = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_6_60 2_180.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

Chrome:
=======
CHR DefaultSearchKeyword: google.co.uk
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ }{googleriginalQueryForSuggestion}{google:assist edQueryStats}{google:searchFieldtrialParameter}{go ogle:bookmarkBarPinned}{google:searchClient}{googl e:sourceId}{google:instantExtendedEnabledParameter }{googlemniboxStartMarginParameter}ie={inputEnco ding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledP arameter}{google:ntpIsThemedParameter}ie={inputEnc oding}
CHR Extension: (Google Docs) - C:\Users\lianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake\0.5_0
CHR Extension: (Google Wallet) - C:\Users\lianne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [fjpdnoojnohifgekbkmnfbiobhcbedka] - C:\Program Files\outobox\fjpdnoojnohifgekbkmnfbiobhcbedka.crx
CHR HKLM\...\Chrome\Extension: [kbjlipmgfoamgjaogmbihaffnpkpjajp] - C:\Program Files\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx
CHR HKLM\...\Chrome\Extension: [paecomhchipnlifhgjondomifdeegnap] - C:\Users\lianne\AppData\Local\Temp\paecomhchipnlif hgjondomifdeegnap.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [830376 2013-02-15] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3783672 2013-05-01] (Acronis)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7084672 2013-03-20] (Acronis)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-12-12] (AVG Technologies)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
S3 S2usbser; C:\Windows\System32\DRIVERS\S2usbser.sys [103680 2008-07-23] (AMOI Incorporated)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [888640 2013-05-01] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2013-05-01] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2013-05-01] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2013-05-01] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2013-05-01] (Acronis International GmbH)
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-07-21] (ZTE Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-12 13:15 - 2013-12-12 13:16 - 00016120 _____ C:\Users\lianne\Downloads\FRST.txt
2013-12-12 13:15 - 2013-12-12 13:15 - 00000000 ____D C:\FRST
2013-12-12 13:14 - 2013-12-12 13:14 - 01060373 _____ (Farbar) C:\Users\lianne\Downloads\FRST.exe
2013-12-12 13:11 - 2013-12-12 13:11 - 00000890 _____ C:\windows\PFRO.log
2013-12-12 11:34 - 2013-12-12 11:34 - 01226802 _____ C:\Users\lianne\Downloads\AdwCleaner (1).exe
2013-12-12 11:29 - 2013-12-12 13:09 - 00000000 ____D C:\AdwCleaner
2013-12-12 11:28 - 2013-12-12 11:28 - 01226802 _____ C:\Users\lianne\Downloads\AdwCleaner.exe
2013-12-12 11:21 - 2013-12-12 13:11 - 00000000 ____D C:\Users\lianne\AppData\Local\AVG SafeGuard toolbar
2013-12-12 11:21 - 2013-12-12 11:21 - 00037664 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2013-12-11 18:50 - 2013-12-12 13:11 - 00000168 _____ C:\windows\setupact.log
2013-12-11 18:50 - 2013-12-11 18:50 - 00000000 _____ C:\windows\setuperr.log
2013-12-11 18:39 - 2013-11-23 18:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-11 18:39 - 2013-11-12 02:07 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-12-11 18:39 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-11 18:39 - 2013-10-30 01:27 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-11 18:39 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-11 18:39 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-11 18:39 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-11 18:39 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2013-12-11 18:39 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-11 18:39 - 2013-10-04 01:49 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2013-12-11 18:39 - 2013-10-04 01:17 - 00177152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-12-11 17:28 - 2013-05-10 04:56 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2013-12-11 17:28 - 2013-05-10 04:56 - 11410432 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-12-11 17:27 - 2013-10-25 04:45 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-11 17:27 - 2013-10-25 04:45 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-11 17:27 - 2013-10-25 04:44 - 14356992 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-11 17:27 - 2013-10-25 04:44 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 13761536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-11 17:27 - 2013-10-25 04:43 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-11 17:27 - 2013-10-25 03:41 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-11 17:27 - 2013-10-25 02:49 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-11 16:07 - 2013-12-11 16:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\lianne\Downloads\HijackThis (1).exe
2013-12-11 16:03 - 2013-12-11 16:07 - 00009633 _____ C:\Users\lianne\Downloads\hijackthis.log
2013-12-11 16:02 - 2013-12-11 16:02 - 00388608 _____ (Trend Micro Inc.) C:\Users\lianne\Downloads\HijackThis.exe
2013-12-11 14:51 - 2013-12-11 14:51 - 00000000 ____D C:\ProgramData\Oracle
2013-12-11 14:51 - 2013-12-11 14:51 - 00000000 ____D C:\Program Files\Common Files\Java
2013-12-11 14:51 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2013-12-11 14:51 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-12-11 14:51 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-12-11 14:51 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-12-11 14:50 - 2013-12-11 14:51 - 00005509 _____ C:\windows\system32\jupdate-1.7.0_45-b18.log
2013-12-11 14:47 - 2013-12-11 14:47 - 00000000 ____D C:\ProgramData\Licenses
2013-12-11 14:47 - 2013-12-11 14:47 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-12-11 14:46 - 2013-12-11 14:46 - 04095448 _____ (BrightFort LLC ) C:\Users\lianne\Downloads\spywareblastersetup50.ex e
2013-12-10 21:28 - 2013-12-10 21:28 - 00000000 ____D C:\Users\lianne\AppData\Roaming\AVG2014
2013-12-10 21:27 - 2013-12-10 21:28 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ___HD C:\$AVG
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ____D C:\Users\lianne\AppData\Roaming\TuneUp Software
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ____D C:\Program Files\AVG
2013-12-10 21:23 - 2013-12-12 11:18 - 00000000 ____D C:\ProgramData\MFAData
2013-12-10 21:23 - 2013-12-10 21:31 - 00000000 ____D C:\Users\lianne\AppData\Local\Avg2014
2013-12-10 21:23 - 2013-12-10 21:23 - 04436944 _____ (AVG Technologies) C:\Users\lianne\Downloads\avg_free_stb_all_2014_42 59_cnet.exe
2013-12-10 21:23 - 2013-12-10 21:23 - 00000000 ____D C:\Users\lianne\AppData\Local\MFAData
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\Users\lianne\AppData\Roaming\Malwarebytes
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-10 20:22 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-12-10 20:21 - 2013-12-10 20:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lianne\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 20:15 - 2013-12-10 20:15 - 00000000 ____D C:\Program Files\CCleaner
2013-12-10 20:14 - 2013-12-10 20:15 - 04618136 _____ (Piriform Ltd) C:\Users\lianne\Downloads\ccsetup408.exe
2013-12-10 19:39 - 2013-12-11 18:49 - 00000000 ____D C:\Users\lianne\Desktop\Internet Security
2013-12-10 19:35 - 2013-12-10 19:35 - 00000000 ____D C:\Users\lianne\AppData\Local\{CFB72698-04C9-487A-967B-4F7F16ADAD04}
2013-12-10 00:06 - 2013-12-10 00:06 - 00000000 ____D C:\Users\lianne\AppData\Local\{708993F0-FC77-463D-AB0B-5B741D39206E}
2013-12-07 10:45 - 2013-12-07 10:45 - 00003238 _____ C:\Users\lianne\AppData\Roaming\Bubble Dock.installation.log
2013-12-07 10:34 - 2013-12-07 10:45 - 00002550 _____ C:\Users\lianne\AppData\Roaming\Bubble Dock.boostrap.log
2013-12-07 10:33 - 2013-12-10 20:07 - 00000830 _____ C:\windows\system32\InstallUtil.InstallLog
2013-12-07 10:27 - 2013-12-07 10:27 - 00000000 ____D C:\Users\lianne\AppData\Local\{030DD793-C28E-4FD4-9FBB-27925967915C}
2013-12-04 07:53 - 2013-12-05 19:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{68D1D844-9438-4117-AF7B-0AF70B5F0AF3}
2013-12-03 23:41 - 2013-12-03 23:41 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013 (2).ppt
2013-12-03 23:29 - 2013-12-03 23:29 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013 (1).ppt
2013-12-03 23:26 - 2013-12-03 23:26 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013.ppt
2013-12-03 22:31 - 2013-12-03 22:31 - 03058176 _____ C:\Users\lianne\Downloads\Staff_Conference_2013_Po rtal_164158_4Jul13.ppt
2013-12-03 18:23 - 2013-12-03 18:23 - 00000000 ____D C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942}
2013-12-02 10:53 - 2013-12-02 22:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42}
2013-11-28 01:03 - 2013-11-28 01:03 - 02042172 _____ C:\Users\lianne\Downloads\Equality and diversity induction.pptx
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\wangjihua\AppData\Local\Mobogenie
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\wangjihua
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\lianne\.android
2013-11-27 17:36 - 2013-11-27 17:36 - 00000000 ____D C:\Users\lianne\AppData\Local\{2693D115-67A2-435C-8409-DBB9C2F4C544}
2013-11-23 10:19 - 2013-12-11 19:13 - 00000000 ____D C:\Users\lianne\AppData\Local\Mobogenie
2013-11-23 10:19 - 2013-12-10 21:03 - 00001467 _____ C:\Users\lianne\daemonprocess.txt
2013-11-23 10:19 - 2013-12-10 00:22 - 00000000 ____D C:\Users\lianne\AppData\Local\cache
2013-11-23 10:18 - 2013-12-11 19:13 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45.exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (3).exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (2).exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (1).exe
2013-11-22 19:17 - 2013-11-22 19:17 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-22 19:16 - 2013-11-22 19:17 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-22 19:16 - 2013-11-22 19:17 - 00000000 ____D C:\Program Files\iTunes
2013-11-22 19:16 - 2013-11-22 19:16 - 00000000 ____D C:\Program Files\iPod
2013-11-15 20:14 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-15 20:14 - 2013-10-12 02:01 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-15 20:14 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-15 20:14 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-15 20:14 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dl l
2013-11-15 20:14 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-15 20:14 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-15 20:14 - 2013-10-03 01:58 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-15 20:14 - 2013-09-25 02:01 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-15 20:14 - 2013-09-25 02:01 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-15 20:14 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-15 20:14 - 2013-09-25 01:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-15 20:14 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-15 20:14 - 2013-09-25 01:56 - 01038848 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-15 20:14 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-15 20:14 - 2013-09-25 00:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-15 20:14 - 2013-09-25 00:49 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-15 20:14 - 2013-07-04 12:16 - 00369848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-12 13:16 - 2013-12-12 13:15 - 00016120 _____ C:\Users\lianne\Downloads\FRST.txt
2013-12-12 13:16 - 2009-12-05 02:40 - 01557763 _____ C:\windows\WindowsUpdate.log
2013-12-12 13:15 - 2013-12-12 13:15 - 00000000 ____D C:\FRST
2013-12-12 13:14 - 2013-12-12 13:14 - 01060373 _____ (Farbar) C:\Users\lianne\Downloads\FRST.exe
2013-12-12 13:12 - 2010-04-29 21:34 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-12 13:11 - 2013-12-12 13:11 - 00000890 _____ C:\windows\PFRO.log
2013-12-12 13:11 - 2013-12-12 11:21 - 00000000 ____D C:\Users\lianne\AppData\Local\AVG SafeGuard toolbar
2013-12-12 13:11 - 2013-12-11 18:50 - 00000168 _____ C:\windows\setupact.log
2013-12-12 13:11 - 2011-12-30 18:58 - 00000000 ____D C:\ProgramData\Kodak
2013-12-12 13:11 - 2009-07-14 04:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-12 13:10 - 2009-07-14 04:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 13:10 - 2009-07-14 04:34 - 00014736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 13:09 - 2013-12-12 11:29 - 00000000 ____D C:\AdwCleaner
2013-12-12 13:09 - 2010-04-29 13:57 - 00000000 ____D C:\Users\lianne
2013-12-12 13:00 - 2010-04-29 21:34 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 12:37 - 2012-06-10 08:03 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 12:08 - 2009-07-14 02:37 - 00000000 ____D C:\windows\rescache
2013-12-12 11:34 - 2013-12-12 11:34 - 01226802 _____ C:\Users\lianne\Downloads\AdwCleaner (1).exe
2013-12-12 11:28 - 2013-12-12 11:28 - 01226802 _____ C:\Users\lianne\Downloads\AdwCleaner.exe
2013-12-12 11:21 - 2013-12-12 11:21 - 00037664 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2013-12-12 11:18 - 2013-12-10 21:23 - 00000000 ____D C:\ProgramData\MFAData
2013-12-11 19:13 - 2013-11-23 10:19 - 00000000 ____D C:\Users\lianne\AppData\Local\Mobogenie
2013-12-11 19:13 - 2013-11-23 10:18 - 00000000 ____D C:\Program Files\Mobogenie
2013-12-11 19:12 - 2013-08-29 12:46 - 00000000 ____D C:\Program Files\Citrix
2013-12-11 18:50 - 2013-12-11 18:50 - 00000000 _____ C:\windows\setuperr.log
2013-12-11 18:50 - 2009-07-26 20:57 - 00000000 ____D C:\windows\Panther
2013-12-11 18:49 - 2013-12-10 19:39 - 00000000 ____D C:\Users\lianne\Desktop\Internet Security
2013-12-11 18:49 - 2009-07-26 20:06 - 00796132 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-11 18:44 - 2009-07-14 04:33 - 00490952 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-11 18:40 - 2010-04-29 14:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 17:30 - 2013-08-17 00:52 - 00000000 ____D C:\windows\system32\MRT
2013-12-11 17:28 - 2010-05-03 17:58 - 88123800 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-12-11 16:07 - 2013-12-11 16:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\lianne\Downloads\HijackThis (1).exe
2013-12-11 16:07 - 2013-12-11 16:03 - 00009633 _____ C:\Users\lianne\Downloads\hijackthis.log
2013-12-11 16:02 - 2013-12-11 16:02 - 00388608 _____ (Trend Micro Inc.) C:\Users\lianne\Downloads\HijackThis.exe
2013-12-11 14:51 - 2013-12-11 14:51 - 00000000 ____D C:\ProgramData\Oracle
2013-12-11 14:51 - 2013-12-11 14:51 - 00000000 ____D C:\Program Files\Common Files\Java
2013-12-11 14:51 - 2013-12-11 14:50 - 00005509 _____ C:\windows\system32\jupdate-1.7.0_45-b18.log
2013-12-11 14:51 - 2010-04-30 20:36 - 00000000 ____D C:\Program Files\Java
2013-12-11 14:47 - 2013-12-11 14:47 - 00000000 ____D C:\ProgramData\Licenses
2013-12-11 14:47 - 2013-12-11 14:47 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-12-11 14:46 - 2013-12-11 14:46 - 04095448 _____ (BrightFort LLC ) C:\Users\lianne\Downloads\spywareblastersetup50.ex e
2013-12-10 22:26 - 2009-07-14 04:52 - 00000000 ____D C:\windows\system32\FxsTmp
2013-12-10 21:31 - 2013-12-10 21:23 - 00000000 ____D C:\Users\lianne\AppData\Local\Avg2014
2013-12-10 21:30 - 2013-03-17 10:20 - 00000000 ____D C:\Program Files\Audacity
2013-12-10 21:28 - 2013-12-10 21:28 - 00000000 ____D C:\Users\lianne\AppData\Roaming\AVG2014
2013-12-10 21:28 - 2013-12-10 21:27 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ___HD C:\$AVG
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ____D C:\Users\lianne\AppData\Roaming\TuneUp Software
2013-12-10 21:27 - 2013-12-10 21:27 - 00000000 ____D C:\Program Files\AVG
2013-12-10 21:23 - 2013-12-10 21:23 - 04436944 _____ (AVG Technologies) C:\Users\lianne\Downloads\avg_free_stb_all_2014_42 59_cnet.exe
2013-12-10 21:23 - 2013-12-10 21:23 - 00000000 ____D C:\Users\lianne\AppData\Local\MFAData
2013-12-10 21:15 - 2011-02-05 22:24 - 00001945 _____ C:\windows\epplauncher.mif
2013-12-10 21:04 - 2009-07-14 02:37 - 00000000 ____D C:\windows\Branding
2013-12-10 21:03 - 2013-11-23 10:19 - 00001467 _____ C:\Users\lianne\daemonprocess.txt
2013-12-10 21:03 - 2011-09-11 15:16 - 00000000 ____D C:\Program Files\Pivot Stickfigure DB Toolbar
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\Users\lianne\AppData\Roaming\Malwarebytes
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 20:22 - 2013-12-10 20:22 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-10 20:22 - 2013-12-10 20:21 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\lianne\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 20:20 - 2010-04-30 01:01 - 00000000 ____D C:\Users\lianne\Tracing
2013-12-10 20:18 - 2011-02-16 10:42 - 00000000 ____D C:\windows\Minidump
2013-12-10 20:15 - 2013-12-10 20:15 - 00000000 ____D C:\Program Files\CCleaner
2013-12-10 20:15 - 2013-12-10 20:14 - 04618136 _____ (Piriform Ltd) C:\Users\lianne\Downloads\ccsetup408.exe
2013-12-10 20:10 - 2012-09-07 20:27 - 00000000 ____D C:\Users\lianne\AppData\Local\Unity
2013-12-10 20:07 - 2013-12-07 10:33 - 00000830 _____ C:\windows\system32\InstallUtil.InstallLog
2013-12-10 19:49 - 2009-12-05 02:56 - 00000000 ____D C:\ProgramData\McAfee
2013-12-10 19:48 - 2013-05-01 20:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-10 19:45 - 2009-12-05 03:02 - 00000000 ____D C:\Program Files\Google
2013-12-10 19:44 - 2011-10-10 17:08 - 00000000 ____D C:\Users\lianne\AppData\Local\Facebook
2013-12-10 19:35 - 2013-12-10 19:35 - 00000000 ____D C:\Users\lianne\AppData\Local\{CFB72698-04C9-487A-967B-4F7F16ADAD04}
2013-12-10 01:25 - 2012-11-24 02:41 - 00000000 ____D C:\Users\lianne\Documents\01 Hypnotherapy
2013-12-10 00:22 - 2013-11-23 10:19 - 00000000 ____D C:\Users\lianne\AppData\Local\cache
2013-12-10 00:14 - 2010-04-30 09:26 - 00000000 ____D C:\Users\lianne\Documents\aa work File
2013-12-10 00:11 - 2010-04-30 11:36 - 00000000 ____D C:\Users\lianne\Documents\personal
2013-12-10 00:06 - 2013-12-10 00:06 - 00000000 ____D C:\Users\lianne\AppData\Local\{708993F0-FC77-463D-AB0B-5B741D39206E}
2013-12-08 11:49 - 2013-07-02 13:40 - 00000000 ____D C:\Users\lianne\Documents\hardy building services
2013-12-07 11:07 - 2013-06-02 11:46 - 00000000 ____D C:\Users\lianne\AppData\Roaming\.minecraft
2013-12-07 10:45 - 2013-12-07 10:45 - 00003238 _____ C:\Users\lianne\AppData\Roaming\Bubble Dock.installation.log
2013-12-07 10:45 - 2013-12-07 10:34 - 00002550 _____ C:\Users\lianne\AppData\Roaming\Bubble Dock.boostrap.log
2013-12-07 10:27 - 2013-12-07 10:27 - 00000000 ____D C:\Users\lianne\AppData\Local\{030DD793-C28E-4FD4-9FBB-27925967915C}
2013-12-05 19:53 - 2013-12-04 07:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{68D1D844-9438-4117-AF7B-0AF70B5F0AF3}
2013-12-04 02:37 - 2010-04-30 09:41 - 00000000 ____D C:\Users\lianne\Documents\assessor stuff
2013-12-03 23:41 - 2013-12-03 23:41 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013 (2).ppt
2013-12-03 23:29 - 2013-12-03 23:29 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013 (1).ppt
2013-12-03 23:26 - 2013-12-03 23:26 - 04905984 _____ C:\Users\lianne\Downloads\HoS p point PASSPORT August 2013.ppt
2013-12-03 22:31 - 2013-12-03 22:31 - 03058176 _____ C:\Users\lianne\Downloads\Staff_Conference_2013_Po rtal_164158_4Jul13.ppt
2013-12-03 18:23 - 2013-12-03 18:23 - 00000000 ____D C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942}
2013-12-02 22:53 - 2013-12-02 10:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42}
2013-11-28 01:03 - 2013-11-28 01:03 - 02042172 _____ C:\Users\lianne\Downloads\Equality and diversity induction.pptx
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\wangjihua\AppData\Local\Mobogenie
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\wangjihua
2013-11-27 17:37 - 2013-11-27 17:37 - 00000000 ____D C:\Users\lianne\.android
2013-11-27 17:36 - 2013-11-27 17:36 - 00000000 ____D C:\Users\lianne\AppData\Local\{2693D115-67A2-435C-8409-DBB9C2F4C544}
2013-11-23 18:26 - 2013-12-11 18:39 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45.exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (3).exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (2).exe
2013-11-23 10:09 - 2013-11-23 10:09 - 00915368 _____ (Oracle Corporation) C:\Users\lianne\Downloads\chromeinstall-7u45 (1).exe
2013-11-22 19:17 - 2013-11-22 19:17 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-22 19:17 - 2013-11-22 19:16 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-22 19:17 - 2013-11-22 19:16 - 00000000 ____D C:\Program Files\iTunes
2013-11-22 19:16 - 2013-11-22 19:16 - 00000000 ____D C:\Program Files\iPod
2013-11-22 19:16 - 2011-01-20 03:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-19 10:21 - 2010-07-09 16:14 - 00230048 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-16 13:26 - 2013-11-02 09:06 - 00000000 ____D C:\Users\lianne\AppData\Local\{8CB6D654-603A-4F0E-85AA-125CA13C7906}
2013-11-12 02:07 - 2013-12-11 18:39 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll

Some content of TEMP:
====================
C:\Users\lianne\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-11 16:41

==================== End Of Log ============================--------------
Reply With Quote
  #7  
Old 12-12-13, 12:23
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Re: Hijack This Log Help Please

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-12-2013
Ran by lianne at 2013-12-12 13:17:48
Running from C:\Users\lianne\Downloads
Boot Mode: Normal
================================================== ========


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Photoshop Elements 2.0 (Version: 2.0)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
aioscnnr (Version: 7.6.13.10)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Atheros Client Installation Program (Version: 1.0.1.0805)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
BatteryLifeExtender (Version: 1.0.1)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (Version: 1.00.0000)
CCleaner (Version: 4.08)
center (Version: 7.7.2.0)
CyberLink YouCam (Version: 2.0.3304)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
DaisyTrail American Holidays 2011 Digikit (Version: 1.0.0.001)
DaisyTrail Be My Valentine Digikit (Version: 1.0.0.001)
DaisyTrail Certificates Digikit (Version: 1.0.2.027)
DaisyTrail Digikit Collection 1 (Version: 1.1.0.005)
DaisyTrail Digikit Collection 2 (Version: 1.1.0.006)
DaisyTrail Digikit Collection 3 (Version: 1.1.0.002)
DaisyTrail Digikit Collection 4 (Version: 1.1.0.006)
DaisyTrail Digikit Collection 5 (Version: 1.1.0.001)
DaisyTrail Father's Day 2011 Digikit (Version: 1.0.0.002)
DaisyTrail Father's Day 2011 Digikit (Version: 1.0.2.019)
DaisyTrail Free - British Street Party Digikit (Version: 1.0.0.001)
DaisyTrail Sparkle Sky Digikit (Version: 1.0.0.001)
DaisyTrail Valentine's 2012 Digikit (Version: 1.0.2.027)
Easy Display Manager (Version: 3.0)
EasyBatteryManager (Version: 4.0.0.3)
essentials (Version: 7.7.2.0)
EstimatorXpress v.8 (Version: 8.45.0)
EZ Label Xpress Lite (Version: 1.00.0000)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Health, safety and environment test for operatives and specialists 2012 edition (Version: 2.0)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Matrix Storage Manager
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Accounting 2008 (Version: 3.0.8627.1)
Microsoft Office Accounting 2008 PayPal Addin (Version: 3.0.8231.0)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Craft Studio (Version: 1.4.0.7)
My Craft Studio Professional 2.1.0.0 (Version: 2.1.0.0)
ocr (Version: 6.2.3.50)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Paula Phillips, Good Times Digikit (Version: 1.0.0.001)
Picasa 3 (Version: 3.9)
Pivot Stickfigure Animator version 2.2.6 (Version: 2.2.6)
Pivot Stickfigure DB Toolbar
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
QuickShare (Version: 10.169.60.13223)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.6003)
Runtime (Version: 1.00.0000)
Serif CraftArtist Baby Photos Collection (Version: 1.0.0.007)
Serif CraftArtist Greeting Cards Collection (Version: 1.0.0.007)
Serif CraftArtist Professional (Version: 1.0.6.046)
Serif CraftArtist Scrapbooks Collection (Version: 1.0.0.007)
Serif CraftArtist Wedding Days Collection (Version: 1.0.0.008)
Serif Digital Scrapbook Artist 2 (Version: 2.0.3.018)
Serif Digital Scrapbook Artist Photobook, Basic (Version: 1.0.1.003)
Serif Digital Scrapbook Artist Photobook, Contemporary (Version: 1.0.1.003)
Serif Photo Projects (Version: 1.0.2.024)
SpywareBlaster 5.0 (Version: 5.0.0)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
TomTom HOME (Version: 2.9.0)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
True Image 2013 (Version: 16.0.6514)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

==================== Restore Points =========================

12-12-2013 12:08:21 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-14 02:04 - 2009-06-10 21:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2D577A20-059C-43FE-B6C0-1FB82EC956F8} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExten der.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {31109415-0B15-47CE-BEE1-9EC6A92C8B74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-29] (Google Inc.)
Task: {3C9A0C25-82ED-4DB8-804B-2DBF9D56345A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-29] (Google Inc.)
Task: {3E5AFEBE-EEE4-4D6B-88BF-BDCA553AD81A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {48A6287D-9267-44E7-99FD-21FCA0982FF8} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {59CF8B48-32FA-4BA1-AB59-FC2B8E510D40} - System32\Tasks\{FE1CC8B9-E212-4E37-A701-5995528A119E} => C:\Program Files\Skype\Phone\Skype.exe
Task: {666D60C7-E83F-4EED-9246-D245385D8B72} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {88A49655-48B3-4C5D-8CD2-9B43A4A79D2F} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {C3FEBBFC-65BA-4DA3-B409-75CFC8F15C33} - System32\Tasks\{1E23414B-A43C-45DF-8166-D732471116BC} => C:\Program Files\LG Electronics\LG PC Suite III\LG_PCSuiteIII.exe
Task: {CC0D875C-93E1-46F8-B7B7-80E0B3BCFA41} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.e xe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {E0D15977-0BA6-456C-B49D-60765F90D275} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe [2013-03-16] (Adobe Systems Incorporated)
Task: {EE003E7A-DABC-451A-9454-62678F9CB65A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_ex e => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2010-07-21] (Microsoft Corporation)
Task: {F1B48F98-1BC5-4D32-BBFB-099FFB39F3BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-27 21:36 - 2013-03-27 21:36 - 00021312 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub .dll
2009-12-05 02:54 - 2006-08-12 03:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2013-12-06 00:04 - 2013-12-04 02:47 - 00702416 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libgl esv2.dll
2013-12-06 00:04 - 2013-12-04 02:47 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libeg l.dll
2013-12-06 00:04 - 2013-12-04 02:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.d ll
2013-12-06 00:04 - 2013-12-04 02:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoo gleNaClPluginChrome.dll
2013-12-06 00:04 - 2013-12-04 02:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpe gsumo.dll

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2013 00:02:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2013 00:02:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (12/12/2013 11:25:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 8.0.168.192.in-addr.arpa. PTR lianne-PC.local.

Error: (12/12/2013 11:25:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.8:5353 19 8.0.168.192.in-addr.arpa. PTR lianne-PC-2.local.

Error: (12/11/2013 06:54:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {05f6724f-71aa-45e8-ba1b-c6da0abbc79a}

Error: (12/11/2013 04:42:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture=" amd64",publicKeyToken="6595b64144ccf1df",type="win 32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/11/2013 04:41:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (12/11/2013 02:42:16 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 8.0.168.192.in-addr.arpa. PTR lianne-PC.local.

Error: (12/11/2013 02:42:16 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.8:5353 19 8.0.168.192.in-addr.arpa. PTR lianne-PC-2.local.

Error: (12/10/2013 09:06:05 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/12/2013 11:29:36 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (12/12/2013 11:16:11 AM) (Source: Service Control Manager) (User: )
Description: The Acronis Sync Agent Service service hung on starting.

Error: (12/10/2013 09:06:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/10/2013 09:06:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (12/10/2013 07:58:31 PM) (Source: Service Control Manager) (User: )
Description: The Acronis Sync Agent Service service hung on starting.

Error: (12/10/2013 07:55:11 PM) (Source: Service Control Manager) (User: )
Description: The SProtection service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 07:54:41 PM) (Source: Service Control Manager) (User: )
Description: The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 07:41:59 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 07:33:16 PM) (Source: Service Control Manager) (User: )
Description: The SProtection service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 00:04:06 AM) (Source: Service Control Manager) (User: )
Description: The SProtection service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (11/20/2013 04:58:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 407 seconds with 60 seconds of active time. This session ended with a crash.

Error: (04/19/2012 07:59:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 93471 seconds with 2520 seconds of active time. This session ended with a crash.

Error: (01/20/2012 10:34:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30764 seconds with 6360 seconds of active time. This session ended with a crash.

Error: (01/12/2012 00:27:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 390895 seconds with 2040 seconds of active time. This session ended with a crash.

Error: (07/21/2011 05:06:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 226 seconds with 60 seconds of active time. This session ended with a crash.

Error: (05/13/2011 09:46:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/10/2011 01:26:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91291 seconds with 420 seconds of active time. This session ended with a crash.

Error: (02/05/2011 10:20:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/04/2011 10:38:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/04/2011 00:50:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 51231 seconds with 540 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2010-05-29 22:11:42.895
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-05-29 22:05:49.782
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 3004.61 MB
Available physical RAM: 1467.65 MB
Total Pagefile: 6005.45 MB
Available Pagefile: 4245.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1882.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:225.33 GB) (Free:93.96 GB) NTFS
Drive d: () (Fixed) (Total:225.33 GB) (Free:59.56 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 466 GB) (Disk ID: 0E0EF5DF)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=225 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Thanks again mate
Reply With Quote
  #8  
Old 12-12-13, 18:18
kevinf80's Avatar
kevinf80 kevinf80 is offline
Global Moderator
 
Join Date: Feb 2008
Location: Sunderland.UK.
Posts: 1,887
Default Re: Hijack This Log Help Please

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next,

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

Run Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete
  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

close program

copy and paste the report in next reply
Attached Files
File Type: txt fixlist.txt (2.3 KB, 3 views)
__________________

If you are satisfied with my help, consider a donation. Thank you...
Reply With Quote
  #9  
Old 12-12-13, 21:31
roper999 roper999 is offline
Enthusiastic contributor
 
Join Date: Jun 2004
Location: East Yorkshire
Posts: 474
Default Re: Hijack This Log Help Please

Hiya Kevin, thanks for your time on this, its really appreciated.

Here is the first log you requested -

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-12-2013
Ran by lianne at 2013-12-12 21:03:50 Run:1
Running from C:\Users\lianne\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
MountPoints2: F - F:\AutoRun.exe
MountPoints2: G - G:\AutoRun.exe
MountPoints2: {19ac5c9c-539d-11df-af4e-0024542a008c} - G:\AutoRun.exe
MountPoints2: {5d7d8a9b-ab1a-11df-86a6-0024542a008c} - F:\AutoRun.exe
MountPoints2: {5d7d8aa0-ab1a-11df-86a6-0024542a008c} - F:\AutoRun.exe
MountPoints2: {94324680-82cf-11df-9d55-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {94324688-82cf-11df-9d55-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {a4270270-a3ff-11df-8767-0024542a008c} - F:\AutoInstall.exe
MountPoints2: {a471c675-c564-11df-9d7c-0024542a008c} - G:\Startme.exe
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {286BC115-D895-4756-943F-6348F08D0128} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms }&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_u id =B072424E-D837-4578-9930-B9CA037E89CE&apn_sauid=B0F4A29C-A662-4AC0-8E4E-A767FD8AE63B
SearchScopes: HKCU - {7CB6123E-A003-4FB1-A704-F12986C54684} URL = http://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41647869&src=kw&q={searchTerms}&locale=&apn_ ptnrs=1S&apn_dtid=YYYYYYYYGB&apn_uid=709C9408-61FF-49C9-8BD2-57DF7D59524E&apn_sauid=C7EBB110-73BC-43A6-93F2-4F10898632E8
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2013-12-10 19:35 - 2013-12-10 19:35 - 00000000 ____D C:\Users\lianne\AppData\Local\{CFB72698-04C9-487A-967B-4F7F16ADAD04}
2013-12-10 00:06 - 2013-12-10 00:06 - 00000000 ____D C:\Users\lianne\AppData\Local\{708993F0-FC77-463D-AB0B-5B741D39206E}
2013-12-07 10:27 - 2013-12-07 10:27 - 00000000 ____D C:\Users\lianne\AppData\Local\{030DD793-C28E-4FD4-9FBB-27925967915C}
2013-12-04 07:53 - 2013-12-05 19:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{68D1D844-9438-4117-AF7B-0AF70B5F0AF3}
2013-12-03 18:23 - 2013-12-03 18:23 - 00000000 ____D C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942}
2013-12-02 10:53 - 2013-12-02 22:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42}
2013-12-03 18:23 - 2013-12-03 18:23 - 00000000 ____D C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942}
2013-12-02 22:53 - 2013-12-02 10:53 - 00000000 ____D C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42}
C:\Users\lianne\AppData\Local\Temp\Quarantine.exe
End



*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\F => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\G => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{19ac5c9c-539d-11df-af4e-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{19ac5c9c-539d-11df-af4e-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{5d7d8a9b-ab1a-11df-86a6-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{5d7d8a9b-ab1a-11df-86a6-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{5d7d8aa0-ab1a-11df-86a6-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{5d7d8aa0-ab1a-11df-86a6-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{94324680-82cf-11df-9d55-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{94324680-82cf-11df-9d55-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{94324688-82cf-11df-9d55-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{94324688-82cf-11df-9d55-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{a4270270-a3ff-11df-8767-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{a4270270-a3ff-11df-8767-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{a471c675-c564-11df-9d7c-0024542a008c} => Key deleted successfully.
HKCR\CLSID\{a471c675-c564-11df-9d7c-0024542a008c} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgre ss => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{286BC115-D895-4756-943F-6348F08D0128} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{286BC115-D895-4756-943F-6348F08D0128} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7CB6123E-A003-4FB1-A704-F12986C54684} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7CB6123E-A003-4FB1-A704-F12986C54684} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Users\lianne\AppData\Local\{CFB72698-04C9-487A-967B-4F7F16ADAD04} => Moved successfully.
C:\Users\lianne\AppData\Local\{708993F0-FC77-463D-AB0B-5B741D39206E} => Moved successfully.
C:\Users\lianne\AppData\Local\{030DD793-C28E-4FD4-9FBB-27925967915C} => Moved successfully.
C:\Users\lianne\AppData\Local\{68D1D844-9438-4117-AF7B-0AF70B5F0AF3} => Moved successfully.
C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942} => Moved successfully.
C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42} => Moved successfully.
"C:\Users\lianne\AppData\Local\{C69F12E8-9FFD-4438-BA68-3A49FE36F942}" => File/Directory not found.
"C:\Users\lianne\AppData\Local\{99CD5182-DAA7-49A1-BB7F-3BDDDAC03E42}" => File/Directory not found.
"C:\Users\lianne\AppData\Local\Temp\Quarantine.exe " => File/Directory not found.

==== End of Fixlog ====

Also the ESAT scan -

C:\Users\lianne\Documents\pivot_setup2.2.6.exe Win32/Somoto.F application
C:\Users\lianne\Downloads\cbsidlm-tr1_13-EZ_Label_Xpress_Lite-ORG-10256754.exe Win32/DownloadAdmin.G application
C:\Users\lianne\Downloads\ccsetup408.exe Win32/Bundled.Toolbar.Google.D application
C:\Users\lianne\Downloads\ESDPK-FL01-CraftArtist-Compact-EN.exe multiple threats
C:\Users\lianne\Downloads\registrybooster.exe Win32/RegistryBooster application

Thanks mate
Reply With Quote
  #10  
Old 12-12-13, 21:41
kevinf80's Avatar
kevinf80 kevinf80 is offline
Global Moderator
 
Join Date: Feb 2008
Location: Sunderland.UK.
Posts: 1,887
Default Re: Hijack This Log Help Please

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...
  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    Code:
    :Files
    ipconfig /flushdns /c
    C:\Users\lianne\Documents\pivot_setup2.2.6.exe
    C:\Users\lianne\Downloads\cbsidlm-tr1_13-EZ_Label_Xpress_Lite-ORG-10256754.exe
    C:\Users\lianne\Downloads\ccsetup408.exe
    C:\Users\lianne\Downloads\ESDPK-FL01-CraftArtist-Compact-EN.exe
    C:\Users\lianne\Downloads\registrybooster.exe
    :Commands
    [EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

Next,

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
__________________

If you are satisfied with my help, consider a donation. Thank you...
Reply With Quote
Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Search the forum

Search

© Dennis Publishing Limited Licensed by Felden





All times are GMT. The time now is 03:09.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright Dennis Publishing 2010, All rights reserved