Jump to content

tminterlude

Advanced Member
  • Content Count

    525
  • Joined

  • Last visited

About tminterlude

  • Rank
    Advanced Member
  • Birthday 06/08/1985

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Missouri

Previous Fields

  • System Specifications:
    -------------------- Under construction !!
  • TechExpress Link:
    http://pcpitstop.com/betapit/sec.asp?conid=23043101
  • Teams:
    Overclocking Club
  1. Thank you juliet.The computer has come along way.Windows and browsers seem to be opening alot faster now,still laggy compared to my pc's but I suppose this pc is just starting to show its hardware age. I did backup the bookmarks and reinstalled chrome,but could not sign in to google sync as this not my pc. The process's running all appear to be normal and not 20 of any.
  2. I can not find norton pc checkup anywhere to unistall it.It's not under add or remove programs,I tried searching for it with no results either. I disabled advanced system care web surfing protection. So now it will just use AVG surfing protection.I would keep off for faster results but I don't know this guys surfing habits so he could benefit from it being kept on. Your right it has came along way,thank you.The only lag I'm experiencing now is when opening a web browser its just real laggy at first,not sure why. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01 Ran by hungkeong at 2013-11-15 21:44:52 Run:2 Running from C:Program Files (x86)PCCleanupDONOTRUNExpertsOnly Boot Mode: Normal ============================================== Content of fixlist: ***************** CHR Plugin: (ChromeUtilPlugin) - C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaalfcdpfagiijfjeapclohpegmcpml11.39725_0background/ChromeUtilPlugin.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U20) - C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll No File CHR Plugin: (Shockwave Flash) - C:windowsSysWOW64MacromedFlashNPSWF32_11_6_602_180.dll No File CHR Plugin: (Silverlight Plug-In) - c:Program Files (x86)Microsoft Silverlight5.1.20125.0npctrl.dll No File ***************** C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaalfcdpfagiijfjeapclohpegmcpml11.39725_0background/ChromeUtilPlugin.dll not found. C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll not found. C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll not found. C:windowsSysWOW64MacromedFlashNPSWF32_11_6_602_180.dll not found. c:Program Files (x86)Microsoft Silverlight5.1.20125.0npctrl.dll not found. ==== End of Fixlog ====
  3. Well I think it quarantined them automatically.The computer seems better so far,internet browswers and windows seem to be opening up with in seconds now.It does lag loading a web page though, Bitdefender found no infections. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01 Ran by hungkeong (administrator) on HUNGKEONG-PC on 14-11-2013 20:50:16 Running from C:Program Files (x86)PCCleanupDONOTRUNExpertsOnly Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:PROGRA~2AVGAVG2014avgrsa.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcsrva.exe (IObit) C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe (AMD) C:windowssystem32atiesrxx.exe (AMD) C:windowssystem32atieclxx.exe (Apple Inc.) C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgwdsvc.exe (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe (Symantec Corporation) C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe (TOSHIBA Corporation) C:windowssystem32TODDSrv.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (Symantec Corporation) C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe (ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrl.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTPwrMain.exe (TOSHIBA Corporation) C:Program FilesTOSHIBASmoothViewSmoothView.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (TOSHIBA Corporation) C:Program FilesTOSHIBABulletinBoardTosNcCore.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe (TOSHIBA Corporation) C:Program Files (x86)ToshibaTOSHIBA Service StationToshibaServiceStation.exe (Advanced Micro Devices Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgui.exe (ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrlHelper.exe (ATI Technologies Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (Microsoft Corporation) C:windowsSysWOW64svchost.exe (TOSHIBA Corporation) C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (TOSHIBA Corporation) C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (TOSHIBA Corporation) C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (Microsoft Corporation) C:windowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcfgex.exe (PPLive Corporation) C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgnsa.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgrsa.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgrsa.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcsrva.exe ==================== Registry (Whitelisted) ================== HKLM...Run: [smartAudio] - C:Program FilesCONEXANTSAIISAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM...Run: [ETDCtrl] - C:Program FilesElantechETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.) HKLM...Run: [smartFaceVWatcher] - C:Program FilesTOSHIBASmartFaceVSmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM...Run: [TPwrMain] - C:Program FilesTOSHIBAPower SaverTPwrMain.exe [566184 2010-09-28] (TOSHIBA Corporation) HKLM...Run: [smoothView] - C:Program FilesTOSHIBASmoothViewSmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation) HKLM...Run: [00TCrdMain] - C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM...Run: [TosVolRegulator] - C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM...Run: [TosSENotify] - C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM...Run: [TosNC] - C:Program FilesTOSHIBABulletinBoardTosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation) HKLM...Run: [TosReelTimeMonitor] - C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation) HKLM-x32...Run: [startCCC] - C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [336384 2011-02-16] (Advanced Micro Devices, Inc.) HKLM-x32...Run: [ToshibaServiceStation] - C:Program Files (x86)ToshibaTOSHIBA Service StationToshibaServiceStation.exe [1295224 2010-07-01] (TOSHIBA Corporation) HKLM-x32...Run: [NortonOnlineBackupReminder] - C:Program Files (x86)ToshibaToshiba Online BackupActivationTobuActivation.exe [3218792 2010-08-17] (Toshiba) HKLM-x32...Run: [ToshibaAppPlace] - C:Program Files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) HKLM-x32...Run: [AVG_UI] - C:Program Files (x86)AVGAVG2014avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) ==================== Internet (Whitelisted) ==================== HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://msn.com/ StartMenuInternet: IEXPLORE.EXE - C:Program Files (x86)Internet Exploreriexplore.exe BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre7binssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/pcpitstop.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies) TcpipParameters: [DhcpNameServer] 24.217.0.5 24.217.201.67 24.247.15.53 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:windowssystem32MacromedFlashNPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:Program FilesJavajre7bindtpluginnpDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:windowsSysWOW64MacromedFlashNPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:Program Files (x86)Javajre7bindtpluginnpDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:Program Files (x86)Javajre7binplugin2npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pptv.com/plugin - C:Program Files (x86)Internet ExplorerPPLiteplugin1.0.1.3460npplugin2.dll (PPLive Corporation) FF Plugin-x32: @qq.com/QzoneMusic - C:Program Files (x86)TencentQQMusicnpQzoneMusic.dll No File FF Plugin-x32: @qq.com/TXSSO - C:Program Files (x86)Common FilesTencentTXSSO1.2.1.87BinnpSSOAxCtrlForPTLogin.dll (Tencent) FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.) FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsextensions FF Extension: mp3rocketdownloader - C:UsershungkeongAp[email protected]mp3rocket.me.xpi FF HKLM-x32...FirefoxExtensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF Extension: RealPlayer Browser Record Plugin - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF HKLM-x32...FirefoxExtensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF Extension: RealPlayer Browser Record Plugin - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt Chrome: ======= CHR Plugin: (Shockwave Flash) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101PepperFlashpepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101pdf.dll () CHR Plugin: (ChromeUtilPlugin) - C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaalfcdpfagiijfjeapclohpegmcpml11.39725_0background/ChromeUtilPlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:Program Files (x86)AdobeReader 10.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U20) - C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll No File CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin7.dll (Apple Inc.) CHR Plugin: (Tencent SSO Platform) - C:Program Files (x86)Common FilesTencentTXSSO1.2.1.87BinnpSSOAxCtrlForPTLogin.dll (Tencent) CHR Plugin: (Google Update) - C:Program Files (x86)GoogleUpdate1.3.21.135npGoogleUpdate3.dll No File CHR Plugin: (PPLive PPTV Plugin) - C:Program Files (x86)Internet ExplorerPPLiteplugin1.0.1.3460npplugin2.dll (PPLive Corporation) CHR Plugin: (QQMusic) - C:Program Files (x86)TencentQQMusicnpQzoneMusic.dll No File CHR Plugin: (Photo Gallery) - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll () CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Shockwave Flash) - C:windowsSysWOW64MacromedFlashNPSWF32_11_6_602_180.dll No File CHR Plugin: (Silverlight Plug-In) - c:Program Files (x86)Microsoft Silverlight5.1.20125.0npctrl.dll No File CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:program files (x86)realrealplayerNetscape6nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - c:program files (x86)realrealplayerNetscape6nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - c:program files (x86)realrealplayerNetscape6nprpplugin.dll (RealPlayer) CHR Extension: (Google Docs) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake0.5_0 CHR Extension: (Google Drive) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0 CHR Extension: (YouTube) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0 CHR Extension: (ShoppingChip) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionscdlfekohkhfdbpmokgdkhemgjkdclabo1.1 CHR Extension: (Google Search) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.20_0 CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_0 CHR Extension: (Skype Click to Call) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0 CHR Extension: (Advanced SystemCare Surfing Protection) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd1.0.0_1 CHR Extension: (Google Wallet) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda0.0.5.0_0 CHR Extension: (Gmail) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1 CHR HKLM-x32...ChromeExtension: [aaaalfcdpfagiijfjeapclohpegmcpml] - C:ProgramDataAskPartnerNetworkToolbarMP3RV6CRXToolbarCR.crx CHR HKLM-x32...ChromeExtension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:ProgramDataRealRealPlayerBrowserRecordPluginChromeExtrphtml5video.crx CHR HKLM-x32...ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:Program Files (x86)SkypeToolbarsSkype for Chromiumskype_chrome_extension.crx CHR HKLM-x32...ChromeExtension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASC_GhromePlugin.crx ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService6; C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [574272 2013-04-18] (IObit) R2 AVGIDSAgent; C:Program Files (x86)AVGAVG2014avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:Program Files (x86)AVGAVG2014avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) R2 PCCUJobMgr; C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation) R2 PPTVService; C:windowsSysWOW64PPTVSvc.dll [478032 2013-01-31] (PPTV) ==================== Drivers (Whitelisted) ==================== R1 Avgdiska; C:WindowsSystem32DRIVERSavgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:WindowsSystem32DRIVERSavgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:WindowsSystem32DRIVERSavgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:WindowsSystem32DRIVERSavgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:WindowsSystem32DRIVERSavgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:WindowsSystem32DRIVERSavgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:WindowsSystem32DRIVERSavgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:WindowsSystem32DRIVERSavgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) S3 MEMSWEEP2; C:windowssystem3219C8.tmp [6144 2010-05-26] (Sophos Plc) U5 AppMgmt; C:Windowssystem32svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 catchme; ??C:ComboFixcatchme.sys [x] U5 GEARAspiWDM; C:WindowsSystem32DriversGEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-14 16:55 - 2013-11-14 17:00 - 00000000 ____D C:UsershungkeongDesktopHiJack 2013-11-13 23:05 - 2013-10-12 02:45 - 00051712 _____ (Microsoft Corporation) C:windowssystem32ie4uinit.exe 2013-11-13 23:05 - 2013-10-12 02:43 - 00526336 _____ (Microsoft Corporation) C:windowssystem32ieui.dll 2013-11-13 23:05 - 2013-10-12 02:43 - 00136704 _____ (Microsoft Corporation) C:windowssystem32iesysprep.dll 2013-11-13 23:05 - 2013-10-12 02:43 - 00067072 _____ (Microsoft Corporation) C:windowssystem32iesetup.dll 2013-11-13 23:05 - 2013-10-12 02:43 - 00039936 _____ (Microsoft Corporation) C:windowssystem32iernonce.dll 2013-11-13 23:05 - 2013-10-12 01:02 - 02049024 _____ (Microsoft Corporation) C:windowsSysWOW64iertutil.dll 2013-11-13 23:05 - 2013-10-12 01:02 - 00391168 _____ (Microsoft Corporation) C:windowsSysWOW64ieui.dll 2013-11-13 23:05 - 2013-10-12 01:02 - 00109056 _____ (Microsoft Corporation) C:windowsSysWOW64iesysprep.dll 2013-11-13 23:05 - 2013-10-12 01:02 - 00061440 _____ (Microsoft Corporation) C:windowsSysWOW64iesetup.dll 2013-11-13 23:05 - 2013-10-12 01:02 - 00033280 _____ (Microsoft Corporation) C:windowsSysWOW64iernonce.dll 2013-11-13 23:05 - 2013-10-12 00:35 - 02706432 _____ (Microsoft Corporation) C:windowssystem32mshtml.tlb 2013-11-13 23:05 - 2013-10-12 00:08 - 02706432 _____ (Microsoft Corporation) C:windowsSysWOW64mshtml.tlb 2013-11-13 23:05 - 2013-10-11 23:44 - 00089600 _____ (Microsoft Corporation) C:windowssystem32RegisterIEPKEYs.exe 2013-11-13 23:05 - 2013-10-11 23:15 - 00071680 _____ (Microsoft Corporation) C:windowsSysWOW64RegisterIEPKEYs.exe 2013-11-13 23:04 - 2013-10-12 02:45 - 02241536 _____ (Microsoft Corporation) C:windowssystem32wininet.dll 2013-11-13 23:04 - 2013-10-12 02:45 - 01364992 _____ (Microsoft Corporation) C:windowssystem32urlmon.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 19269632 _____ (Microsoft Corporation) C:windowssystem32mshtml.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 15404544 _____ (Microsoft Corporation) C:windowssystem32ieframe.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 03959808 _____ (Microsoft Corporation) C:windowssystem32jscript9.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 02648576 _____ (Microsoft Corporation) C:windowssystem32iertutil.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 00855552 _____ (Microsoft Corporation) C:windowssystem32jscript.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 00603136 _____ (Microsoft Corporation) C:windowssystem32msfeeds.dll 2013-11-13 23:04 - 2013-10-12 02:43 - 00053248 _____ (Microsoft Corporation) C:windowssystem32jsproxy.dll 2013-11-13 23:04 - 2013-10-12 01:03 - 01767936 _____ (Microsoft Corporation) C:windowsSysWOW64wininet.dll 2013-11-13 23:04 - 2013-10-12 01:03 - 01138176 _____ (Microsoft Corporation) C:windowsSysWOW64urlmon.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 14355968 _____ (Microsoft Corporation) C:windowsSysWOW64mshtml.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 13761024 _____ (Microsoft Corporation) C:windowsSysWOW64ieframe.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 02877952 _____ (Microsoft Corporation) C:windowsSysWOW64jscript9.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 00690688 _____ (Microsoft Corporation) C:windowsSysWOW64jscript.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 00493056 _____ (Microsoft Corporation) C:windowsSysWOW64msfeeds.dll 2013-11-13 23:04 - 2013-10-12 01:02 - 00039424 _____ (Microsoft Corporation) C:windowsSysWOW64jsproxy.dll 2013-11-13 21:22 - 2013-11-13 21:22 - 02347384 _____ (ESET) C:UsershungkeongDownloadsesetsmartinstaller_enu.exe 2013-11-13 17:00 - 2013-11-13 17:00 - 00000017 _____ C:UsershungkeongAppDataLocalresmon.resmoncfg 2013-11-13 17:00 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:windowssystem32crypt32.dll 2013-11-13 17:00 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:windowsSysWOW64crypt32.dll 2013-11-13 17:00 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:windowssystem32SmartcardCredentialProvider.dll 2013-11-13 17:00 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:windowssystem32credui.dll 2013-11-13 17:00 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:windowssystem32authui.dll 2013-11-13 17:00 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:windowsSysWOW64SmartcardCredentialProvider.dll 2013-11-13 17:00 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:windowsSysWOW64authui.dll 2013-11-13 17:00 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:windowsSysWOW64credui.dll 2013-11-13 17:00 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:windowssystem32Driversafd.sys 2013-11-13 16:59 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:windowssystem32nshwfp.dll 2013-11-13 16:59 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:windowssystem32IKEEXT.DLL 2013-11-13 16:59 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:windowssystem32FWPUCLNT.DLL 2013-11-13 16:59 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:windowsSysWOW64nshwfp.dll 2013-11-13 16:59 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:windowsSysWOW64FWPUCLNT.DLL 2013-11-13 16:59 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:windowssystem32gdi32.dll 2013-11-13 16:59 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:windowsSysWOW64gdi32.dll 2013-11-13 16:59 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:windowssystem32Driversksecpkg.sys 2013-11-13 16:59 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:windowssystem32Driversksecdd.sys 2013-11-13 16:59 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:windowssystem32sspicli.dll 2013-11-13 16:59 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:windowssystem32sspisrv.dll 2013-11-13 16:59 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:windowssystem32secur32.dll 2013-11-13 16:59 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:windowssystem32schannel.dll 2013-11-13 16:59 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:windowssystem32lsasrv.dll 2013-11-13 16:59 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:windowssystem32ncrypt.dll 2013-11-13 16:59 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:windowsSysWOW64sspicli.dll 2013-11-13 16:59 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:windowsSysWOW64schannel.dll 2013-11-13 16:59 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:windowsSysWOW64secur32.dll 2013-11-13 16:59 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:windowsSysWOW64ncrypt.dll 2013-11-13 16:59 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:windowssystem32lsass.exe 2013-11-13 16:59 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:windowssystem32Driverscng.sys 2013-11-13 16:54 - 2013-11-13 16:54 - 00000000 ____D C:Program Files (x86)ESET 2013-11-12 20:21 - 2013-11-12 20:21 - 00000000 ____D C:UsershungkeongAppDataRoamingOracle 2013-11-12 20:18 - 2013-11-12 20:17 - 00264616 _____ (Oracle Corporation) C:windowsSysWOW64javaws.exe 2013-11-12 20:18 - 2013-11-12 20:17 - 00175016 _____ (Oracle Corporation) C:windowsSysWOW64javaw.exe 2013-11-12 20:18 - 2013-11-12 20:17 - 00174504 _____ (Oracle Corporation) C:windowsSysWOW64java.exe 2013-11-12 20:18 - 2013-11-12 20:17 - 00096168 _____ (Oracle Corporation) C:windowsSysWOW64WindowsAccessBridge-32.dll 2013-11-12 20:13 - 2013-11-12 20:13 - 00915368 _____ (Oracle Corporation) C:UsershungkeongDownloadschromeinstall-7u45.exe 2013-11-12 19:34 - 2013-11-12 19:34 - 00026498 _____ C:ComboFix.txt 2013-11-12 19:02 - 2011-06-26 00:45 - 00256000 _____ C:windowsPEV.exe 2013-11-12 19:02 - 2010-11-07 11:20 - 00208896 _____ C:windowsMBR.exe 2013-11-12 19:02 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:windowsNIRCMD.exe 2013-11-12 19:02 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:windowsSWREG.exe 2013-11-12 19:02 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:windowsSWSC.exe 2013-11-12 19:02 - 2000-08-30 18:00 - 00098816 _____ C:windowssed.exe 2013-11-12 19:02 - 2000-08-30 18:00 - 00080412 _____ C:windowsgrep.exe 2013-11-12 19:02 - 2000-08-30 18:00 - 00068096 _____ C:windowszip.exe 2013-11-12 19:01 - 2013-11-12 19:34 - 00000000 ____D C:Qoobox 2013-11-12 19:00 - 2013-11-12 19:28 - 00000000 ____D C:windowserdnt 2013-11-12 18:56 - 2013-11-12 20:20 - 00000000 ____D C:ProgramDataOracle 2013-11-12 18:56 - 2013-11-12 18:55 - 00312744 _____ (Oracle Corporation) C:windowssystem32javaws.exe 2013-11-12 18:56 - 2013-11-12 18:55 - 00189352 _____ (Oracle Corporation) C:windowssystem32javaw.exe 2013-11-12 18:56 - 2013-11-12 18:55 - 00189352 _____ (Oracle Corporation) C:windowssystem32java.exe 2013-11-12 18:56 - 2013-11-12 18:55 - 00108968 _____ (Oracle Corporation) C:windowssystem32WindowsAccessBridge-64.dll 2013-11-12 18:55 - 2013-11-12 18:55 - 00000000 ____D C:Program FilesJava 2013-11-12 18:16 - 2013-11-12 18:16 - 00025357 _____ C:JavaRa.log 2013-11-11 19:25 - 2013-11-11 19:25 - 00000000 ____D C:FRST 2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:windowsERUNT 2013-11-11 18:44 - 2013-11-11 18:46 - 00000000 ____D C:AdwCleaner 2013-11-11 18:40 - 2013-11-11 18:40 - 00001184 _____ C:UsershungkeongDesktopPCCleanup - Shortcut.lnk 2013-11-09 17:25 - 2013-11-09 17:25 - 00000000 ____D C:UsershungkeongAppDataRoamingAVG2014 2013-11-09 17:23 - 2013-11-09 17:23 - 00000000 ____D C:UsershungkeongAppDataRoamingTuneUp Software 2013-11-09 17:20 - 2013-11-09 17:24 - 00000000 ____D C:ProgramDataAVG2014 2013-11-09 17:20 - 2013-11-09 17:20 - 00000000 ____D C:$AVG 2013-11-09 17:19 - 2013-11-09 17:19 - 00000000 ____D C:Program Files (x86)AVG 2013-11-08 22:19 - 2013-11-08 22:44 - 00000000 ____D C:ProgramDataMalwarebytes' Anti-Malware (portable) 2013-11-08 22:18 - 2013-11-08 22:18 - 00091352 _____ (Malwarebytes Corporation) C:windowssystem32Driversmbamchameleon.sys 2013-11-08 21:27 - 2010-05-26 10:39 - 00006144 ____N (Sophos Plc) C:windowssystem3219C8.tmp 2013-11-08 21:23 - 2010-05-26 10:39 - 00006144 ____N (Sophos Plc) C:windowssystem32385E.tmp 2013-11-07 02:52 - 2013-11-14 17:03 - 00000728 _____ C:windowssetupact.log 2013-11-07 02:52 - 2013-11-07 02:52 - 00000000 _____ C:windowssetuperr.log 2013-11-07 02:51 - 2013-11-14 16:47 - 00004308 _____ C:windowsPFRO.log 2013-11-07 02:36 - 2013-11-12 20:39 - 00000000 ____D C:ProgramDataIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00001275 _____ C:UsershungkeongAppDataRoamingMicrosoftWindowsStart MenuUninstall Programs.lnk 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:UsershungkeongAppDataRoamingIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramData{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:Program Files (x86)IObit 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:UsershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:ProgramDataSUPERAntiSpyware.com 2013-11-07 02:30 - 2013-11-07 02:31 - 00216352 _____ C:UsershungkeongDocumentscc_20131107_BackUp.reg 2013-11-07 01:14 - 2013-11-14 18:46 - 00000000 ____D C:ProgramDataMFAData 2013-11-07 01:14 - 2013-11-09 17:27 - 00000000 ____D C:UsershungkeongAppDataLocalAvg2014 2013-11-07 01:14 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalMFAData 2013-11-07 00:56 - 2013-11-13 22:54 - 00000000 ____D C:Program Files (x86)PCCleanup 2013-11-05 01:12 - 2013-11-05 01:44 - 00000000 ____D C:windowssystem32MpEngineStore 2013-11-05 00:53 - 2013-11-13 23:02 - 00000000 ____D C:windowssystem32MRT 2013-11-05 00:51 - 2013-11-13 22:56 - 82896128 _____ (Microsoft Corporation) C:windowssystem32MRT.exe 2013-11-04 23:48 - 2013-11-04 23:48 - 00003230 _____ C:windowsSystem32TasksRealUpgradeLogonTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-11-04 23:47 - 2013-11-04 23:47 - 00003356 _____ C:windowsSystem32TasksRealUpgradeScheduledTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-10-26 00:30 - 2013-10-26 00:58 - 725141504 _____ C:UsershungkeongSquirting Orgasms (How To) - Step By Step Detailed Technique.avi 2013-10-26 00:21 - 2013-10-26 00:32 - 73143702 _____ C:UsershungkeongHow Make Squirting Orgasms By Woman - Training Vid.avi 2013-10-26 00:18 - 2013-11-08 20:46 - 00000000 ____D C:Program Files (x86)PSupport 2013-10-26 00:18 - 2013-10-26 00:24 - 00000000 ____D C:UsershungkeongShesGonnaSquirt - Gaia - Squirting Like a Showerhead mp4s 2013-10-26 00:18 - 2013-10-26 00:18 - 00003992 _____ C:UsershungkeongDesktop{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} 2013-10-26 00:15 - 2013-10-28 23:21 - 00000000 ____D C:Program Files (x86)Kozaka 2013-10-26 00:15 - 2013-10-26 00:18 - 00000000 ____D C:UsershungkeongAppDataRoamingExpressFiles 2013-10-26 00:15 - 2013-10-26 00:15 - 00003098 _____ C:windowsSystem32TasksExpress FilesUpdate 2013-10-26 00:15 - 2013-10-26 00:15 - 00001964 _____ C:UsersPublicDesktopExpress Files.lnk 2013-10-26 00:15 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)ExpressFiles ==================== One Month Modified Files and Folders ======= 2013-11-14 20:39 - 2012-07-24 21:31 - 00000830 _____ C:windowsTasksAdobe Flash Player Updater.job 2013-11-14 20:12 - 2011-05-16 09:16 - 00000912 _____ C:windowsTasksGoogleUpdateTaskMachineUA.job 2013-11-14 18:46 - 2013-11-07 01:14 - 00000000 ____D C:ProgramDataMFAData 2013-11-14 17:18 - 2013-02-20 02:44 - 00000000 ____D C:FavoriteVideo 2013-11-14 17:10 - 2011-05-16 08:24 - 01232088 _____ C:windowsWindowsUpdate.log 2013-11-14 17:10 - 2009-07-13 22:45 - 00024608 ____H C:windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-14 17:10 - 2009-07-13 22:45 - 00024608 ____H C:windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-14 17:04 - 2011-05-16 09:16 - 00000908 _____ C:windowsTasksGoogleUpdateTaskMachineCore.job 2013-11-14 17:03 - 2013-11-07 02:52 - 00000728 _____ C:windowssetupact.log 2013-11-14 17:03 - 2009-07-13 23:08 - 00000006 ____H C:windowsTasksSA.DAT 2013-11-14 17:00 - 2013-11-14 16:55 - 00000000 ____D C:UsershungkeongDesktopHiJack 2013-11-14 16:52 - 2011-03-29 21:11 - 00000000 ____D C:windowsPanther 2013-11-14 16:47 - 2013-11-07 02:51 - 00004308 _____ C:windowsPFRO.log 2013-11-13 23:02 - 2013-11-05 00:53 - 00000000 ____D C:windowssystem32MRT 2013-11-13 22:56 - 2013-11-05 00:51 - 82896128 _____ (Microsoft Corporation) C:windowssystem32MRT.exe 2013-11-13 22:54 - 2013-11-07 00:56 - 00000000 ____D C:Program Files (x86)PCCleanup 2013-11-13 22:51 - 2009-07-13 23:13 - 00726444 _____ C:windowssystem32PerfStringBackup.INI 2013-11-13 21:22 - 2013-11-13 21:22 - 02347384 _____ (ESET) C:UsershungkeongDownloadsesetsmartinstaller_enu.exe 2013-11-13 17:00 - 2013-11-13 17:00 - 00000017 _____ C:UsershungkeongAppDataLocalresmon.resmoncfg 2013-11-13 16:54 - 2013-11-13 16:54 - 00000000 ____D C:Program Files (x86)ESET 2013-11-12 20:39 - 2013-11-07 02:36 - 00000000 ____D C:ProgramDataIObit 2013-11-12 20:21 - 2013-11-12 20:21 - 00000000 ____D C:UsershungkeongAppDataRoamingOracle 2013-11-12 20:20 - 2013-11-12 18:56 - 00000000 ____D C:ProgramDataOracle 2013-11-12 20:17 - 2013-11-12 20:18 - 00264616 _____ (Oracle Corporation) C:windowsSysWOW64javaws.exe 2013-11-12 20:17 - 2013-11-12 20:18 - 00175016 _____ (Oracle Corporation) C:windowsSysWOW64javaw.exe 2013-11-12 20:17 - 2013-11-12 20:18 - 00174504 _____ (Oracle Corporation) C:windowsSysWOW64java.exe 2013-11-12 20:17 - 2013-11-12 20:18 - 00096168 _____ (Oracle Corporation) C:windowsSysWOW64WindowsAccessBridge-32.dll 2013-11-12 20:17 - 2011-03-29 20:48 - 00000000 ____D C:Program Files (x86)Java 2013-11-12 20:13 - 2013-11-12 20:13 - 00915368 _____ (Oracle Corporation) C:UsershungkeongDownloadschromeinstall-7u45.exe 2013-11-12 19:34 - 2013-11-12 19:34 - 00026498 _____ C:ComboFix.txt 2013-11-12 19:34 - 2013-11-12 19:01 - 00000000 ____D C:Qoobox 2013-11-12 19:34 - 2009-07-13 21:20 - 00000000 __RHD C:UsersDefault 2013-11-12 19:28 - 2013-11-12 19:00 - 00000000 ____D C:windowserdnt 2013-11-12 19:26 - 2009-07-13 20:34 - 00000215 _____ C:windowssystem.ini 2013-11-12 18:55 - 2013-11-12 18:56 - 00312744 _____ (Oracle Corporation) C:windowssystem32javaws.exe 2013-11-12 18:55 - 2013-11-12 18:56 - 00189352 _____ (Oracle Corporation) C:windowssystem32javaw.exe 2013-11-12 18:55 - 2013-11-12 18:56 - 00189352 _____ (Oracle Corporation) C:windowssystem32java.exe 2013-11-12 18:55 - 2013-11-12 18:56 - 00108968 _____ (Oracle Corporation) C:windowssystem32WindowsAccessBridge-64.dll 2013-11-12 18:55 - 2013-11-12 18:55 - 00000000 ____D C:Program FilesJava 2013-11-12 18:25 - 2011-11-29 22:17 - 00000000 ____D C:UsershungkeongAppDataLocalCrashDumps 2013-11-12 18:16 - 2013-11-12 18:16 - 00025357 _____ C:JavaRa.log 2013-11-11 19:25 - 2013-11-11 19:25 - 00000000 ____D C:FRST 2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:windowsERUNT 2013-11-11 18:46 - 2013-11-11 18:44 - 00000000 ____D C:AdwCleaner 2013-11-11 18:40 - 2013-11-11 18:40 - 00001184 _____ C:UsershungkeongDesktopPCCleanup - Shortcut.lnk 2013-11-09 19:09 - 2011-08-07 23:56 - 00000000 ____D C:UsershungkeongAppDataLocalVirtualStore 2013-11-09 17:27 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalAvg2014 2013-11-09 17:25 - 2013-11-09 17:25 - 00000000 ____D C:UsershungkeongAppDataRoamingAVG2014 2013-11-09 17:24 - 2013-11-09 17:20 - 00000000 ____D C:ProgramDataAVG2014 2013-11-09 17:23 - 2013-11-09 17:23 - 00000000 ____D C:UsershungkeongAppDataRoamingTuneUp Software 2013-11-09 17:20 - 2013-11-09 17:20 - 00000000 ____D C:$AVG 2013-11-09 17:19 - 2013-11-09 17:19 - 00000000 ____D C:Program Files (x86)AVG 2013-11-08 22:44 - 2013-11-08 22:19 - 00000000 ____D C:ProgramDataMalwarebytes' Anti-Malware (portable) 2013-11-08 22:18 - 2013-11-08 22:18 - 00091352 _____ (Malwarebytes Corporation) C:windowssystem32Driversmbamchameleon.sys 2013-11-08 20:46 - 2013-10-26 00:18 - 00000000 ____D C:Program Files (x86)PSupport 2013-11-07 02:52 - 2013-11-07 02:52 - 00000000 _____ C:windowssetuperr.log 2013-11-07 02:36 - 2013-11-07 02:36 - 00001275 _____ C:UsershungkeongAppDataRoamingMicrosoftWindowsStart MenuUninstall Programs.lnk 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:UsershungkeongAppDataRoamingIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramData{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:Program Files (x86)IObit 2013-11-07 02:36 - 2011-10-12 22:34 - 00000000 ____D C:UsershungkeongAppDataRoamingApple Computer 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:UsershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:ProgramDataSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:30 - 00216352 _____ C:UsershungkeongDocumentscc_20131107_BackUp.reg 2013-11-07 01:58 - 2013-05-06 20:35 - 00000000 ____D C:UsershungkeongAppDataRoaminguTorrent 2013-11-07 01:58 - 2011-08-18 00:12 - 00000000 ____D C:UsershungkeongTracing 2013-11-07 01:58 - 2011-08-10 23:42 - 00000000 ____D C:UsershungkeongAppDataRoamingSkype 2013-11-07 01:14 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalMFAData 2013-11-06 22:39 - 2011-08-08 00:00 - 00000000 ____D C:UsershungkeongAppDataRoamingToshiba 2013-11-05 01:44 - 2013-11-05 01:12 - 00000000 ____D C:windowssystem32MpEngineStore 2013-11-04 23:48 - 2013-11-04 23:48 - 00003230 _____ C:windowsSystem32TasksRealUpgradeLogonTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-11-04 23:47 - 2013-11-04 23:47 - 00003356 _____ C:windowsSystem32TasksRealUpgradeScheduledTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-10-28 23:21 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)Kozaka 2013-10-26 00:58 - 2013-10-26 00:30 - 725141504 _____ C:UsershungkeongSquirting Orgasms (How To) - Step By Step Detailed Technique.avi 2013-10-26 00:32 - 2013-10-26 00:21 - 73143702 _____ C:UsershungkeongHow Make Squirting Orgasms By Woman - Training Vid.avi 2013-10-26 00:30 - 2011-08-07 23:53 - 00000000 ____D C:Usershungkeong 2013-10-26 00:24 - 2013-10-26 00:18 - 00000000 ____D C:UsershungkeongShesGonnaSquirt - Gaia - Squirting Like a Showerhead mp4s 2013-10-26 00:18 - 2013-10-26 00:18 - 00003992 _____ C:UsershungkeongDesktop{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} 2013-10-26 00:18 - 2013-10-26 00:15 - 00000000 ____D C:UsershungkeongAppDataRoamingExpressFiles 2013-10-26 00:15 - 2013-10-26 00:15 - 00003098 _____ C:windowsSystem32TasksExpress FilesUpdate 2013-10-26 00:15 - 2013-10-26 00:15 - 00001964 _____ C:UsersPublicDesktopExpress Files.lnk 2013-10-26 00:15 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)ExpressFiles 2013-10-18 20:54 - 2011-08-10 23:42 - 00000000 ____D C:ProgramDataSkype 2013-10-18 20:53 - 2011-08-10 23:42 - 00000000 ___RD C:Program Files (x86)Skype 2013-10-17 22:33 - 2011-09-05 22:41 - 00000000 ____D C:UsershungkeongIncomplete 2013-10-16 21:07 - 2011-05-16 09:16 - 00003908 _____ C:windowsSystem32TasksGoogleUpdateTaskMachineUA 2013-10-16 21:07 - 2011-05-16 09:16 - 00003656 _____ C:windowsSystem32TasksGoogleUpdateTaskMachineCore Some content of TEMP: ==================== C:UsershungkeongAppDataLocalTemp{57AA69C7-68B5-4458-9E04-9048913FBA93}-31.0.1650.48_30.0.1599.101_chrome_updater.exe ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legit C:WindowsSystem32wininit.exe => MD5 is legit C:WindowsSysWOW64wininit.exe => MD5 is legit C:Windowsexplorer.exe => MD5 is legit C:WindowsSysWOW64explorer.exe => MD5 is legit C:WindowsSystem32svchost.exe => MD5 is legit C:WindowsSysWOW64svchost.exe => MD5 is legit C:WindowsSystem32services.exe => MD5 is legit C:WindowsSystem32User32.dll => MD5 is legit C:WindowsSysWOW64User32.dll => MD5 is legit C:WindowsSystem32userinit.exe => MD5 is legit C:WindowsSysWOW64userinit.exe => MD5 is legit C:WindowsSystem32Driversvolsnap.sys => MD5 is legit LastRegBack: 2013-11-10 00:51 ==================== End Of Log ============================ QuickScan 32-bit v0.9.9.118 --------------------------- Scan date: Thu Nov 14 21:02:43 2013 Machine ID: 4EB5EF08 No infection found. ------------------- Processes --------- Advanced SystemCare 924 C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe AVG Internet Security 4268 C:Program Files (x86)AVGAVG2014avgcfgex.exe AVG Internet Security 1360 C:Program Files (x86)AVGAVG2014avgidsagent.exe AVG Internet Security 3848 C:Program Files (x86)AVGAVG2014avgui.exe AVG Internet Security 1712 C:Program Files (x86)AVGAVG2014avgwdsvc.exe MobileDeviceService 1652 C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe PPTV网络电视 4820 C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe Symantec Security Technologies 1868 C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe Symantec Security Technologies 3024 C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe Windows® Internet Explorer 4308 C:Program Files (x86)Internet Exploreriexplore.exe (verified) Microsoft® Windows® Operating System 2304 C:WindowsSysWOW64svchost.exe Network activity ---------------- Process iexplore.exe (4308) connected on port 80 (HTTP) --> 131.253.13.140 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.67.218.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.67.234.73 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 65.55.5.231 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.204.170.156 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 131.253.40.50 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.2.17.25 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 70.37.130.35 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.62.97.50 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 74.125.225.27 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 173.194.46.92 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 65.55.5.231 Process iexplore.exe (4308) connected on port 443 (HTTP over SSL) --> 131.253.40.12 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 216.38.172.159 Process iexplore.exe (4308) connected on port 443 (HTTP over SSL) --> 31.13.70.81 Process iexplore.exe (4308) connected on port 443 (HTTP over SSL) --> 93.184.216.139 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 23.67.225.224 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 31.13.70.81 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 173.194.46.34 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 74.125.225.90 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 74.125.225.154 Process iexplore.exe (4308) connected on port 80 (HTTP) --> 173.194.46.80 Process PPAP.exe (4820) listens on ports: 843, 16000, 49289 Autoruns and critical files --------------------------- Toshiba Volume Regulator C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe Adobe® Flash® Player Update Service C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe AVG Internet Security C:Program Files (x86)AVGAVG2014avgui.exe Catalyst® Control Center C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe ELAN Smart-Pad C:Program FilesElantechETDCtrl.exe Message Center C:Program FilesToshibaBulletinBoardTosNcCore.exe Microsoft® Windows® Operating System c:windowssystem32userinit.exe SmartAudio Control Panel application C:Program FilesCONEXANTSAIISAIICpl.exe SmartFaceVWatcher C:Program FilesToshibaSmartFaceVSmartFaceVWatcher.exe Toshiba App Place C:Program Files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe TOSHIBA Flash Cards C:Program FilesTOSHIBAFlashCardsTCrdMain.exe TOSHIBA HDD SSD Alert C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe Toshiba Online Backup C:Program Files (x86)ToshibaToshiba Online BackupActivationTOBuActivation.exe TOSHIBA Power Saver C:Program FilesTOSHIBAPower SaverTPwrMain.EXE TOSHIBA ReelTime C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe TOSHIBA Service Station C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe TOSHIBA Zooming Utility C:Program FilesToshibaSmoothViewSmoothView.exe (verified) Google Update C:Program Files (x86)GoogleUpdateGoogleUpdate.exe Browser plugins --------------- AcroIEHelperShim Library c:program files (x86)common filesadobeacrobatactivexacroiehelpershim.dll Advanced SystemCare 6 C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd1.0.0_1PluginASCPlugin_Protect.dll Bitdefender QuickScan C:WindowsDownloaded Program Filesqsax.dll Bonjour C:Program Files (x86)BonjourmdnsNSP.dll Bonjour C:Program FilesBonjourmdnsNSP.dll Google Toolbar for Internet Explorer c:program files (x86)googlegoogle toolbargoogletoolbar_32.dll Google Update C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll Java Deployment Toolkit 7.0.450.18 C:Program Files (x86)Javajre7bindtpluginnpDeployJava1.dll Java Platform SE 7 U45 C:Program Files (x86)Javajre7binjp2ssv.dll Java Platform SE 7 U45 C:Program Files (x86)Javajre7binplugin2npjp2.dll Java Platform SE 7 U45 C:Program Files (x86)Javajre7binssv.dll mhLbl Module C:windowsDownloaded Program FilesmhLbl.dll Microsoft® CoReXT c:program files (x86)common filesmicrosoft sharedwindows livewindowslivelogin.dll Microsoft® CoReXT C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL Microsoft® CoReXT C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL Microsoft® Windows® Operating System C:windowssystem32mswsock.dll Microsoft® Windows® Operating System C:windowsSystem32nlaapi.dll npitunes.dll C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll NPSWF32_11_9_900_117.dll C:windowsSysWOW64MacromedFlashNPSWF32_11_9_900_117.dll PC Pitstop C:windowsDownloaded Program FilesPCPitstop.dll PC Pitstop C:windowsDownloaded Program FilesPCPitstop3D.dll Photo Gallery C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll PPLive PPTV Plugin C:Program Files (x86)Internet ExplorerPPLiteplugin1.0.1.3460npplugin2.dll PPTV网络电视 C:Program Files (x86)PPLivePPTVPPLive.exe RealJukebox NS Plugin c:program files (x86)realrealplayerNetscape6nprjplug.dll RealNetworks Chrome Background Exte C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll RealPlayer Download and Record Plugin c:programdatarealrealplayerbrowserrecordpluginierpbrowserrecordplugin.dll RealPlayer Download Plugin c:program files (x86)realrealplayerNetscape6nprpplugin.dll RealPlayer G2 LiveConnect-Enabled P c:program files (x86)realrealplayerNetscape6nppl3260.dll RealPlayer HTML5VideoShim Plug-In ( C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll Silverlight Plug-In c:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrl.dll Skype Toolbars c:program files (x86)skypetoolbarsinternet explorerskypeieplugin.dll Skype Toolbars C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0npSkypeChromePlugin.dll Tencent SSO Platform C:Program Files (x86)Common FilesTencentTXSSO1.2.1.87BinnpSSOAxCtrlForPTLogin.dll Windows® Internet Explorer C:WindowsSysWOW64ieframe.dll (verified) Microsoft® Windows® Operating System C:windowssystem32napinsp.dll (verified) Microsoft® Windows® Operating System C:windowssystem32pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:windowsSystem32winrnr.dll Scan ---- MD5: 7439665c5cb70b452568bf68e059475a
  4. AVg full scan found 4 threats,3 corrupt executable's and 1 trojan horse crypt2.btvr virus. I had scanned the computer with avg shortly after getting it and it found nothing.I guess we did something for avg to uncover those threats.I can't figure out how to get a log from avg to post. What else can I do to ensure this pc is fully clean.
  5. I did as instructed on highjackthis,everything seemed to work just fine.However I still cant get eset online scanner to work, I'm getting unexpected error 2002 when downloading virus signature database.I have avg disable and have restarted the pc.
  6. You need to make your own thread so you can have a dedicated hjt expert help you.
  7. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 4:46:10 PM, on 11/13/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe C:Program Files (x86)AVGAVG2014avgui.exe C:Program Files (x86)Common FilesJavaJava Updatejusched.exe C:Program Files (x86)PCCleanupHijackThis.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:PROGRA~2IObitADVANC~1BROWER~1ASCPLU~1.DLL O2 - BHO: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll O4 - HKLM..Run: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun O4 - HKLM..Run: [ToshibaServiceStation] "C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe" /hide:60 O4 - HKLM..Run: [NortonOnlineBackupReminder] "C:Program Files (x86)ToshibaToshiba Online BackupActivationTOBuActivation.exe" UNATTENDED O4 - HKLM..Run: [ToshibaAppPlace] "C:Program Files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe" O4 - HKLM..Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" O4 - HKLM..Run: [AVG_UI] "C:Program Files (x86)AVGAVG2014avgui.exe" /TRAYONLY O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" O4 - HKCU..Run: [PPAP] "C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe" -background O4 - HKCU..Run: [swg] "C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:Program Files (x86)PPLivePPTVPPLive.exe O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:Program Files (x86)PPLivePPTVPPLive.exe O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:windowsSystem32alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:windowssystem32atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2014avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:Program Files (x86)AVGAVG2014avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:windowsSystem32lsass.exe (file missing) O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:windowssystem32fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:Program Files (x86)WildTangent GamesAppGamesAppService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:windowssystem32lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:windowsSystem32msdtc.exe (file missing) O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:windowssystem32lsass.exe (file missing) O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:windowssystem32lsass.exe (file missing) O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:windowssystem32locator.exe (file missing) O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:windowssystem32lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program Files (x86)SkypeUpdaterUpdater.exe O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:windowsSystem32snmptrap.exe (file missing) O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:windowsSystem32spoolsv.exe (file missing) O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:windowssystem32sppsvc.exe (file missing) O23 - Service: TMachInfo - TOSHIBA Corporation - C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:windowssystem32TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBAPower SaverTosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:windowssystem32UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:windowssystem32lsass.exe (file missing) O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:windowsSystem32vds.exe (file missing) O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:windowssystem32vssvc.exe (file missing) O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:windowssystem32WatWatAdminSvc.exe (file missing) O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:windowssystem32wbengine.exe (file missing) O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:windowssystem32wbemWmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing) -- End of file - 9861 bytes I can't get eset online scanner to download the definitions database,Im not sure why but it gets stuck at %52.I have restarted several times and tried a few different browsers. The laptop is running better than it did before we started so we made progress,thank you.Still just seems sluggish though. Like I will open a browser or go to my computer and takes roughly 20 seconds or so and all the icons on desktop will go away then come back,that just seems weird. *EDIT*I totally skipped the ATFcleaner,will do that now,some how I missed that step.OoOps
  8. Well the 20 dllhost process's in task manager are gone now,so that's great news. The laptop still feels sluggish to me though,like I click to open chrome and it takes about 20 seconds to open. Im not sure what else we could clean up on this laptop so maybe its just old hardware.
  9. ComboFix 13-11-12.01 - hungkeong 2/2013 Tue 19:07:57.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.1639.379 [GMT -6:00] Ö´ÐÐλÖÃ: c:usershungkeongDesktopComboFix.exe AV: AVG AntiVirus Free Edition 2014 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2014 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( ±»É¾³ýµÄµµ°¸ ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:usershungkeongAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_cdlfekohkhfdbpmokgdkhemgjkdclabo_0.localstorage . . ((((((((((((((((((((((((( 2013-10-13 ÖÁ 2013-11-13 µÄеĵµ°¸ ))))))))))))))))))))))))))))))) . . 2013-11-13 01:26 . 2013-11-13 01:26 -------- d-----w- c:usersDefaultAppDataLocaltemp 2013-11-13 00:56 . 2013-11-13 00:56 -------- d-----w- c:programdataOracle 2013-11-13 00:56 . 2013-11-13 00:55 312744 ----a-w- c:windowssystem32javaws.exe 2013-11-13 00:56 . 2013-11-13 00:55 108968 ----a-w- c:windowssystem32WindowsAccessBridge-64.dll 2013-11-13 00:56 . 2013-11-13 00:55 189352 ----a-w- c:windowssystem32javaw.exe 2013-11-13 00:56 . 2013-11-13 00:55 189352 ----a-w- c:windowssystem32java.exe 2013-11-13 00:55 . 2013-11-13 00:55 -------- d-----w- c:program filesJava 2013-11-12 01:25 . 2013-11-12 01:25 -------- d-----w- C:FRST 2013-11-12 00:52 . 2013-11-12 00:52 -------- d-----w- c:windowsERUNT 2013-11-12 00:44 . 2013-11-12 00:46 -------- d-----w- C:AdwCleaner 2013-11-09 23:25 . 2013-11-09 23:25 -------- d-----w- c:usershungkeongAppDataRoamingAVG2014 2013-11-09 23:23 . 2013-11-09 23:23 -------- d-----w- c:usershungkeongAppDataRoamingTuneUp Software 2013-11-09 23:20 . 2013-11-09 23:20 -------- d-----w- C:$AVG 2013-11-09 23:20 . 2013-11-09 23:24 -------- d-----w- c:programdataAVG2014 2013-11-09 23:19 . 2013-11-09 23:19 -------- d-----w- c:program files (x86)AVG 2013-11-09 04:19 . 2013-11-09 04:44 -------- d-----w- c:programdataMalwarebytes' Anti-Malware (portable) 2013-11-09 04:18 . 2013-11-09 04:18 91352 ----a-w- c:windowssystem32driversmbamchameleon.sys 2013-11-09 03:27 . 2010-05-26 16:39 6144 ------w- c:windowssystem3219C8.tmp 2013-11-09 03:23 . 2010-05-26 16:39 6144 ------w- c:windowssystem32385E.tmp 2013-11-07 08:36 . 2013-11-07 08:36 -------- d-----w- c:programdata{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 08:36 . 2013-11-07 08:36 -------- d-----w- c:programdataIObit 2013-11-07 08:36 . 2013-11-07 08:36 -------- d-----w- c:usershungkeongAppDataRoamingIObit 2013-11-07 08:36 . 2013-11-07 08:36 -------- d-----w- c:program files (x86)IObit 2013-11-07 08:31 . 2013-11-07 08:31 -------- d-----w- c:usershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 08:31 . 2013-11-07 08:31 -------- d-----w- c:programdataSUPERAntiSpyware.com 2013-11-07 07:40 . 2013-10-14 07:12 10280728 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{AEBA6D42-91C5-4B4A-BEF9-BD1FD59A67F4}mpengine.dll 2013-11-07 07:14 . 2013-11-13 00:45 -------- d-----w- c:programdataMFAData 2013-11-07 07:14 . 2013-11-09 23:27 -------- d-----w- c:usershungkeongAppDataLocalAvg2014 2013-11-07 07:14 . 2013-11-07 07:14 -------- d--h--w- c:programdataCommon Files 2013-11-07 07:14 . 2013-11-07 07:14 -------- d-----w- c:usershungkeongAppDataLocalMFAData 2013-11-07 06:56 . 2013-11-13 00:13 -------- d-----w- c:program files (x86)PCCleanup 2013-11-05 07:12 . 2013-11-05 07:44 -------- d-----w- c:windowssystem32MpEngineStore 2013-11-05 06:53 . 2013-11-05 06:53 -------- d-----w- c:windowssystem32MRT 2013-10-26 06:18 . 2013-10-26 06:24 -------- d-----w- c:usershungkeongShesGonnaSquirt - Gaia - Squirting Like a Showerhead mp4s 2013-10-26 06:18 . 2013-11-09 02:46 -------- d-----w- c:program files (x86)PSupport 2013-10-26 06:15 . 2013-10-29 05:21 -------- d-----w- c:program files (x86)Kozaka 2013-10-26 06:15 . 2013-10-26 06:18 -------- d-----w- c:usershungkeongAppDataRoamingExpressFiles 2013-10-26 06:15 . 2013-10-26 06:15 -------- d-----w- c:program files (x86)ExpressFiles . . . (((((((((((((((((((((((((((((((((((((((( ÔÚÈý¸öÔÂÄÚ±»Ð޸ĵĵµ°¸ )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-09 03:39 . 2012-07-25 03:31 692616 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2013-10-09 03:39 . 2011-12-18 06:37 71048 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2013-09-26 03:07 . 2013-09-26 03:07 148792 ----a-w- c:windowssystem32driversavgdiska.sys 2013-09-22 23:28 . 2013-10-10 05:56 1767936 ----a-w- c:windowsSysWow64wininet.dll 2013-09-22 23:27 . 2013-10-10 05:57 2876928 ----a-w- c:windowsSysWow64jscript9.dll 2013-09-22 23:27 . 2013-10-10 05:57 61440 ----a-w- c:windowsSysWow64iesetup.dll 2013-09-22 23:27 . 2013-10-10 05:57 109056 ----a-w- c:windowsSysWow64iesysprep.dll 2013-09-22 22:55 . 2013-10-10 05:57 51712 ----a-w- c:windowssystem32ie4uinit.exe 2013-09-22 22:55 . 2013-10-10 05:56 2241024 ----a-w- c:windowssystem32wininet.dll 2013-09-22 22:55 . 2013-10-10 05:57 1365504 ----a-w- c:windowssystem32urlmon.dll 2013-09-22 22:54 . 2013-10-10 05:57 603136 ----a-w- c:windowssystem32msfeeds.dll 2013-09-22 22:54 . 2013-10-10 05:56 19252224 ----a-w- c:windowssystem32mshtml.dll 2013-09-22 22:54 . 2013-10-10 05:57 855552 ----a-w- c:windowssystem32jscript.dll 2013-09-22 22:54 . 2013-10-10 05:57 3959296 ----a-w- c:windowssystem32jscript9.dll 2013-09-22 22:54 . 2013-10-10 05:56 53248 ----a-w- c:windowssystem32jsproxy.dll 2013-09-22 22:54 . 2013-10-10 05:57 526336 ----a-w- c:windowssystem32ieui.dll 2013-09-22 22:54 . 2013-10-10 05:57 67072 ----a-w- c:windowssystem32iesetup.dll 2013-09-22 22:54 . 2013-10-10 05:57 39936 ----a-w- c:windowssystem32iernonce.dll 2013-09-22 22:54 . 2013-10-10 05:57 136704 ----a-w- c:windowssystem32iesysprep.dll 2013-09-22 22:54 . 2013-10-10 05:57 2647552 ----a-w- c:windowssystem32iertutil.dll 2013-09-22 22:54 . 2013-10-10 05:56 15404544 ----a-w- c:windowssystem32ieframe.dll 2013-09-21 03:38 . 2013-10-10 05:57 2706432 ----a-w- c:windowssystem32mshtml.tlb 2013-09-21 03:30 . 2013-10-10 05:57 2706432 ----a-w- c:windowsSysWow64mshtml.tlb 2013-09-21 02:48 . 2013-10-10 05:57 89600 ----a-w- c:windowssystem32RegisterIEPKEYs.exe 2013-09-21 02:39 . 2013-10-10 05:57 71680 ----a-w- c:windowsSysWow64RegisterIEPKEYs.exe 2013-09-14 01:10 . 2013-10-10 04:29 497152 ----a-w- c:windowssystem32driversafd.sys 2013-09-09 04:11 . 2013-09-09 04:11 31544 ----a-w- c:windowssystem32driversavgrkx64.sys 2013-09-08 02:30 . 2013-10-10 04:29 1903552 ----a-w- c:windowssystem32driverstcpip.sys 2013-09-08 02:27 . 2013-10-10 04:29 327168 ----a-w- c:windowssystem32mswsock.dll 2013-09-08 02:03 . 2013-10-10 04:29 231424 ----a-w- c:windowsSysWow64mswsock.dll 2013-09-04 12:12 . 2013-10-10 04:25 343040 ----a-w- c:windowssystem32driversusbhub.sys 2013-09-04 12:11 . 2013-10-10 04:25 325120 ----a-w- c:windowssystem32driversusbport.sys 2013-09-04 12:11 . 2013-10-10 04:25 99840 ----a-w- c:windowssystem32driversusbccgp.sys 2013-09-04 12:11 . 2013-10-10 04:25 52736 ----a-w- c:windowssystem32driversusbehci.sys 2013-09-04 12:11 . 2013-10-10 04:25 30720 ----a-w- c:windowssystem32driversusbuhci.sys 2013-09-04 12:11 . 2013-10-10 04:25 25600 ----a-w- c:windowssystem32driversusbohci.sys 2013-09-04 12:11 . 2013-10-10 04:25 7808 ----a-w- c:windowssystem32driversusbd.sys 2013-09-03 19:35 . 2010-11-21 03:27 278800 ------w- c:windowssystem32MpSigStub.exe 2013-09-02 16:59 . 2013-09-02 16:59 212280 ----a-w- c:windowssystem32driversavgldx64.sys 2013-09-02 16:29 . 2013-09-02 16:29 294712 ----a-w- c:windowssystem32driversavgloga.sys 2013-09-02 16:26 . 2013-09-02 16:26 192824 ----a-w- c:windowssystem32driversavgidsha.sys 2013-09-02 16:26 . 2013-09-02 16:26 241464 ----a-w- c:windowssystem32driversavgidsdrivera.sys 2013-08-29 02:17 . 2013-10-10 04:26 5549504 ----a-w- c:windowssystem32ntoskrnl.exe 2013-08-29 02:16 . 2013-10-10 04:26 1732032 ----a-w- c:windowssystem32ntdll.dll 2013-08-29 02:16 . 2013-10-10 04:26 243712 ----a-w- c:windowssystem32wow64.dll 2013-08-29 02:16 . 2013-10-10 04:26 859648 ----a-w- c:windowssystem32tdh.dll 2013-08-29 02:13 . 2013-10-10 04:26 878080 ----a-w- c:windowssystem32advapi32.dll 2013-08-29 01:51 . 2013-10-10 04:26 3969472 ----a-w- c:windowsSysWow64ntkrnlpa.exe 2013-08-29 01:51 . 2013-10-10 04:26 3914176 ----a-w- c:windowsSysWow64ntoskrnl.exe 2013-08-29 01:50 . 2013-10-10 04:26 5120 ----a-w- c:windowsSysWow64wow32.dll 2013-08-29 01:50 . 2013-10-10 04:26 1292192 ----a-w- c:windowsSysWow64ntdll.dll 2013-08-29 01:50 . 2013-10-10 04:26 619520 ----a-w- c:windowsSysWow64tdh.dll 2013-08-29 01:48 . 2013-10-10 04:26 640512 ----a-w- c:windowsSysWow64advapi32.dll 2013-08-29 01:48 . 2013-10-10 04:26 44032 ----a-w- c:windowsapppatchacwow64.dll 2013-08-29 00:49 . 2013-10-10 04:26 25600 ----a-w- c:windowsSysWow64setup16.exe 2013-08-29 00:49 . 2013-10-10 04:26 7680 ----a-w- c:windowsSysWow64instnm.exe 2013-08-29 00:49 . 2013-10-10 04:26 14336 ----a-w- c:windowsSysWow64ntvdm64.dll 2013-08-29 00:49 . 2013-10-10 04:26 2048 ----a-w- c:windowsSysWow64user.exe 2013-08-28 01:21 . 2013-10-10 04:26 3155968 ----a-w- c:windowssystem32win32k.sys 2013-08-28 01:12 . 2013-10-10 04:25 461312 ----a-w- c:windowssystem32scavengeui.dll 2013-08-21 04:53 . 2013-08-21 04:53 123704 ----a-w- c:windowssystem32driversavgmfx64.sys . . ((((((((((((((((((((((((((((((((((((( ÖØÒªµÇÈëµã )))))))))))))))))))))))))))))))))))))))))))))))))) . . *×¢Òâ* ¿Õ°×ÓëºÏ·¨È±Ê¡µÇ¼½«²»»á±»ÏÔʾ REGEDIT4 . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOTCLSID{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-11-20 07:04 220632 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910SkyDriveShell.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOTCLSID{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-11-20 07:04 220632 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910SkyDriveShell.dll . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOTCLSID{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-11-20 07:04 220632 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910SkyDriveShell.dll . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "PPAP"="c:program files (x86)Common FilesPPLiveNetworkPPAP.exe" [2013-01-31 251744] "swg"="c:program files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" [2011-05-16 39408] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2011-02-16 336384] "ToshibaServiceStation"="c:program files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe" [2010-07-01 1295224] "NortonOnlineBackupReminder"="c:program files (x86)ToshibaToshiba Online BackupActivationTOBuActivation.exe" [2010-08-17 3218792] "ToshibaAppPlace"="c:program files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe" [2010-09-23 552960] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2013-01-28 59720] "AVG_UI"="c:program files (x86)AVGAVG2014avgui.exe" [2013-10-08 4908592] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "aux"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x] R2 PPTVService;PPTVService;c:windowsSystem32svchost.exe;c:windowsSYSNATIVEsvchost.exe [x] R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe;c:program files (x86)SkypeUpdaterUpdater.exe [x] R3 GamesAppService;GamesAppService;c:program files (x86)WildTangent GamesAppGamesAppService.exe;c:program files (x86)WildTangent GamesAppGamesAppService.exe [x] R3 MEMSWEEP2;MEMSWEEP2;c:windowssystem3219C8.tmp;c:windowsSYSNATIVE19C8.tmp [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:windowssystem32DRIVERSnetaapl64.sys;c:windowsSYSNATIVEDRIVERSnetaapl64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys;c:windowsSYSNATIVEDriversRtsUStor.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:windowssystem32DRIVERSssadbus.sys;c:windowsSYSNATIVEDRIVERSssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:windowssystem32DRIVERSssadmdfl.sys;c:windowsSYSNATIVEDRIVERSssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:windowssystem32DRIVERSssadmdm.sys;c:windowsSYSNATIVEDRIVERSssadmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:windowssystem32driversTsUsbGD.sys;c:windowsSYSNATIVEdriversTsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys;c:windowsSYSNATIVEDriversusbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe;c:windowsSYSNATIVEWatWatAdminSvc.exe [x] S0 amd_sata;amd_sata;c:windowssystem32DRIVERSamd_sata.sys;c:windowsSYSNATIVEDRIVERSamd_sata.sys [x] S0 amd_xata;amd_xata;c:windowssystem32DRIVERSamd_xata.sys;c:windowsSYSNATIVEDRIVERSamd_xata.sys [x] S0 AVGIDSHA;AVGIDSHA;c:windowssystem32DRIVERSavgidsha.sys;c:windowsSYSNATIVEDRIVERSavgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:windowssystem32DRIVERSavgloga.sys;c:windowsSYSNATIVEDRIVERSavgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:windowssystem32DRIVERSavgmfx64.sys;c:windowsSYSNATIVEDRIVERSavgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:windowssystem32DRIVERSavgrkx64.sys;c:windowsSYSNATIVEDRIVERSavgrkx64.sys [x] S1 Avgdiska;AVG Disk Driver;c:windowssystem32DRIVERSavgdiska.sys;c:windowsSYSNATIVEDRIVERSavgdiska.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:windowssystem32DRIVERSavgidsdrivera.sys;c:windowsSYSNATIVEDRIVERSavgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:windowssystem32DRIVERSavgldx64.sys;c:windowsSYSNATIVEDRIVERSavgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:windowssystem32DRIVERSavgtdia.sys;c:windowsSYSNATIVEDRIVERSavgtdia.sys [x] S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:program files (x86)IObitAdvanced SystemCare 6ASCService.exe;c:program files (x86)IObitAdvanced SystemCare 6ASCService.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe;c:windowsSYSNATIVEatiesrxx.exe [x] S2 AVGIDSAgent;AVGIDSAgent;c:program files (x86)AVGAVG2014avgidsagent.exe;c:program files (x86)AVGAVG2014avgidsagent.exe [x] S2 avgwd;AVG WatchDog;c:program files (x86)AVGAVG2014avgwdsvc.exe;c:program files (x86)AVGAVG2014avgwdsvc.exe [x] S2 PCCUJobMgr;Common Client Job Manager Service;c:program files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe;c:program files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe [x] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys;c:windowsSYSNATIVEDRIVERSETD.sys [x] S3 FwLnk;FwLnk Driver;c:windowssystem32DRIVERSFwLnk.sys;c:windowsSYSNATIVEDRIVERSFwLnk.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:windowssystem32DRIVERSL1C62x64.sys;c:windowsSYSNATIVEDRIVERSL1C62x64.sys [x] S3 PGEffect;Pangu effect driver;c:windowssystem32DRIVERSpgeffect.sys;c:windowsSYSNATIVEDRIVERSpgeffect.sys [x] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:windowssystem32DRIVERSrtl8192Ce.sys;c:windowsSYSNATIVEDRIVERSrtl8192Ce.sys [x] S3 TMachInfo;TMachInfo;c:program files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe;c:program files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe [x] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe;c:program filesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe [x] . . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionsvchost] PPTVServiceGroup REG_MULTI_SZ PPTVService . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-19 03:13 1185744 ----a-w- c:program files (x86)GoogleChromeApplication30.0.1599.101Installerchrmstp.exe . ¡®¼Æ»®ÈÎÎñ¡¯ Îļþ¼Ð ÀïµÄÄÚÈÝ . 2013-11-12 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-25 03:39] . 2013-11-13 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-05-16 15:16] . 2013-11-13 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2011-05-16 15:16] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOTCLSID{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-11-20 07:04 244696 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64SkyDriveShell64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOTCLSID{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-11-20 07:04 244696 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64SkyDriveShell64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOTCLSID{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-11-20 07:04 244696 ----a-w- c:usershungkeongAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64SkyDriveShell64.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "SmartAudio"="c:program filesCONEXANTSAIISAIICpl.exe" [2010-12-14 316032] "TosVolRegulator"="c:program filesTOSHIBATosVolRegulatorTosVolRegulator.exe" [2009-11-11 24376] "TosSENotify"="c:program filesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe" [2010-02-06 709976] . ------- ¶øÍâµÄɨÃè ------- . uLocal Page = c:windowssystem32blank.htm mLocal Page = c:windowsSysWOW64blank.htm uInternet Settings,ProxyOverride = <local>;*.local TCP: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-ETDCtrl - c:program files (x86)ElantechETDCtrl.exe HKLM-Run-SmartFaceVWatcher - c:program files (x86)ToshibaSmartFaceVSmartFaceVWatcher.exe HKLM-Run-TPwrMain - c:program files (x86)TOSHIBAPower SaverTPwrMain.EXE HKLM-Run-SmoothView - c:program files (x86)ToshibaSmoothViewSmoothView.exe HKLM-Run-00TCrdMain - c:program files (x86)TOSHIBAFlashCardsTCrdMain.exe HKLM-Run-TosNC - c:program files (x86)ToshibaBulletinBoardTosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:program files (x86)TOSHIBAReelTimeTosReelTimeMonitor.exe AddRemove-Sophos-AntiRootkit - c:program files (x86)PCCleanuphelper.exe AddRemove-fTalk - c:usershungkeongAppDataLocalfTalkuninstall.exe . . . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesPCCUJobMgr] "ImagePath"=""c:program files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe" /s "PCCUJobMgr" /m "c:program files (x86)Norton PC CheckupEngine2.0.10.26diMaster.dll" /prefetch:1" . [HKEY_LOCAL_MACHINESYSTEMControlSet001servicesMEMSWEEP2] "ImagePath"="??c:windowssystem3219C8.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:windowssystem32MacromedFlashFlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:windowssystem32MacromedFlashFlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:windowsSysWOW64MacromedFlashFlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:windowsSysWOW64MacromedFlashFlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:windowsSysWOW64MacromedFlashFlash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:windowsSysWOW64MacromedFlashFlash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:windowsSysWOW64MacromedFlashFlash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:windowsSysWOW64MacromedFlashFlash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0000AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . Íê³Éʱ¼ä: 2013-11-12 19:34:42 ComboFix-quarantined-files.txt 2013-11-13 01:34 . Pre-Run: 171,773,100,032 bytes free Post-Run: 171,249,172,480 bytes free . - - End Of File - - FAF020DB868456741AC19C260515F5BE 5B5E648D12FCADC244C1EC30318E1EB9 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2013 01 Ran by hungkeong at 2013-11-12 18:13:47 Run:1 Running from C:Program Files (x86)PCCleanup Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU...409d6c4515e9InprocServer32: [Default-shell32] ?globalrootDeviceHarddiskVolume2UsersHUNGKE~1AppDataLocalTempsbqvajbsqpmbmkwow.dll ATTENTION! ====> ZeroAccess? SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {A2F1556D-24AD-4BB5-B644-32388BD25852} URL = BHO: MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport_x64.dll" No File BHO-x32: MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport.dll" No File Toolbar: HKLM - MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport_x64.dll" No File Toolbar: HKLM-x32 - MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport.dll" No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File FF Plugin-x32: @qq.com/QzoneMusic - C:Program Files (x86)TencentQQMusicnpQzoneMusic.dll No File FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered0NP_wtapp.dll () FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsprefs.js FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsuser.js CHR HKLMSOFTWAREPoliciesGoogle: Policy restriction <======= ATTENTION C:UsershungkeongAppDataLocalTempsbqvajbsqpmbmkwow.dll ***************** HKCUSoftwareClassesCLSID{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully. If the key returned, move the associated file, reboot and list the key for deletion. HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCRCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCRWow6432NodeCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCUSOFTWAREMicrosoftInternet ExplorerSearchScopes{A2F1556D-24AD-4BB5-B644-32388BD25852} => Key deleted successfully. HKCRCLSID{A2F1556D-24AD-4BB5-B644-32388BD25852} => Key not found. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4D503352-5636-006A-76A7-7A786E7484D7} => Key deleted successfully. HKCRCLSID{4D503352-5636-006A-76A7-7A786E7484D7} => Key deleted successfully. HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4D503352-5636-006A-76A7-7A786E7484D7} => Key deleted successfully. HKCRWow6432NodeCLSID{4D503352-5636-006A-76A7-7A786E7484D7} => Key deleted successfully. HKLMSOFTWAREMicrosoftInternet ExplorerToolbar{4D503352-5636-006A-76A7-7A786E7484D7} => Value deleted successfully. HKCRCLSID{4D503352-5636-006A-76A7-7A786E7484D7} => Key not found. HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar{4D503352-5636-006A-76A7-7A786E7484D7} => Value deleted successfully. HKCRWow6432NodeCLSID{4D503352-5636-006A-76A7-7A786E7484D7} => Key not found. HKCRPROTOCOLSHandlerskype-ie-addon-data => Key deleted successfully. HKCRCLSID{91774881-D725-4E58-B298-07617B9B86A8} => Key not found. HKLMSoftwareWow6432NodeMozillaPluginsFF Plugin-x32: @qq.com/QzoneMusic => Key not found. FF Plugin-x32: @qq.com/QzoneMusic not found. [email protected]/GamesAppPresenceDetector,Version=1.0 => Key deleted successfully. C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered0NP_wtapp.dll => Moved successfully. C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsprefs.js => Moved successfully. C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsuser.js => Moved successfully. HKLMSOFTWAREPoliciesGoogle => Key deleted successfully. C:UsershungkeongAppDataLocalTempsbqvajbsqpmbmkwow.dll => Moved successfully. ==== End of Fixlog ====
  10. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01 Ran by hungkeong at 2013-11-11 19:28:41 Running from C:Program Files (x86)PCCleanup Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== µTorrent (x32 Version: 3.3.0.29625) Adobe AIR (x32 Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Reader X MUI (x32 Version: 10.0.0) Advanced SystemCare 6 (x32 Version: 6.3) Amazon Links (x32 Version: 2.02) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36) ATI Catalyst Install Manager (Version: 3.0.808.0) AVG 2014 (Version: 14.0.3604) AVG 2014 (Version: 14.0.4158) AVG 2014 (Version: 2014.0.4158) Bejeweled 3 (x32 Version: 2.2.0.97) Bonjour (Version: 3.0.0.10) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0216.726.13233) Catalyst Control Center InstallProxy (x32 Version: 2011.0216.726.13233) Catalyst Control Center Localization All (x32 Version: 2011.0216.726.13233) CCC Help Chinese Standard (x32 Version: 2011.0216.0725.13233) CCC Help Chinese Traditional (x32 Version: 2011.0216.0725.13233) CCC Help Czech (x32 Version: 2011.0216.0725.13233) CCC Help Danish (x32 Version: 2011.0216.0725.13233) CCC Help Dutch (x32 Version: 2011.0216.0725.13233) CCC Help English (x32 Version: 2011.0216.0725.13233) CCC Help Finnish (x32 Version: 2011.0216.0725.13233) CCC Help French (x32 Version: 2011.0216.0725.13233) CCC Help German (x32 Version: 2011.0216.0725.13233) CCC Help Greek (x32 Version: 2011.0216.0725.13233) CCC Help Hungarian (x32 Version: 2011.0216.0725.13233) CCC Help Italian (x32 Version: 2011.0216.0725.13233) CCC Help Japanese (x32 Version: 2011.0216.0725.13233) CCC Help Korean (x32 Version: 2011.0216.0725.13233) CCC Help Norwegian (x32 Version: 2011.0216.0725.13233) CCC Help Polish (x32 Version: 2011.0216.0725.13233) CCC Help Portuguese (x32 Version: 2011.0216.0725.13233) CCC Help Russian (x32 Version: 2011.0216.0725.13233) CCC Help Spanish (x32 Version: 2011.0216.0725.13233) CCC Help Swedish (x32 Version: 2011.0216.0725.13233) CCC Help Thai (x32 Version: 2011.0216.0725.13233) CCC Help Turkish (x32 Version: 2011.0216.0725.13233) ccc-core-static (x32 Version: 2011.0216.726.13233) ccc-utility64 (Version: 2011.0216.726.13233) Chuzzle Deluxe (x32 Version: 2.2.0.95) Conexant HD Audio (Version: 8.54.1.0) D3DX10 (x32 Version: 15.4.2368.0902) ETDWare PS/2-X64 8.0.8.0_R01 (Version: 8.0.8.0) ExpressFiles (HKCU Version: 1.9.7) FATE - The Traitor Soul (x32 Version: 2.2.0.95) fTalk (HKCU Version: 3.0.0.3115) Google Chrome (x32 Version: 30.0.1599.101) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.21.165) iCloud (Version: 2.1.1.3) iTunes (Version: 11.0.2.26) Java Auto Updater (x32 Version: 2.0.2.1) Java 6 Update 20 (x32 Version: 6.0.200) Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 16.4.3505.0912) [email protected] 1.0 (x32 Version: 1.0) Malwarebytes Anti-Malware 版本 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Movie Maker (x32 Version: 16.4.3505.0912) MP3 Rocket (x32 Version: 6.3.16) MP3 Rocket Toolbar (x32 Version: 12.6.0.1688) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) Penguins! (x32 Version: 2.2.0.95) Photo Gallery (x32 Version: 16.4.3505.0912) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (x32 Version: 1.3.0) Polar Bowler (x32 Version: 2.2.0.95) PPTV V3.3.2.0070 (x32 Version: 3.3.2) Product Support 1.74.b1377 (x32) QuickTime (x32 Version: 7.73.80.64) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0) RealPlayer (x32 Version: 15.0.4) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30124) Realtek WLAN Driver (x32 Version: 2.00.0016) RealUpgrade 1.1 (x32 Version: 1.1.0) Skype Click to Call (x32 Version: 5.9.9216) Skype Launcher (x32 Version: 2.01) Skype 6.9 (x32 Version: 6.9.106) Sophos Anti-Rootkit 1.5.4 (x32 Version: 1.5.4) Tom Clancy's Splinter Cell (x32 Version: 2.2.0.97) Toshiba App Place (x32 Version: 1.0.6.3) TOSHIBA Application Installer (x32 Version: 9.0.1.1) TOSHIBA Assist (x32 Version: 4.02.02) Toshiba Book Place (x32 Version: 2.2.6775) TOSHIBA Bulletin Board (Version: 1.6.08.64) TOSHIBA Bulletin Board (x32 Version: 1.6.08.64) TOSHIBA Disc Creator (Version: 2.1.0.4 for x64) TOSHIBA Face Recognition (Version: 3.1.3.64) TOSHIBA Face Recognition (x32 Version: 3.1.3.64) TOSHIBA Hardware Setup (x32 Version: 2.00.14) TOSHIBA HDD/SSD Alert (Version: 3.1.64.6) TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6) Toshiba Laptop Checkup (x32 Version: 2.0.10.26) TOSHIBA Media Controller (x32 Version: 1.0.80.8.64) Toshiba Online Backup (x32 Version: 2.0.0.25) TOSHIBA Quality Application (x32 Version: 1.0.3) TOSHIBA Recovery Media Creator (x32 Version: 2.1.3.5109) TOSHIBA ReelTime (Version: 1.7.16.64) TOSHIBA ReelTime (x32 Version: 1.7.16.64) TOSHIBA Service Station (x32 Version: 2.1.45) TOSHIBA Supervisor Password (x32 Version: 2.00.07) TOSHIBA Value Added Package (Version: 1.3.22.64) TOSHIBA Value Added Package (x32 Version: 1.3.22.64) TOSHIBA Web Camera Application (x32 Version: 2.0.1.1) ToshibaRegistration (x32 Version: 1.0.4) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update Installer for WildTangent Games App (x32) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1) WildTangent Games (x32 Version: 1.0.2.5) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.4.16) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) WMV9/VC-1 Video Playback (Version: 1.00.0000) Zuma's Revenge (x32 Version: 2.2.0.97) ==================== Restore Points ========================= 16-10-2013 03:06:25 Windows Update 19-10-2013 03:39:36 Windows Update 23-10-2013 04:05:21 Windows Update 30-10-2013 03:39:12 Windows Update 05-11-2013 06:44:56 Windows Update 07-11-2013 07:42:02 Installed AVG 2014 07-11-2013 07:53:14 Removed AVG 2014 09-11-2013 04:43:26 Malwarebytes Anti-Rootkit Restore Point 09-11-2013 23:18:01 Installed AVG 2014 09-11-2013 23:19:23 Installed AVG 2014 ==================== Hosts content: ========================== 2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:windowssystem32Driversetchosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1EEBB8DD-E186-4751-B028-0857DF6D68D5} - System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-05-16] (Google Inc.) Task: {8C49296F-442C-4547-96E4-DAF7276646E8} - System32TasksRealUpgradeLogonTaskS-1-5-21-1641970090-1460547868-2588245608-1000 => C:Program Files (x86)RealRealUpgraderealupgrade.exe [2012-04-30] (RealNetworks, Inc.) Task: {BE868870-2037-4F6D-BDF8-E18EB3E4B4B7} - System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated) Task: {E7E4CFD7-13DB-4964-B358-77A8E505C4B0} - System32TasksExpress FilesUpdate => C:Program Files (x86)ExpressFilesEFUpdater.exe [2013-10-26] () Task: {EE387048-44BA-4B62-B396-3EF7A88FE9E3} - System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-05-16] (Google Inc.) Task: {FADE3FBD-C06F-4759-BE8C-0C263D021537} - System32TasksRealUpgradeScheduledTaskS-1-5-21-1641970090-1460547868-2588245608-1000 => C:Program Files (x86)RealRealUpgraderealupgrade.exe [2012-04-30] (RealNetworks, Inc.) Task: {FF9BBDAE-FE6A-4514-85DF-EC6D3A5B2C40} - System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:windowsTasksAdobe Flash Player Updater.job => C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe Task: C:windowsTasksGoogleUpdateTaskMachineCore.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe Task: C:windowsTasksGoogleUpdateTaskMachineUA.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-04-07 17:07 - 2010-04-07 17:07 - 09468728 _____ () C:Program FilesTOSHIBAFlashCardsBlackPng.dll 2009-11-03 14:26 - 2009-11-03 14:26 - 00053560 _____ () C:Program FilesTOSHIBAFlashCardsHotkeyFnZ.dll 2010-03-03 15:15 - 2010-03-03 15:15 - 00019256 _____ () C:Program FilesTOSHIBAFlashCardsHotkeyFnF10.dll 2010-03-03 15:15 - 2010-03-03 15:15 - 00019256 _____ () C:Program FilesTOSHIBAFlashCardsHotkeyFnF11.dll 2011-03-29 20:48 - 2009-06-22 16:40 - 00022328 _____ () C:Program FilesTOSHIBATOSHIBA AssistNotifyX.dll 2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:Program Files (x86)ToshibaPCDiagNotifyPCD.dll 2009-07-25 18:38 - 2009-07-25 18:38 - 00017800 _____ () C:Program FilesTOSHIBATOSHIBA Disc CreatorNotifyTDC.dll 2011-02-16 08:25 - 2011-02-16 08:25 - 00243712 _____ () C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-10-19 15:15 - 2010-10-19 15:15 - 00016384 ____R () C:Program Files (x86)ATI TechnologiesATI.ACEBrandingBranding.dll 2010-02-05 18:44 - 2010-02-05 18:44 - 00079192 _____ () C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosIPCWraper.dll 2012-12-17 16:14 - 2012-12-17 16:14 - 00954848 _____ () C:Program FilesCommon FilesAppleInternet ServicesShellStreams64.dll 2013-01-31 00:51 - 2013-01-31 00:51 - 02584912 _____ () C:windowssystem32kindling.dll 2013-11-07 02:36 - 2013-01-15 18:59 - 00161088 _____ () C:Program Files (x86)IObitAdvanced SystemCare 6ASCExtMenu_64.dll 2013-11-07 02:36 - 2013-01-15 18:47 - 00517440 _____ () C:Program Files (x86)IObitAdvanced SystemCare 6sqlite3.dll 2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll 2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll 2013-01-31 00:50 - 2013-01-31 00:50 - 00470352 _____ () C:Program Files (x86)Common FilesPPLiveNetwork1.0.1.3460MngModule.dll 2013-01-31 00:20 - 2013-10-30 20:57 - 00481680 _____ () C:Program Files (x86)Common FilesPPLiveNetwork1.0.1.3460tipsclient.dll 2013-02-20 02:45 - 2013-06-20 21:20 - 00108960 _____ () C:Program Files (x86)Common FilesPPLiveNetwork1.0.1.3460tipsdone.dll 2013-07-31 22:30 - 2013-07-31 22:30 - 00180560 _____ () C:Program Files (x86)Common FilesPPLiveNetwork1.0.1.3460tipsflash.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: TEAC DV-W28S-VT SATA CdRom Device Description: CD-ROM Drive Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard CD-ROM drives) Service: cdrom Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Error: (11/11/2013 07:28:37 PM) (Source: mbamchameleon) (User: ) Description: C0000022 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-11-08 21:27:19.110 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem3219C8.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-08 21:27:18.517 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem3219C8.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-08 21:23:05.274 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32385E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-08 21:23:04.728 Description: Windows is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32385E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 67% Total physical RAM: 1638.87 MB Available physical RAM: 532.77 MB Total Pagefile: 3277.73 MB Available Pagefile: 1280.66 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (TI106147W0C) (Fixed) (Total:220.08 GB) (Free:160.64 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 21779C7B) Partition 1: (Active) - (Size=1 GB) - (Type=27) Partition 2: (Not Active) - (Size=220 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=11 GB) - (Type=17) ==================== End Of Log ============================ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01 Ran by hungkeong (administrator) on HUNGKEONG-PC on 11-11-2013 19:25:20 Running from C:Program Files (x86)PCCleanup Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IObit) C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe (AMD) C:windowssystem32atiesrxx.exe (AMD) C:windowssystem32atieclxx.exe (Apple Inc.) C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe (Symantec Corporation) C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe (TOSHIBA Corporation) C:windowssystem32TODDSrv.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (Symantec Corporation) C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe () C:Program Files (x86)ExpressFilesEFUpdater.exe (ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrl.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAPower SaverTPwrMain.exe (TOSHIBA Corporation) C:Program FilesTOSHIBASmoothViewSmoothView.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (TOSHIBA Corporation) C:Program FilesTOSHIBABulletinBoardTosNcCore.exe (TOSHIBA Corporation) C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe (PPLive Corporation) C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe (TOSHIBA Corporation) C:Program Files (x86)ToshibaTOSHIBA Service StationToshibaServiceStation.exe (Advanced Micro Devices Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ELAN Microelectronics Corp.) C:Program FilesElantechETDCtrlHelper.exe (ATI Technologies Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (TOSHIBA Corporation) C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (Microsoft Corporation) C:windowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (Microsoft Corporation) C:windowsSysWOW64svchost.exe (TOSHIBA Corporation) C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (TOSHIBA Corporation) C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgwdsvc.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgrsa.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgui.exe (AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG2014avgcfgex.exe (Apple Inc.) C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe ==================== Registry (Whitelisted) ================== HKLM...Run: [] - [x] HKLM...Run: [smartAudio] - C:Program FilesCONEXANTSAIISAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM...Run: [ETDCtrl] - C:Program FilesElantechETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.) HKLM...Run: [smartFaceVWatcher] - C:Program FilesTOSHIBASmartFaceVSmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM...Run: [TPwrMain] - C:Program FilesTOSHIBAPower SaverTPwrMain.exe [566184 2010-09-28] (TOSHIBA Corporation) HKLM...Run: [smoothView] - C:Program FilesTOSHIBASmoothViewSmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation) HKLM...Run: [00TCrdMain] - C:Program FilesTOSHIBAFlashCardsTCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM...Run: [TosVolRegulator] - C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM...Run: [TosSENotify] - C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM...Run: [TosNC] - C:Program FilesTOSHIBABulletinBoardTosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation) HKLM...Run: [TosReelTimeMonitor] - C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation) HKLM-x32...RunOnce: [ (A0)] - cmd /c "C:Program Files (x86)PCCleanupMalwareanirootmbarmbar.exe" /rdv /s [1170744 2013-10-07] (Malwarebytes Corporation) HKCU...Run: [PPAP] - C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe [251744 2013-01-31] (PPLive Corporation) HKCU...409d6c4515e9InprocServer32: [Default-shell32] ?globalrootDeviceHarddiskVolume2UsersHUNGKE~1AppDataLocalTempsbqvajbsqpmbmkwow.dll ATTENTION! ====> ZeroAccess? MountPoints2: {924ccbff-1098-11e2-ab50-00266cbd4f55} - E:LaunchU3.exe -a HKLM-x32...Run: [startCCC] - C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [336384 2011-02-16] (Advanced Micro Devices, Inc.) HKLM-x32...Run: [ToshibaServiceStation] - C:Program Files (x86)ToshibaTOSHIBA Service StationToshibaServiceStation.exe [1295224 2010-07-01] (TOSHIBA Corporation) HKLM-x32...Run: [NortonOnlineBackupReminder] - C:Program Files (x86)ToshibaToshiba Online BackupActivationTobuActivation.exe [3218792 2010-08-17] (Toshiba) HKLM-x32...Run: [ToshibaAppPlace] - C:Program Files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) HKLM-x32...Run: [APSDaemon] - C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32...Run: [AVG_UI] - C:Program Files (x86)AVGAVG2014avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) ==================== Internet (Whitelisted) ==================== HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/ HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://start.toshiba.com/g/ SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {A2F1556D-24AD-4BB5-B644-32388BD25852} URL = BHO: MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport_x64.dll" No File BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll (RealPlayer) BHO-x32: MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport.dll" No File BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASCPlugin_Protection.dll (IObit) BHO-x32: MP3 Rocket Downloader - {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - C:WindowsSysWOW64mscoree.dll (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM - MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport_x64.dll" No File Toolbar: HKLM-x32 - MP3 Rocket Toolbar - {4D503352-5636-006A-76A7-7A786E7484D7} - "C:Program Files (x86)AskPartnerNetworkToolbarMP3RV6Passport.dll" No File Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies) TcpipParameters: [DhcpNameServer] 24.217.0.5 24.217.201.67 24.247.15.53 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:windowssystem32MacromedFlashNPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:windowsSysWOW64MacromedFlashNPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pptv.com/plugin - C:Program Files (x86)Internet ExplorerPPLiteplugin1.0.1.3460npplugin2.dll (PPLive Corporation) FF Plugin-x32: @qq.com/QzoneMusic - C:Program Files (x86)TencentQQMusicnpQzoneMusic.dll No File FF Plugin-x32: @qq.com/TXSSO - C:Program Files (x86)Common FilesTencentTXSSO1.2.1.87BinnpSSOAxCtrlForPTLogin.dll (Tencent) FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:program files (x86)realrealplayerNetscape6nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:Program Files (x86)GoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered0NP_wtapp.dll () FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsextensions FF Extension: mp3rocketdownloader - C:UsershungkeongAp[email protected]mp3rocket.me.xpi FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsprefs.js FF Extension: No Name - C:UsershungkeongAppDataRoamingMozillaFirefoxprofilesextensionsuser.js FF HKLM-x32...FirefoxExtensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF Extension: RealPlayer Browser Record Plugin - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF HKLM-x32...FirefoxExtensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt FF Extension: RealPlayer Browser Record Plugin - C:ProgramDataRealRealPlayerBrowserRecordPluginFirefoxExt Chrome: ======= CHR Plugin: (Shockwave Flash) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101PepperFlashpepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:Program Files (x86)GoogleChromeApplication30.0.1599.101pdf.dll () CHR Plugin: (ChromeUtilPlugin) - C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaalfcdpfagiijfjeapclohpegmcpml11.39725_0background/ChromeUtilPlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:Program Files (x86)AdobeReader 10.0ReaderBrowsernppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Platform SE 6 U20) - C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:Program Files (x86)QuickTimepluginsnpqtplugin7.dll (Apple Inc.) CHR Plugin: (Tencent SSO Platform) - C:Program Files (x86)Common FilesTencentTXSSO1.2.1.87BinnpSSOAxCtrlForPTLogin.dll (Tencent) CHR Plugin: (Google Update) - C:Program Files (x86)GoogleUpdate1.3.21.135npGoogleUpdate3.dll No File CHR Plugin: (PPLive PPTV Plugin) - C:Program Files (x86)Internet ExplorerPPLiteplugin1.0.1.3460npplugin2.dll (PPLive Corporation) CHR Plugin: (QQMusic) - C:Program Files (x86)TencentQQMusicnpQzoneMusic.dll No File CHR Plugin: (Photo Gallery) - C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll () CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Shockwave Flash) - C:windowsSysWOW64MacromedFlashNPSWF32_11_6_602_180.dll No File CHR Plugin: (Silverlight Plug-In) - c:Program Files (x86)Microsoft Silverlight5.1.20125.0npctrl.dll No File CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:program files (x86)realrealplayerNetscape6nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - c:program files (x86)realrealplayerNetscape6nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - c:program files (x86)realrealplayerNetscape6nprpplugin.dll (RealPlayer) CHR Extension: (MP3 Rocket Toolbar) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsaaaalfcdpfagiijfjeapclohpegmcpml25.61001_1 CHR Extension: (Google Docs) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake0.5_0 CHR Extension: (Google Drive) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0 CHR Extension: (YouTube) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0 CHR Extension: (ShoppingChip) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionscdlfekohkhfdbpmokgdkhemgjkdclabo1.1 CHR Extension: (Google Search) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.20_0 CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_0 CHR Extension: (Skype Click to Call) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.9.0.9216_0 CHR Extension: (Advanced SystemCare Surfing Protection) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd1.0.0_1 CHR Extension: (Google Wallet) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda0.0.5.0_0 CHR Extension: (Gmail) - C:UsersHUNGKE~1AppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1 CHR HKLM-x32...ChromeExtension: [aaaalfcdpfagiijfjeapclohpegmcpml] - C:ProgramDataAskPartnerNetworkToolbarMP3RV6CRXToolbarCR.crx CHR HKLM-x32...ChromeExtension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:ProgramDataRealRealPlayerBrowserRecordPluginChromeExtrphtml5video.crx CHR HKLM-x32...ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:Program Files (x86)SkypeToolbarsSkype for Chromiumskype_chrome_extension.crx CHR HKLM-x32...ChromeExtension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASC_GhromePlugin.crx CHR HKLMSOFTWAREPoliciesGoogle: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService6; C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [574272 2013-04-18] (IObit) S2 AVGIDSAgent; C:Program Files (x86)AVGAVG2014avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:Program Files (x86)AVGAVG2014avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) R2 PCCUJobMgr; C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation) R2 PPTVService; C:windowsSysWOW64PPTVSvc.dll [478032 2013-01-31] (PPTV) ==================== Drivers (Whitelisted) ==================== R1 Avgdiska; C:WindowsSystem32DRIVERSavgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:WindowsSystem32DRIVERSavgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:WindowsSystem32DRIVERSavgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:WindowsSystem32DRIVERSavgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:WindowsSystem32DRIVERSavgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:WindowsSystem32DRIVERSavgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:WindowsSystem32DRIVERSavgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:WindowsSystem32DRIVERSavgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) R3 mbamchameleon; C:windowssystem32driversmbamchameleon.sys [91352 2013-11-08] (Malwarebytes Corporation) S3 MEMSWEEP2; C:windowssystem3219C8.tmp [6144 2010-05-26] (Sophos Plc) U5 GEARAspiWDM; C:WindowsSystem32DriversGEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-11 19:25 - 2013-11-11 19:25 - 00000000 ____D C:FRST 2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:windowsERUNT 2013-11-11 18:44 - 2013-11-11 18:46 - 00000000 ____D C:AdwCleaner 2013-11-11 18:40 - 2013-11-11 18:40 - 00001184 _____ C:UsershungkeongDesktopPCCleanup - Shortcut.lnk 2013-11-09 17:25 - 2013-11-09 17:25 - 00000000 ____D C:UsershungkeongAppDataRoamingAVG2014 2013-11-09 17:23 - 2013-11-09 17:23 - 00000000 ____D C:UsershungkeongAppDataRoamingTuneUp Software 2013-11-09 17:20 - 2013-11-09 17:24 - 00000000 ____D C:ProgramDataAVG2014 2013-11-09 17:20 - 2013-11-09 17:20 - 00000000 ___HD C:$AVG 2013-11-09 17:19 - 2013-11-09 17:19 - 00000000 ____D C:Program Files (x86)AVG 2013-11-08 22:19 - 2013-11-08 22:44 - 00000000 ____D C:ProgramDataMalwarebytes' Anti-Malware (portable) 2013-11-08 22:18 - 2013-11-08 22:18 - 00091352 _____ (Malwarebytes Corporation) C:windowssystem32Driversmbamchameleon.sys 2013-11-08 21:27 - 2010-05-26 10:39 - 00006144 ____N (Sophos Plc) C:windowssystem3219C8.tmp 2013-11-08 21:23 - 2010-05-26 10:39 - 00006144 ____N (Sophos Plc) C:windowssystem32385E.tmp 2013-11-07 02:52 - 2013-11-11 18:35 - 00000392 _____ C:windowssetupact.log 2013-11-07 02:52 - 2013-11-07 02:52 - 00000000 _____ C:windowssetuperr.log 2013-11-07 02:51 - 2013-11-08 20:49 - 00003374 _____ C:windowsPFRO.log 2013-11-07 02:36 - 2013-11-07 02:36 - 00001275 _____ C:UsershungkeongAppDataRoamingMicrosoftWindowsStart MenuUninstall Programs.lnk 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:UsershungkeongAppDataRoamingIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramDataIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramData{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:Program Files (x86)IObit 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:UsershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:ProgramDataSUPERAntiSpyware.com 2013-11-07 02:30 - 2013-11-07 02:31 - 00216352 _____ C:UsershungkeongDocumentscc_20131107_BackUp.reg 2013-11-07 01:14 - 2013-11-10 09:58 - 00000000 ____D C:ProgramDataMFAData 2013-11-07 01:14 - 2013-11-09 17:27 - 00000000 ____D C:UsershungkeongAppDataLocalAvg2014 2013-11-07 01:14 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalMFAData 2013-11-07 00:56 - 2013-11-11 18:49 - 00000000 ____D C:Program Files (x86)PCCleanup 2013-11-05 01:12 - 2013-11-05 01:44 - 00000000 ____D C:windowssystem32MpEngineStore 2013-11-05 00:53 - 2013-11-05 00:53 - 00000000 ____D C:windowssystem32MRT 2013-11-05 00:51 - 2013-09-26 01:46 - 80541720 _____ (Microsoft Corporation) C:windowssystem32MRT.exe 2013-11-04 23:48 - 2013-11-04 23:48 - 00003230 _____ C:windowsSystem32TasksRealUpgradeLogonTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-11-04 23:47 - 2013-11-04 23:47 - 00003356 _____ C:windowsSystem32TasksRealUpgradeScheduledTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-10-26 00:30 - 2013-10-26 00:58 - 725141504 _____ C:UsershungkeongSquirting Orgasms (How To) - Step By Step Detailed Technique.avi 2013-10-26 00:21 - 2013-10-26 00:32 - 73143702 _____ C:UsershungkeongHow Make Squirting Orgasms By Woman - Training Vid.avi 2013-10-26 00:18 - 2013-11-08 20:46 - 00000000 ____D C:Program Files (x86)PSupport 2013-10-26 00:18 - 2013-10-26 00:24 - 00000000 ____D C:UsershungkeongShesGonnaSquirt - Gaia - Squirting Like a Showerhead mp4s 2013-10-26 00:18 - 2013-10-26 00:18 - 00003992 _____ C:UsershungkeongDesktop{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} 2013-10-26 00:15 - 2013-10-28 23:21 - 00000000 ____D C:Program Files (x86)Kozaka 2013-10-26 00:15 - 2013-10-26 00:18 - 00000000 ____D C:UsershungkeongAppDataRoamingExpressFiles 2013-10-26 00:15 - 2013-10-26 00:15 - 00003098 _____ C:windowsSystem32TasksExpress FilesUpdate 2013-10-26 00:15 - 2013-10-26 00:15 - 00001964 _____ C:UsersPublicDesktopExpress Files.lnk 2013-10-26 00:15 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)ExpressFiles ==================== One Month Modified Files and Folders ======= 2013-11-11 19:25 - 2013-11-11 19:25 - 00000000 ____D C:FRST 2013-11-11 19:12 - 2011-05-16 09:16 - 00000912 _____ C:windowsTasksGoogleUpdateTaskMachineUA.job 2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:windowsERUNT 2013-11-11 18:49 - 2013-11-07 00:56 - 00000000 ____D C:Program Files (x86)PCCleanup 2013-11-11 18:46 - 2013-11-11 18:44 - 00000000 ____D C:AdwCleaner 2013-11-11 18:44 - 2011-05-16 08:24 - 01632703 _____ C:windowsWindowsUpdate.log 2013-11-11 18:42 - 2011-05-16 09:16 - 00000908 _____ C:windowsTasksGoogleUpdateTaskMachineCore.job 2013-11-11 18:41 - 2009-07-13 23:13 - 00726444 _____ C:windowssystem32PerfStringBackup.INI 2013-11-11 18:40 - 2013-11-11 18:40 - 00001184 _____ C:UsershungkeongDesktopPCCleanup - Shortcut.lnk 2013-11-11 18:39 - 2012-07-24 21:31 - 00000830 _____ C:windowsTasksAdobe Flash Player Updater.job 2013-11-11 18:35 - 2013-11-07 02:52 - 00000392 _____ C:windowssetupact.log 2013-11-10 09:58 - 2013-11-07 01:14 - 00000000 ____D C:ProgramDataMFAData 2013-11-09 19:09 - 2011-08-07 23:56 - 00000000 ____D C:UsershungkeongAppDataLocalVirtualStore 2013-11-09 17:27 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalAvg2014 2013-11-09 17:25 - 2013-11-09 17:25 - 00000000 ____D C:UsershungkeongAppDataRoamingAVG2014 2013-11-09 17:24 - 2013-11-09 17:20 - 00000000 ____D C:ProgramDataAVG2014 2013-11-09 17:23 - 2013-11-09 17:23 - 00000000 ____D C:UsershungkeongAppDataRoamingTuneUp Software 2013-11-09 17:20 - 2013-11-09 17:20 - 00000000 ___HD C:$AVG 2013-11-09 17:19 - 2013-11-09 17:19 - 00000000 ____D C:Program Files (x86)AVG 2013-11-09 01:13 - 2009-07-13 22:45 - 00024608 ____H C:windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-09 01:13 - 2009-07-13 22:45 - 00024608 ____H C:windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-08 22:44 - 2013-11-08 22:19 - 00000000 ____D C:ProgramDataMalwarebytes' Anti-Malware (portable) 2013-11-08 22:18 - 2013-11-08 22:18 - 00091352 _____ (Malwarebytes Corporation) C:windowssystem32Driversmbamchameleon.sys 2013-11-08 20:49 - 2013-11-07 02:51 - 00003374 _____ C:windowsPFRO.log 2013-11-08 20:49 - 2013-02-20 02:44 - 00000000 ____D C:FavoriteVideo 2013-11-08 20:49 - 2009-07-13 23:08 - 00000006 ____H C:windowsTasksSA.DAT 2013-11-08 20:46 - 2013-10-26 00:18 - 00000000 ____D C:Program Files (x86)PSupport 2013-11-07 03:23 - 2011-11-29 22:17 - 00000000 ____D C:UsershungkeongAppDataLocalCrashDumps 2013-11-07 02:52 - 2013-11-07 02:52 - 00000000 _____ C:windowssetuperr.log 2013-11-07 02:36 - 2013-11-07 02:36 - 00001275 _____ C:UsershungkeongAppDataRoamingMicrosoftWindowsStart MenuUninstall Programs.lnk 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:UsershungkeongAppDataRoamingIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramDataIObit 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:ProgramData{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 02:36 - 2013-11-07 02:36 - 00000000 ____D C:Program Files (x86)IObit 2013-11-07 02:36 - 2011-10-12 22:34 - 00000000 ____D C:UsershungkeongAppDataRoamingApple Computer 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:UsershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:31 - 00000000 ____D C:ProgramDataSUPERAntiSpyware.com 2013-11-07 02:31 - 2013-11-07 02:30 - 00216352 _____ C:UsershungkeongDocumentscc_20131107_BackUp.reg 2013-11-07 01:58 - 2013-05-06 20:35 - 00000000 ____D C:UsershungkeongAppDataRoaminguTorrent 2013-11-07 01:58 - 2011-08-18 00:12 - 00000000 ____D C:UsershungkeongTracing 2013-11-07 01:58 - 2011-08-10 23:42 - 00000000 ____D C:UsershungkeongAppDataRoamingSkype 2013-11-07 01:58 - 2011-03-29 21:11 - 00000000 ____D C:windowsPanther 2013-11-07 01:14 - 2013-11-07 01:14 - 00000000 ____D C:UsershungkeongAppDataLocalMFAData 2013-11-06 22:39 - 2011-08-08 00:00 - 00000000 ____D C:UsershungkeongAppDataRoamingToshiba 2013-11-05 01:44 - 2013-11-05 01:12 - 00000000 ____D C:windowssystem32MpEngineStore 2013-11-05 00:53 - 2013-11-05 00:53 - 00000000 ____D C:windowssystem32MRT 2013-11-04 23:48 - 2013-11-04 23:48 - 00003230 _____ C:windowsSystem32TasksRealUpgradeLogonTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-11-04 23:47 - 2013-11-04 23:47 - 00003356 _____ C:windowsSystem32TasksRealUpgradeScheduledTaskS-1-5-21-1641970090-1460547868-2588245608-1000 2013-10-28 23:21 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)Kozaka 2013-10-26 00:58 - 2013-10-26 00:30 - 725141504 _____ C:UsershungkeongSquirting Orgasms (How To) - Step By Step Detailed Technique.avi 2013-10-26 00:32 - 2013-10-26 00:21 - 73143702 _____ C:UsershungkeongHow Make Squirting Orgasms By Woman - Training Vid.avi 2013-10-26 00:30 - 2011-08-07 23:53 - 00000000 ____D C:Usershungkeong 2013-10-26 00:24 - 2013-10-26 00:18 - 00000000 ____D C:UsershungkeongShesGonnaSquirt - Gaia - Squirting Like a Showerhead mp4s 2013-10-26 00:18 - 2013-10-26 00:18 - 00003992 _____ C:UsershungkeongDesktop{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} 2013-10-26 00:18 - 2013-10-26 00:15 - 00000000 ____D C:UsershungkeongAppDataRoamingExpressFiles 2013-10-26 00:15 - 2013-10-26 00:15 - 00003098 _____ C:windowsSystem32TasksExpress FilesUpdate 2013-10-26 00:15 - 2013-10-26 00:15 - 00001964 _____ C:UsersPublicDesktopExpress Files.lnk 2013-10-26 00:15 - 2013-10-26 00:15 - 00000000 ____D C:Program Files (x86)ExpressFiles 2013-10-18 20:54 - 2011-08-10 23:42 - 00000000 ____D C:ProgramDataSkype 2013-10-18 20:53 - 2011-08-10 23:42 - 00000000 ___RD C:Program Files (x86)Skype 2013-10-17 22:33 - 2011-09-05 22:41 - 00000000 ____D C:UsershungkeongIncomplete 2013-10-16 21:07 - 2011-05-16 09:16 - 00003908 _____ C:windowsSystem32TasksGoogleUpdateTaskMachineUA 2013-10-16 21:07 - 2011-05-16 09:16 - 00003656 _____ C:windowsSystem32TasksGoogleUpdateTaskMachineCore 2013-10-14 21:41 - 2009-07-13 21:20 - 00000000 ____D C:windowssystem32NDF 2013-10-13 13:55 - 2009-07-13 21:20 - 00000000 ____D C:windowsrescache Alureon: C:UsershungkeongAppDataLocalTempsbqvajbsqpmbmkwow.dll ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legit C:WindowsSystem32wininit.exe => MD5 is legit C:WindowsSysWOW64wininit.exe => MD5 is legit C:Windowsexplorer.exe => MD5 is legit C:WindowsSysWOW64explorer.exe => MD5 is legit C:WindowsSystem32svchost.exe => MD5 is legit C:WindowsSysWOW64svchost.exe => MD5 is legit C:WindowsSystem32services.exe => MD5 is legit C:WindowsSystem32User32.dll => MD5 is legit C:WindowsSysWOW64User32.dll => MD5 is legit C:WindowsSystem32userinit.exe => MD5 is legit C:WindowsSysWOW64userinit.exe => MD5 is legit C:WindowsSystem32Driversvolsnap.sys => MD5 is legit LastRegBack: 2013-11-10 00:51 ==================== End Of Log ============================ [*]The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it. *As to this,I have no idea on what to keep as this is not my pc.If it's really needed I can have the owner read the logs and let me know if anything to keep.Thank you juliet for the help.
  11. # AdwCleaner v3.012 - Report created 11/11/2013 at 18:44:31 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : hungkeong - HUNGKEONG-PC # Running from : C:Program Files (x86)PCCleanupAdwCleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : APNMCP ***** [ Files / Folders ] ***** File Found : C:UsershungkeongAppDataRoamingMozillaFirefoxProfilesextensionsuser.js File Found : C:windowsSystem32TasksExpress FilesUpdate Folder Found C:Program Files (x86)AskPartnerNetwork Folder Found C:Program Files (x86)Common FilesTencent Folder Found C:Program Files (x86)ExpressFiles Folder Found C:Program Files (x86)Ilivid Folder Found C:Program Files (x86)Moozy Folder Found C:Program Files (x86)MyPC Backup Folder Found C:Program Files (x86)Tencent Folder Found C:ProgramDataapn Folder Found C:ProgramDataAskPartnerNetwork Folder Found C:ProgramDataMicrosoftWindowsStart MenuProgramsIlivid Folder Found C:ProgramDataTencent Folder Found C:UsershungkeongAppDataLocalIlivid Player Folder Found C:UsershungkeongAppDataLocalPackageAware Folder Found C:UsershungkeongAppDataLocalSwvUpdater Folder Found C:UsershungkeongAppDataLocalLowiac Folder Found C:UsershungkeongAppDataRoamingExpressFiles Folder Found C:UsershungkeongAppDataRoamingpccustubinstaller Folder Found C:UsershungkeongAppDataRoamingTencent ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCUSoftwareAPN PIP Key Found : HKCUSoftwareAskPartnerNetwork Key Found : HKCUSoftwareExpressFiles Key Found : HKCUSoftwarefTalk Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallExpressFiles Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallfTalk Key Found : HKCUSoftwareTENCENT Key Found : HKCUSoftwareZugo Key Found : [x64] HKCUSoftwareAPN PIP Key Found : [x64] HKCUSoftwareAskPartnerNetwork Key Found : [x64] HKCUSoftwareExpressFiles Key Found : [x64] HKCUSoftwarefTalk Key Found : [x64] HKCUSoftwareTENCENT Key Found : [x64] HKCUSoftwareZugo Key Found : HKLMSoftwareAskPartnerNetwork Key Found : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Found : HKLMSOFTWAREClassesApplicationsilividsetupv1.exe Key Found : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Found : HKLMSOFTWAREClassesCLSID{44CBC005-6243-4502-8A02-3A096A282664} Key Found : HKLMSOFTWAREClassesCLSID{80703783-E415-4EE3-AB60-D36981C5A6F1} Key Found : HKLMSOFTWAREClassesCLSID{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLMSOFTWAREClassesCLSID{D8278076-BC68-4484-9233-6E7F1628B56C} Key Found : HKLMSOFTWAREClassesCLSID{F297534D-7B06-459D-BC19-2DD8EF69297B} Key Found : HKLMSoftwareClassesInstallerFeatures2B1E51D87B2D71A44BB42DDD5E894160 Key Found : HKLMSoftwareClassesInstallerProducts2B1E51D87B2D71A44BB42DDD5E894160 Key Found : HKLMSOFTWAREClassesInterface{80703783-E415-4EE3-AB60-D36981C5A6F1} Key Found : HKLMSOFTWAREClassesTypeLib{9945959C-AAD8-4312-8B57-2DE11927E770} Key Found : HKLMSoftwareExpressFiles Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{6978F29A-3493-40B2-8CDC-9C13A02F85A4} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{D7949A66-D936-4028-9552-14F7DC50F38D} Key Found : HKLMSOFTWAREMicrosoftTracingApnSetup_RASAPI32 Key Found : HKLMSOFTWAREMicrosoftTracingApnSetup_RASMANCS Key Found : HKLMSOFTWAREMicrosoftTracingapnstub_RASAPI32 Key Found : HKLMSOFTWAREMicrosoftTracingapnstub_RASMANCS Key Found : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasapi32 Key Found : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasmancs Key Found : HKLMSOFTWAREMicrosoftTracingAskSLib_RASAPI32 Key Found : HKLMSOFTWAREMicrosoftTracingAskSLib_RASMANCS Key Found : HKLMSOFTWAREMicrosoftTracingiLividSetupV1_RASAPI32 Key Found : HKLMSOFTWAREMicrosoftTracingiLividSetupV1_RASMANCS Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSP_963508d2 Key Found : HKLMSoftwarePIP Key Found : HKLMSoftwareSP Global Key Found : HKLMSoftwareSProtector Key Found : HKLMSoftwareTENCENT Key Found : [x64] HKLMSOFTWAREAskPartnerNetwork Key Found : [x64] HKLMSOFTWAREClassesInterface{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Found : [x64] HKLMSOFTWAREClassesInterface{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Found : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{6978F29A-3493-40B2-8CDC-9C13A02F85A4} Key Found : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{D7949A66-D936-4028-9552-14F7DC50F38D} Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [ Browsers ] ***** - Internet Explorer v10.0.9200.16720 - Mozilla Firefox v [ File : C:UsershungkeongAppDataRoamingMozillaFirefoxProfilesextensionsprefs.js ] - Google Chrome v30.0.1599.101 [ File : C:UsershungkeongAppDataLocalGoogleChromeUser DataDefaultpreferences ] ************************* AdwCleaner[R0].txt - [5735 octets] - [11/11/2013 18:44:31] ########## EOF - C:AdwCleanerAdwCleaner[R0].txt - [5795 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 7 Home Premium x64 Ran by hungkeong on 11/11/2013 Mon at 18:53:17.72 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] APNMCP Successfully deleted: [service] APNMCP ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwarezugo Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesapplicationsilividsetupv1.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingapnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingapnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingaskpartnercobrandingtool_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingaskpartnercobrandingtool_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingilividsetupv1_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingilividsetupv1_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstall{8d15e1b2-d2b7-4a17-b44b-d2dde5981406} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432Nodesp global Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432Nodesprotector Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingAskInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingAskInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingAskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingAskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAPNSetup_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAPNSetup_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAskInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAskInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareWow6432NodeMicrosoftTracingAskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerSearchScopes{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6E89E1D3-C66F-41C4-A648-CD91544E99C3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{6E89E1D3-C66F-41C4-A648-CD91544E99C3} Successfully deleted: [Registry Key] "hkey_current_usersoftwareapn pip" Successfully deleted: [Registry Key] "hkey_current_usersoftwareaskpartnernetwork" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareaskpartnernetwork" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareclassesclsid{44cbc005-6243-4502-8a02-3a096a282664}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareclassesclsid{80703783-e415-4ee3-ab60-d36981c5a6f1}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareclassesclsid{d8278076-bc68-4484-9233-6e7f1628b56c}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareclassesclsid{f297534d-7b06-459d-bc19-2dd8ef69297b}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwareclassestypelib{9945959c-aad8-4312-8b57-2de11927e770}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwaremicrosoftinternet explorerlow rightselevationpolicy{6978f29a-3493-40b2-8cdc-9c13a02f85a4}" Successfully deleted: [Registry Key] "hkey_local_machinesoftwaremicrosoftinternet explorerlow rightselevationpolicy{d7949a66-d936-4028-9552-14f7dc50f38d}" ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:ProgramDataapn" Successfully deleted: [Folder] "C:ProgramDatatencent" Successfully deleted: [Folder] "C:UsershungkeongAppDataRoamingpccustubinstaller" Successfully deleted: [Folder] "C:UsershungkeongAppDataRoamingtencent" Successfully deleted: [Folder] "C:Usershungkeongappdatalocalftalk" Successfully deleted: [Folder] "C:Usershungkeongappdatalocalilivid player" Successfully deleted: [Folder] "C:Usershungkeongappdatalocalswvupdater" Successfully deleted: [Folder] "C:Usershungkeongappdatalocallowiac" Successfully deleted: [Folder] "C:Program Files (x86)ilivid" Successfully deleted: [Folder] "C:Program Files (x86)mypc backup" Successfully deleted: [Folder] "C:Program Files (x86)tencent" Successfully deleted: [Folder] "C:ProgramDataMicrosoftWindowsStart MenuProgramsilivid" Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{057E33A2-BA68-430D-B244-1905610FBD74} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{0D9CB02B-6863-425B-93CC-7312272E3C16} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{1EA01FE6-5BCC-4072-ACF4-68327D98F44D} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{22C340F9-A508-4F50-87ED-D14520D2704A} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{26746FEC-160E-41AD-BBBB-6CF21C1B5DA4} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{2E721B41-6067-415C-BB7E-170068B5CE67} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{2EA2D917-9507-47B2-9414-FED71580B79F} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{300D73A6-E80D-46B8-B5F7-DA1D678D8591} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{35A55996-1310-416D-835A-B9BF6CBFECF7} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{403E311F-1CFB-4340-8E7A-F23D73A78C01} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{412A486F-CC2D-45F2-9CEE-5D8CD578788C} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{4AA9E8F5-DACE-48C8-91D1-847130EB93BF} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{51C34600-460D-444C-A7ED-D2DF2D99253E} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{56A26305-FA64-4A36-904D-AF2DE6FB002F} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{58A5474C-0147-4A57-A745-D2019B9A619E} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{59950836-9FBD-4326-AA13-BFE66D3765C9} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{59DACA5C-BFC5-43C5-B131-F23FC8037163} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{5CF24175-2FD6-41A6-89C6-B2C3E6C45C56} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{60208508-40F0-43C6-B73E-04376DEBF0B9} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{64BEE92A-E168-425E-8680-678A44D11C0D} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{691939CE-0D7A-4C7F-9024-D26583C3ADB6} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{6D9BB607-2EB7-4D5D-8928-93394DF7F311} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{732A651B-2514-4547-B614-FF8B25F47B4C} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{84C82CE1-0690-4C23-A051-2DA73DD49FB7} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{85539FE6-3FAC-4D86-AC3E-D6AAE1F486C1} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{8F2C0186-0B96-4592-8B65-4876D07996B0} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{9363373F-515E-4511-847C-6170047297BB} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{A2F248F6-E97D-4553-9E1B-6044D6E34EE6} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{A6C85ED3-B423-4E31-897B-FD75FD0D4438} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{AEBB49F9-F7F9-46EA-994D-52D37EC6B8B6} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{AECC7963-B08A-4DCD-87F4-DC83F5ACD897} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{B02A268A-56D4-4D3C-9FA1-F2A827578094} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{B30A8128-D265-4102-A362-27053F929EF4} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{BDCDFBC5-3ABB-41FE-8ED9-622F2A28EF2F} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{BF8E800A-FA45-4D13-8655-435C6CABF341} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{D19D4315-0E5A-4D77-8AF8-A817D2FC17FF} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{D584F1A2-84AC-49F4-9AD5-EB78B649277E} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{DE3F089A-2A53-4C9B-AC30-312124FBB1FD} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{E8814788-3B5F-4E50-AAE4-59C4CFA2D4FD} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{ED875595-D9FE-4C9D-AAE4-1D915811EDB5} Successfully deleted: [Empty Folder] C:Usershungkeongappdatalocal{F64B98D9-DC77-45B2-A9E5-ADA2109E9D30} Successfully deleted: [Folder] "C:ProgramDataAskPartnerNetwork" Successfully deleted: [Folder] "C:Program Files (x86)askpartnernetwork" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 11/11/2013 Mon at 19:21:28.07 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  12. Hello,I was told to post log information here.Would appreciate the help. Original thread is HERE. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.05.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 hungkeong :: HUNGKEONG-PC [administrator] 11/8/2013 8:32:29 PM mbam-log-2013-11-08 (20-32-29).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 215089 Time elapsed: 10 minute(s), 55 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 17 HKCRCLSID{5FA96DC4-5105-1832-7EF2-284DC394AE06} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5FA96DC4-5105-1832-7EF2-284DC394AE06} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{5FA96DC4-5105-1832-7EF2-284DC394AE06} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{5FA96DC4-5105-1832-7EF2-284DC394AE06} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{5FA96DC4-5105-1832-7EF2-284DC394AE06} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKCRTypeLib{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKCRInterface{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. HKCRCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully. HKCRCLSID{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully. HKCRTypeLib{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully. HKCRInterface{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully. HKCRUpdater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully. HKCRUpdater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully. HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. HKCUSOFTWAREMicrosoftWindowsCurrentVersionUninstallPriceFinder (PUP.Optional.PriceFinder.A) -> Quarantined and deleted successfully. HKCUSoftwareAppDataLowSProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bad: (c:progra~2psupportpsupport.dll) Good: () -> Quarantined and repaired successfully. Folders Detected: 1 C:ProgramDataShoppingChip (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. Files Detected: 9 C:Program Files (x86)PSupportpsupport.dll (PUP.Optional.SProtect.A) -> Quarantined and deleted successfully. C:ProgramDataShoppingChipD.dll (PUP.Optional.Multiplug) -> Quarantined and deleted successfully. C:UsershungkeongAppDataLocalSwvUpdaterUpdater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully. C:ProgramDataShoppingChipXB.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. C:UsershungkeongAppDataRoamingPriceFinderPriceFinderUninstall.exe (PUP.Optional.PriceFinder.A) -> Quarantined and deleted successfully. C:WindowsTasksAmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully. C:ProgramDataShoppingChipD.dat (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. C:ProgramDataShoppingChipD.tlb (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. C:ProgramDataShoppingChipXB.dat (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully. (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 Run by hungkeong at 21:15:24 on 2013-11-10 Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.1639.564 [GMT -6:00] . AV: AVG AntiVirus Free Edition 2014 *Disabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2014 *Disabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:windowssystem32lsm.exe C:windowssystem32svchost.exe -k DcomLaunch C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe C:windowssystem32svchost.exe -k RPCSS C:windowssystem32atiesrxx.exe C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:windowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:windowssystem32svchost.exe -k LocalService C:windowssystem32svchost.exe -k netsvcs C:windowssystem32svchost.exe -k NetworkService C:windowssystem32atieclxx.exe C:windowsSystem32spoolsv.exe C:windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program Files (x86)AskPartnerNetworkToolbarapnmcp.exe C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesBonjourmDNSResponder.exe C:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe C:windowssystem32svchost.exe -k imgsvc C:windowssystem32TODDSrv.exe C:Program FilesTOSHIBAPower SaverTosCoSrv.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:windowssystem32taskhost.exe C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe C:windowssystem32Dwm.exe C:windowsExplorer.EXE C:windowssystem32taskeng.exe C:Program Files (x86)ExpressFilesEFUpdater.exe C:Program FilesElantechETDCtrl.exe C:Program FilesTOSHIBAPower SaverTPwrMain.exe C:Program FilesTOSHIBASmoothViewSmoothView.exe C:Program FilesTOSHIBAFlashCardsTCrdMain.exe C:Program FilesTOSHIBABulletinBoardTosNcCore.exe C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe C:Program Files (x86)ToshibaTOSHIBA Service StationToshibaServiceStation.exe C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe C:Program FilesElantechETDCtrlHelper.exe C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe C:windowssystem32SearchIndexer.exe C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe C:windowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe C:windowsSysWOW64svchost.exe -k PPTVServiceGroup C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe C:Program Files (x86)AVGAVG2014avgwdsvc.exe C:Program Files (x86)AVGAVG2014avgrsa.exe C:Program Files (x86)AVGAVG2014avgcsrva.exe C:Program Files (x86)AVGAVG2014avgui.exe C:Program Files (x86)AVGAVG2014avgcfgex.exe C:windowssystem32svchost.exe -k SDRSVC C:windowssystem32taskeng.exe C:windowssystem32wbemwmiprvse.exe C:windowsSystem32cscript.exe . ============== Pseudo HJT Report =============== . uProxyOverride = <local>;*.local mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll BHO: MP3 Rocket Toolbar: {4D503352-5636-006A-76A7-7A786E7484D7} - BHO: Price Finder: {6E89E1D3-C66F-41C4-A648-CD91544E99C3} - C:UsershungkeongAppDataRoamingPriceFinderPriceFinderHelper.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitAdvanced SystemCare 6BrowerProtectASCPlugin_Protection.dll BHO: MP3 Rocket Downloader: {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll TB: MP3 Rocket Toolbar: {4D503352-5636-006A-76A7-7A786E7484D7} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll uRun: [PPAP] "C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe" -background mRun: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun mRun: [ToshibaServiceStation] "C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:Program Files (x86)ToshibaToshiba Online BackupActivationTOBuActivation.exe" UNATTENDED mRun: [ToshibaAppPlace] "C:Program Files (x86)ToshibaToshiba App PlaceToshibaAppPlace.exe" mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" mRun: [AVG_UI] "C:Program Files (x86)AVGAVG2014avgui.exe" /TRAYONLY mRunOnce: [ (A0)] cmd /c "C:Program Files (x86)PCCleanupMalwareanirootmbarmbar.exe" /rdv /s mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll IE: {95B3F550-91C4-4627-BCC4-521288C52977} - C:Program Files (x86)PPLivePPTVPPLive.exe TCP: NameServer = 24.217.0.5 24.217.201.67 24.247.15.53 TCP: Interfaces{57DF6F4C-67B2-4938-8EB0-895424294F74} : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53 TCP: Interfaces{57DF6F4C-67B2-4938-8EB0-895424294F74}2375942554539393 : DHCPNameServer = 192.168.1.254 TCP: Interfaces{57DF6F4C-67B2-4938-8EB0-895424294F74}86D28405D275962756C6563737 : DHCPNameServer = 172.16.0.1 TCP: Interfaces{C4E1C05F-BDFC-418A-B6EE-16F0ED4E8EF0} : DHCPNameServer = 10.177.0.34 10.168.183.116 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication30.0.1599.101Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: MP3 Rocket Toolbar: {4D503352-5636-006A-76A7-7A786E7484D7} - x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll x64-TB: MP3 Rocket Toolbar: {4D503352-5636-006A-76A7-7A786E7484D7} - x64-Run: [smartAudio] C:Program FilesCONEXANTSAIISAIICpl.exe /t x64-Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe x64-Run: [smartFaceVWatcher] C:Program Files (x86)ToshibaSmartFaceVSmartFaceVWatcher.exe x64-Run: [TPwrMain] C:Program Files (x86)TOSHIBAPower SaverTPwrMain.EXE x64-Run: [smoothView] C:Program Files (x86)ToshibaSmoothViewSmoothView.exe x64-Run: [00TCrdMain] C:Program Files (x86)TOSHIBAFlashCardsTCrdMain.exe x64-Run: [TosVolRegulator] C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe x64-Run: [TosSENotify] C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe x64-Run: [TosNC] C:Program Files (x86)ToshibaBulletinBoardTosNcCore.exe x64-Run: [TosReelTimeMonitor] C:Program Files (x86)TOSHIBAReelTimeTosReelTimeMonitor.exe x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:windowsSystem32driversamd_sata.sys [2011-5-16 75904] R0 amd_xata;amd_xata;C:windowsSystem32driversamd_xata.sys [2011-5-16 38016] R0 AVGIDSHA;AVGIDSHA;C:windowsSystem32driversavgidsha.sys [2013-9-2 192824] R0 Avgloga;AVG Logging Driver;C:windowsSystem32driversavgloga.sys [2013-9-2 294712] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:windowsSystem32driversavgmfx64.sys [2013-8-20 123704] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:windowsSystem32driversavgrkx64.sys [2013-9-8 31544] R1 Avgdiska;AVG Disk Driver;C:windowsSystem32driversavgdiska.sys [2013-9-25 148792] R1 AVGIDSDriver;AVGIDSDriver;C:windowsSystem32driversavgidsdrivera.sys [2013-9-2 241464] R1 Avgldx64;AVG AVI Loader Driver;C:windowsSystem32driversavgldx64.sys [2013-9-2 212280] R1 Avgtdia;AVG TDI Driver;C:windowsSystem32driversavgtdia.sys [2013-8-1 251192] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:Program Files (x86)IObitAdvanced SystemCare 6ASCService.exe [2013-11-7 574272] R2 AMD External Events Utility;AMD External Events Utility;C:windowsSystem32atiesrxx.exe [2011-5-16 203776] R2 APNMCP;Ask Update Service;C:Program Files (x86)AskPartnerNetworkToolbarapnmcp.exe [2013-10-16 166352] R2 PCCUJobMgr;Common Client Job Manager Service;C:Program Files (x86)Norton PC CheckupEngine2.0.10.26ccSvcHst.exe [2012-6-14 126392] R2 PPTVService;PPTVService;C:windowsSystem32svchost.exe -k PPTVServiceGroup [2009-7-13 27136] R3 ETD;ELAN PS/2 Port Input Device;C:windowsSystem32driversETD.sys [2010-11-11 137512] R3 FwLnk;FwLnk Driver;C:windowsSystem32driversFwLnk.sys [2011-5-16 9216] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:windowsSystem32driversL1C62x64.sys [2010-9-27 76912] R3 mbamchameleon;mbamchameleon;C:windowsSystem32driversmbamchameleon.sys [2013-11-8 91352] R3 PGEffect;Pangu effect driver;C:windowsSystem32driversPGEffect.sys [2011-5-16 38096] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:windowsSystem32driversrtl8192ce.sys [2011-5-16 1109096] R3 TMachInfo;TMachInfo;C:Program Files (x86)ToshibaTOSHIBA Service StationTMachInfo.exe [2011-5-16 51576] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2013-9-5 171680] S3 fssfltr;fssfltr;C:windowsSystem32driversfssfltr.sys [2012-11-20 57856] S3 fsssvc;Windows Live Family Safety Service;C:Program Files (x86)Windows LiveFamily Safetyfsssvc.exe [2012-9-12 1512448] S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072] S3 MEMSWEEP2;MEMSWEEP2;C:windowsSystem3219C8.tmp [2013-11-8 6144] S3 Netaapl;Apple Mobile Device Ethernet Service;C:windowsSystem32driversnetaapl64.sys [2011-8-2 22528] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:windowsSystem32driversRtsUStor.sys [2011-5-16 243712] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:windowsSystem32driversssadbus.sys [2011-5-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:windowsSystem32driversssadmdfl.sys [2011-5-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:windowsSystem32driversssadmdm.sys [2011-5-13 177640] S3 TsUsbFlt;TsUsbFlt;C:windowsSystem32driversTsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:windowsSystem32driversTsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:windowsSystem32driversusbaapl64.sys [2012-12-13 54784] . =============== Created Last 30 ================ . 2013-11-09 23:25:44 -------- d-----w- C:UsershungkeongAppDataRoamingAVG2014 2013-11-09 23:23:53 -------- d-----w- C:UsershungkeongAppDataRoamingTuneUp Software 2013-11-09 23:20:56 -------- d--h--w- C:$AVG 2013-11-09 23:20:55 -------- d-----w- C:ProgramDataAVG2014 2013-11-09 23:19:04 -------- d-----w- C:Program Files (x86)AVG 2013-11-09 04:19:09 116440 ----a-w- C:windowsSystem32driversMBAMSwissArmy.sys 2013-11-09 04:19:09 -------- d-----w- C:ProgramDataMalwarebytes' Anti-Malware (portable) 2013-11-09 04:18:26 91352 ----a-w- C:windowsSystem32driversmbamchameleon.sys 2013-11-09 03:27:17 6144 ------w- C:windowsSystem3219C8.tmp 2013-11-09 03:23:03 6144 ------w- C:windowsSystem32385E.tmp 2013-11-07 08:36:26 -------- d-----w- C:ProgramData{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-11-07 08:36:19 -------- d-----w- C:ProgramDataIObit 2013-11-07 08:36:18 -------- d-----w- C:UsershungkeongAppDataRoamingIObit 2013-11-07 08:36:03 -------- d-----w- C:Program Files (x86)IObit 2013-11-07 08:31:22 -------- d-----w- C:UsershungkeongAppDataRoamingSUPERAntiSpyware.com 2013-11-07 08:31:22 -------- d-----w- C:ProgramDataSUPERAntiSpyware.com 2013-11-07 07:40:58 10280728 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{AEBA6D42-91C5-4B4A-BEF9-BD1FD59A67F4}mpengine.dll 2013-11-07 07:14:54 -------- d--h--w- C:ProgramDataCommon Files 2013-11-07 07:14:54 -------- d-----w- C:UsershungkeongAppDataLocalMFAData 2013-11-07 07:14:54 -------- d-----w- C:UsershungkeongAppDataLocalAvg2014 2013-11-07 07:14:54 -------- d-----w- C:ProgramDataMFAData 2013-11-07 06:56:48 -------- d-----w- C:Program Files (x86)PCCleanup 2013-11-05 07:12:30 -------- d-----w- C:windowsSystem32MpEngineStore 2013-11-05 06:53:24 -------- d-----w- C:windowsSystem32MRT 2013-10-26 06:18:23 -------- d-----w- C:Program Files (x86)PSupport 2013-10-26 06:15:33 -------- d-----w- C:Program Files (x86)Kozaka 2013-10-26 06:15:08 -------- d-----w- C:UsershungkeongAppDataRoamingExpressFiles 2013-10-26 06:15:08 -------- d-----w- C:Program Files (x86)ExpressFiles 2013-10-26 06:15:07 -------- d-----w- C:UsershungkeongAppDataLocalSwvUpdater . ==================== Find3M ==================== . 2013-10-09 03:39:26 71048 ----a-w- C:windowsSysWow64FlashPlayerCPLApp.cpl 2013-10-09 03:39:26 692616 ----a-w- C:windowsSysWow64FlashPlayerApp.exe 2013-09-26 03:07:30 148792 ----a-w- C:windowsSystem32driversavgdiska.sys 2013-09-22 23:28:06 1767936 ----a-w- C:windowsSysWow64wininet.dll 2013-09-22 23:27:49 2876928 ----a-w- C:windowsSysWow64jscript9.dll 2013-09-22 23:27:48 61440 ----a-w- C:windowsSysWow64iesetup.dll 2013-09-22 23:27:48 109056 ----a-w- C:windowsSysWow64iesysprep.dll 2013-09-22 22:55:10 2241024 ----a-w- C:windowsSystem32wininet.dll 2013-09-22 22:54:51 3959296 ----a-w- C:windowsSystem32jscript9.dll 2013-09-22 22:54:50 67072 ----a-w- C:windowsSystem32iesetup.dll 2013-09-22 22:54:50 136704 ----a-w- C:windowsSystem32iesysprep.dll 2013-09-21 03:38:39 2706432 ----a-w- C:windowsSystem32mshtml.tlb 2013-09-21 03:30:24 2706432 ----a-w- C:windowsSysWow64mshtml.tlb 2013-09-21 02:48:36 89600 ----a-w- C:windowsSystem32RegisterIEPKEYs.exe 2013-09-21 02:39:47 71680 ----a-w- C:windowsSysWow64RegisterIEPKEYs.exe 2013-09-14 01:10:19 497152 ----a-w- C:windowsSystem32driversafd.sys 2013-09-09 04:11:42 31544 ----a-w- C:windowsSystem32driversavgrkx64.sys 2013-09-08 02:30:37 1903552 ----a-w- C:windowsSystem32driverstcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:windowsSystem32mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:windowsSysWow64mswsock.dll 2013-09-04 12:12:11 343040 ----a-w- C:windowsSystem32driversusbhub.sys 2013-09-04 12:11:51 325120 ----a-w- C:windowsSystem32driversusbport.sys 2013-09-04 12:11:49 99840 ----a-w- C:windowsSystem32driversusbccgp.sys 2013-09-04 12:11:43 52736 ----a-w- C:windowsSystem32driversusbehci.sys 2013-09-04 12:11:43 30720 ----a-w- C:windowsSystem32driversusbuhci.sys 2013-09-04 12:11:42 25600 ----a-w- C:windowsSystem32driversusbohci.sys 2013-09-04 12:11:40 7808 ----a-w- C:windowsSystem32driversusbd.sys 2013-09-03 19:35:10 278800 ------w- C:windowsSystem32MpSigStub.exe 2013-09-02 16:59:14 212280 ----a-w- C:windowsSystem32driversavgldx64.sys 2013-09-02 16:29:18 294712 ----a-w- C:windowsSystem32driversavgloga.sys 2013-09-02 16:26:50 192824 ----a-w- C:windowsSystem32driversavgidsha.sys 2013-09-02 16:26:42 241464 ----a-w- C:windowsSystem32driversavgidsdrivera.sys 2013-08-29 02:17:48 5549504 ----a-w- C:windowsSystem32ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:windowsSystem32ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:windowsSystem32wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:windowsSystem32tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:windowsSystem32advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:windowsSysWow64ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:windowsSysWow64ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:windowsSysWow64wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:windowsSysWow64ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:windowsSysWow64tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:windowsSysWow64advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:windowsapppatchacwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:windowsSysWow64setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:windowsSysWow64instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:windowsSysWow64ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:windowsSysWow64user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:windowsSystem32win32k.sys 2013-08-28 01:12:33 461312 ----a-w- C:windowsSystem32scavengeui.dll 2013-08-21 04:53:58 123704 ----a-w- C:windowsSystem32driversavgmfx64.sys . ============= FINISH: 21:16:58.74 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 8/8/2011 12:53:15 AM System Uptime: 11/9/2013 7:50:05 PM (26 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: AMD C-50 Processor | Socket FT1 | 1000/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 220 GiB total, 159.841 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318} Description: CD-ROM Drive Device ID: SCSICDROM&VEN_TEAC&PROD_DV-W28S-VT4&354CA387&0&010000 Manufacturer: (Standard CD-ROM drives) Name: TEAC DV-W28S-VT SATA CdRom Device PNP Device ID: SCSICDROM&VEN_TEAC&PROD_DV-W28S-VT4&354CA387&0&010000 Service: cdrom . ==== System Restore Points =================== . RP198: 10/15/2013 10:06:25 PM - Windows Update RP199: 10/18/2013 10:39:36 PM - Windows Update RP200: 10/22/2013 11:05:21 PM - Windows Update RP201: 10/29/2013 10:39:12 PM - Windows Update RP202: 11/5/2013 12:44:56 AM - Windows Update RP203: 11/7/2013 1:42:02 AM - Installed AVG 2014 RP204: 11/7/2013 1:53:14 AM - Removed AVG 2014 RP205: 11/8/2013 10:43:26 PM - Malwarebytes Anti-Rootkit Restore Point RP206: 11/9/2013 5:18:01 PM - Installed AVG 2014 RP207: 11/9/2013 5:19:23 PM - Installed AVG 2014 . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X MUI Advanced SystemCare 6 Amazon Links Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver ATI Catalyst Install Manager AVG 2014 Bejeweled 3 Bonjour Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Conexant HD Audio D3DX10 ETDWare PS/2-X64 8.0.8.0_R01 ExpressFiles FATE - The Traitor Soul fTalk Google Chrome Google Toolbar for Internet Explorer Google Update Helper iCloud iLivid iTunes Java Auto Updater Java 6 Update 20 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update [email protected] 1.0 Malwarebytes Anti-Malware °æ±¾ 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Movie Maker MP3 Rocket MP3 Rocket Toolbar MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Penguins! Photo Common Photo Gallery Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Polar Bowler PPTV V3.3.2.0070 Product Support 1.74.b1377 QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek USB 2.0 Card Reader Realtek WLAN Driver RealUpgrade 1.1 Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Skype Click to Call Skype Launcher Skype 6.9 Sophos Anti-Rootkit 1.5.4 Tom Clancy's Splinter Cell Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller Toshiba Online Backup TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update Installer for WildTangent Games App Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables WildTangent Games WildTangent Games App (Toshiba Games) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WMV9/VC-1 Video Playback Zuma's Revenge ¦ÌTorrent . ==== Event Viewer Messages From Past Week ======== . 11/10/2013 9:16:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service. 11/10/2013 9:13:20 PM, Error: mbamchameleon [61703] - . ==== End Of File ===========================
  13. So I got my boss's computer and trying to clean it up for him.I have ran all the popular scans and only malwarebytes had found anything,it fixed 23 isssues. In task manager there are 20 dllhost.exe running from a ?globalrootdevice location,its all the same process and command line. The computer is a toshiba with windows 7 and 2gb memory and runs slower than my 5 year old laptop,I have done all I could for it, I need some expert help from you guys.Thanks let me know what to do please.
  14. Awesome game , looks good on 65" at 1080.The single player campaign is real short, took me 9.6hs recorded by steam. The multiplayer is where all the fun is tho , so many achievements to accomplish.
×
×
  • Create New...