Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #1  
Old September 18th, 2013, 01:47 PM
al Robin al Robin is offline
New Member
 
Join Date: Sep 2013
Posts: 1
web longfintuna net virus

How do I remove this virus. I have tried almost everything
Reply With Quote


  #2  
Old September 18th, 2013, 02:37 PM
Murf's Avatar
Murf Murf is offline
Moderator
 
Join Date: Oct 2001
O/S: Windows 7 64-bit
Location: Newport News VA
Posts: 15,623
Welcome to CTH

Moving this over to our Malware Removal Forum.
Reply With Quote
  #3  
Old September 19th, 2013, 08:25 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Hello, al Robin
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.



For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.
Reply With Quote
  #4  
Old September 24th, 2013, 03:23 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.logfintuna.net

ComboFix 13-09-24.02 - Dean C. Miller 09/24/2013 10:09:45.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8149.5728 [GMT -4:00]
Running from: c:\users\Dean C. Miller\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_ctypes.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_elementtree.p yd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_hashlib.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_multiprocessi ng.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_socket.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\_ssl.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\msvcp100.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\msvcr100.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\pyexpat.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\pysqlite2._sql ite.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\python27.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\pythoncom27.dl l
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\PyWinTypes27.d ll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\select.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\unicodedata.py d
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32api.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32com.shell .shell.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32crypt.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32event.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32file.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32inet.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32pdh.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32process.p yd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32profile.p yd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32security. pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\win32ts.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\windows._cache invalidation.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._controls_. pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._core_.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._gdi_.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._html2.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._misc_.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._windows_.p yd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wx._wizard.pyd
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxbase294u_net _vc90.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxbase294u_vc9 0.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxmsw294u_adv_ vc90.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxmsw294u_core _vc90.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxmsw294u_html _vc90.dll
c:\users\Dean C. Miller\AppData\Local\Temp\_MEI46122\wxmsw294u_webv iew_vc90.dll
c:\users\Dean C. Miller\AppData\Local\Temp\7zS2ACE\HPSLPSVC64.DLL
c:\users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk
c:\users\Dean C. Miller\Documents\Downloads\PowerPointViewer.exe
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _ctypes.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _elementtree.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _hashlib.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _multiprocessing.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _socket.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ _ssl.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ msvcp100.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ msvcr100.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ pyexpat.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ pysqlite2._sqlite.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ python27.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ pythoncom27.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ PyWinTypes27.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ select.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ unicodedata.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32api.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32com.shell.shell.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32crypt.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32event.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32file.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32inet.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32pdh.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32process.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32profile.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32security.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ win32ts.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ windows._cacheinvalidation.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._controls_.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._core_.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._gdi_.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._html2.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._misc_.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._windows_.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wx._wizard.pyd
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxbase294u_net_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxbase294u_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxmsw294u_adv_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxmsw294u_core_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxmsw294u_html_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\_MEI46122\ wxmsw294u_webview_vc90.dll
c:\users\DEANC~1.MIL\AppData\Local\Temp\7zS2ACE\HP SLPSVC64.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Files Created from 2013-08-24 to 2013-09-24 )))))))))))))))))))))))))))))))
.
.
2013-09-24 14:14 . 2013-09-24 14:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-23 13:15 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A465AD4-58CF-47D4-AFDC-3792B3B7BDBF}\mpengine.dll
2013-09-22 20:34 . 2013-09-22 20:34 -------- d-----w- C:\FRST
2013-09-22 06:06 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-12 07:08 . 2013-08-10 05:21 19246592 ----a-w- c:\windows\system32\mshtml.dll
2013-09-08 20:57 . 2013-09-08 20:56 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7D7C142-4C19-434B-B9E3-C68684D54112}\gapaengine.dll
2013-09-04 14:46 . 2013-09-04 14:46 -------- d-----w- c:\users\Dean C. Miller\AppData\Roaming\ZinioReader4
2013-09-04 14:44 . 2013-09-04 14:44 -------- d-----w- c:\program files (x86)\Zinio Reader 4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-09-12 07:07 . 2012-09-09 17:08 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-22 14:09 . 2012-10-02 14:11 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-02 01:48 . 2013-09-11 13:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 13:14 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 13:14 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 13:14 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 13:14 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 13:14 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 13:14 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 13:14 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 13:14 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 13:14 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 13:14 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 13:14 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 13:14 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 13:14 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 13:14 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 13:14 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2013-07-03 16:26 170840 ----a-w- c:\program files\Web Assistant\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-07 01:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-07 1519304]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-20 16:46 220632 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-20 16:46 220632 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-20 16:46 220632 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt.19.d ll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt.19.d ll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt.19.d ll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt.19.d ll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\GladinetIconOverlay]
@="{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}"
[HKEY_CLASSES_ROOT\CLSID\{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}]
2011-07-26 17:58 194416 ----a-w- c:\program files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\GladinetUploading]
@="{959A18D3-9CC9-41e8-B76F-34ED9A89D4EA}"
[HKEY_CLASSES_ROOT\CLSID\{959A18D3-9CC9-41e8-B76F-34ED9A89D4EA}]
2011-07-26 18:00 194416 ----a-w- c:\program files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-07-09 1093464]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
c:\users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Nuance Cloud Connector.lnk - c:\program files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe [2011-7-26 87920]
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaWiFi.exe -s [2012-8-31 2054144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/30 22:51;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\ program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\Common\RaMediaServer.exe;c:\program files (x86)\Ralink\Common\RaMediaServer.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\p rogram files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c :\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMo n.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\ windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c: \windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c: \windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\wi ndows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\ windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHl pa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\progra m files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\window s\SYSNATIVE\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\pro gram files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe ;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 CalendarSynchService;CalendarSynchService;c:\progr am files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.ex e;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.ex e [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe [x]
S2 GladFileMonSvc;GladFileMonSvc;c:\program files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe;c:\program files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\p rogram files (x86)\Ralink\Common\RaRegistry64.exe;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolb ars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c :\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c :\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c: \windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c: \windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sy s;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\ windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c: \windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 14:17 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Insta ller\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-24 c:\windows\Tasks\ErrorEND.job
- c:\program files\ErrorEND\ERROREND.exe [2013-01-28 11:11]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-28 21:12]
.
2013-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-28 21:12]
.
2013-09-24 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
2013-09-24 c:\windows\Tasks\HPCeeScheduleForDean C. Miller.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-20 16:46 244696 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-20 16:46 244696 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-20 16:46 244696 ----a-w- c:\users\Dean C. Miller\AppData\Local\Microsoft\SkyDrive\16.4.6013. 0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt64.19 .dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt64.19 .dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt64.19 .dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Dean C. Miller\AppData\Roaming\Dropbox\bin\DropboxExt64.19 .dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gl adinetIconOverlay]
@="{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}"
[HKEY_CLASSES_ROOT\CLSID\{3C3DC57A-7535-48AF-BB9E-C3576A4F34D0}]
2011-07-26 17:58 192368 ----a-w- c:\program files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gl adinetUploading]
@="{959A18D3-9CC9-41e8-B76F-34ED9A89D4EA}"
[HKEY_CLASSES_ROOT\CLSID\{959A18D3-9CC9-41e8-B76F-34ED9A89D4EA}]
2011-07-26 18:01 195440 ----a-w- c:\program files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" [2013-03-21 472992]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-21 1356240]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.charter.net/
uLocal Page = c:\windows\system32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\program files (x86)\Corel\WordPerfect Office X6\Programs\WPLauncher.hta
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{f897eb0e-a3a4-46c3-80eb-2729699d8892} - (no file)
Wow6432Node-HKCU-Run-OpAgent - OpAgent.exe
Wow6432Node-HKU-Default-Run-OpAgent - OpAgent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
WebBrowser-{F897EB0E-A3A4-46C3-80EB-2729699D8892} - (no file)
HKLM-Run-PasswordGenie - c:\program files (x86)\PasswordGenie\SCPGAgent.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p dfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00 ,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Ralink\Common\RaRegistry.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version8\tv_w32.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSy ncCalReminderApp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
************************************************** ************************
.
Completion time: 2013-09-24 10:22:06 - machine was rebooted
ComboFix-quarantined-files.txt 2013-09-24 14:22
.
Pre-Run: 867,862,667,264 bytes free
Post-Run: 867,277,869,056 bytes free
.
- - End Of File - - B8253DCA9C1C2DC68B5D88FEA4AE28A7
Reply With Quote
  #5  
Old September 25th, 2013, 07:23 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.




Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check
  • Click the button.
  • Accept any security warnings from your browser.
  • Check
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt


Also please post back with a fresh FRST logfile and tell me how the system is running.
Reply With Quote
  #6  
Old September 26th, 2013, 02:36 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.longfintuna.net problem

Malwarebytes Anti-Malware(PRO)1.75.0.1300
www.malwarebytes.org
Database version: v2013.09.24.10
windows 7 service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686
Dean C. Miller :: DCM-HOME2 [administrator]
Protection: Enabled
9/25/2013 5:12:24 PM
mbam-log-2013-09-25(17-12-24).txt
scan type : Quick scan
scan options enabled: Memory | Startup | Registry | File system
| Heuristics/Extra | Heuristics/shuriken | PUP | PUM | P2P
scan options disabled:
objects scanned: 208554
Time elapsed: 4 minutes), 51 second(s)
Memory Processes Detected: O
(No malicious items detected)
Memory Modules Detected: o
(No malicious items detected)
Registry Keys Detected: O
(No malicious items detected)
Registry values Detected: o
(No malicious items detected)
Registry Data Items Detected: O
(No malicious items detected)
Folders Detected: O
(No malicious items detected)
Files Detected: o
(No malicious items detected)
(end)

# AdwCleaner v3.005 - Report created 25/09/2013 at 18:41:20
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dean C. Miller - DCM-HOME2
# Running from : C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbhbgnpgkhbpdidkbgbhlmolp pnglog
Folder Found : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbhbgnpgkhbpdidkbgbhlmolp pnglog
Folder Found C:\Program Files (x86)\Ask.com
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\Program Files\Web Assistant
Folder Found C:\Users\Dean C. Miller\AppData\Local\apn
Folder Found C:\Users\Dean C. Miller\AppData\Local\Conduit
Folder Found C:\Users\Dean C. Miller\AppData\Local\cre
Folder Found C:\Users\Dean C. Miller\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Dean C. Miller\AppData\LocalLow\Conduit
Folder Found C:\Users\Dean C. Miller\AppData\Roaming\DriverCure
Folder Found C:\Users\Dean C. Miller\AppData\Roaming\DSite
Folder Found C:\Users\Dean C. Miller\AppData\Roaming\Searchprotect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Found : HKCU\Software\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uni nstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3061355
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcp jnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandi ngtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_R ASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_R ASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Web Assistant
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcp jnepmfjmngjenhhajpdfd
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : [x64] HKLM\SOFTWARE\Web Assistant
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8377 octets] - [25/09/2013 18:41:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8437 octets] ##########





C:\Users\Dean C. Miller\Downloads\APCO.exe a variant of Win32/Adware.RegistryMum application cleaned by deleting - quarantined
K:\WD SmartWare.swstor\DCM-HOME2\Volume.66e0c253.690b.46fd.8c87.1d7e31d6489e\ Users\Dean C. Miller\Downloads\Unconfirmed 619265.crdownload a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined
Reply With Quote
  #7  
Old September 26th, 2013, 03:04 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.longfintuna.com problem

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013
Ran by Dean C. Miller (administrator) on DCM-HOME2 on 26-09-2013 10:00:28
Running from C:\Users\Dean C. Miller\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(AMD) C:\windows\system32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Ralink Technology, Inc.) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
(Dropbox, Inc.) C:\Users\Dean C. Miller\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.ex e
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSy ncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Dean C. Miller\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [PasswordGenie] - C:\Program Files (x86)\PasswordGenie\SCPGAgent.exe
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-09] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
Startup: C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dean C. Miller\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charter.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.smilebox.com/?search={searchTerms}&loc=SB_IE_DS&a=6R8FtNieqw
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.smilebox.com/?search={searchTerms}&loc=SB_IE_DS&a=6R8FtNieqw
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 24.159.64.23 24.217.201.67 24.177.176.38

Chrome:
=======
CHR HomePage: hxxp://www.charter.net/
CHR RestoreOnStartup: "hxxp://www.charter.net/"
CHR DefaultSearchURL: (Charter.net) - http://www.charter.net/search/index.php?context=browser&q={searchTerms}
CHR DefaultSuggestURL: (Charter.net) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\gcswf 32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoo gleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.d ll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect32.dll (Adobe Systems)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Password Genie) - C:\Program Files (x86)\PasswordGenie\npPGPlugin\npPGPlugin.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp .dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0
CHR Extension: (Bazaar Friend) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\bmobdmpfgfimbnmhhnkmmecdbo blafdh\2.0.0.0_0
CHR Extension: (Google Search) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0
CHR Extension: (Bargain Workbench) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\gebcpofjimbbchggpnfcaiieol loeodp\1.4.1.0_0
CHR Extension: (Produtools Manuals 2.1 B2) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\ghbhbgnpgkhbpdidkbgbhlmolp pnglog\10.16.100.504_0
CHR Extension: (InfoBird Pro) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\icanoneicgaahjbilcgdmnhooc ddknbl\3.0.0.0_0
CHR Extension: (Real Summer Sale) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\lladpgmmlijbmhfknhgkenkhik oaapmj\5.0.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0
CHR HKLM\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\DEANC~1.MIL\AppData\Local\BazaarFriend.cr x
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\DEANC~1.MIL\AppData\Local\BargainWorkbenc h.crx
CHR HKLM\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\DEANC~1.MIL\AppData\Local\InfoBirdPro.crx
CHR HKLM\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\DEANC~1.MIL\AppData\Local\RealSummerSale. crx
CHR HKLM-x32\...\Chrome\Extension: [aaaappmhgaaggeoepicjahnbofmjacog] - C:\Users\Dean C. Miller\AppData\Local\APN\GoogleCRXs\aaaappmhgaagge oepicjahnbofmjacog_7.15.4.0.crx
CHR HKLM-x32\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\DEANC~1.MIL\AppData\Local\BazaarFriend.cr x
CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnp pbbb.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [efceifepimncccpgehonijdpjigknafn] - C:\Users\Dean C. Miller\AppData\Local\CRE\efceifepimncccpgehonijdpj igknafn.crx
CHR HKLM-x32\...\Chrome\Extension: [fnbkpfmaiilonimdcoakjfanfadchgkg] - C:\Program Files (x86)\PasswordGenie\chrome\passwordgenie.crx
CHR HKLM-x32\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\DEANC~1.MIL\AppData\Local\BargainWorkbenc h.crx
CHR HKLM-x32\...\Chrome\Extension: [ghbhbgnpgkhbpdidkbgbhlmolppnglog] - C:\Users\Dean C. Miller\AppData\Local\CRE\ghbhbgnpgkhbpdidkbgbhlmol ppnglog.crx
CHR HKLM-x32\...\Chrome\Extension: [hdbggdifiliciigeapkneofjhojnegng] - C:\Program Files (x86)\PasswordGenie\chrome\passwordgeniebutton.crx
CHR HKLM-x32\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\DEANC~1.MIL\AppData\Local\InfoBirdPro.crx
CHR HKLM-x32\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\DEANC~1.MIL\AppData\Local\RealSummerSale. crx
CHR HKLM-x32\...\Chrome\Extension: [phfmiknmhngmmlcppkpmbnopohlnfpbh] - C:\Users\Dean C. Miller\AppData\Local\CRE\phfmiknmhngmmlcppkpmbnopo hlnfpbh.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AdobeActiveFileMonitor10.0; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-15] (Adobe Systems Incorporated)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe [219480 2013-07-09] (Garmin Ltd or its subsidiaries)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-03-21] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-06-22] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-26 09:59 - 2013-09-26 09:59 - 01956432 _____ (Farbar) C:\Users\Dean C. Miller\Desktop\FRST64 (1).exe
2013-09-26 09:43 - 2013-09-26 09:43 - 01956432 _____ (Farbar) C:\Users\Dean C. Miller\Downloads\FRST64.exe
2013-09-25 22:02 - 2013-09-25 22:02 - 00008605 _____ C:\Users\Dean C. Miller\Desktop\AdwCleaner[R0].txt
2013-09-25 21:57 - 2013-09-25 21:57 - 00000348 _____ C:\Users\Dean C. Miller\Desktop\ESET.txt
2013-09-25 18:53 - 2013-09-25 18:53 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-25 18:52 - 2013-09-25 18:52 - 02347384 _____ (ESET) C:\Users\Dean C. Miller\Downloads\esetsmartinstaller_enu.exe
2013-09-25 18:40 - 2013-09-25 18:41 - 00000000 ____D C:\AdwCleaner
2013-09-25 18:40 - 2013-09-25 18:40 - 01042066 _____ C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
2013-09-25 10:41 - 2013-09-25 10:41 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-09-25 10:41 - 2012-10-04 19:49 - 00087152 _____ C:\windows\system32\cpwmon64.dll
2013-09-25 10:39 - 2013-09-25 10:40 - 02013504 _____ (Acro Software Inc. ) C:\Users\Dean C. Miller\Downloads\CuteWriter.exe
2013-09-24 14:36 - 2013-09-24 15:20 - 00011730 _____ C:\Users\Dean C. Miller\Documents\Bill thtru 11_01_13.xlsx
2013-09-24 10:22 - 2013-09-24 10:22 - 00032325 _____ C:\Users\Dean C. Miller\Desktop\ComboFix.txt
2013-09-24 10:07 - 2011-06-26 02:45 - 00256000 _____ C:\windows\PEV.exe
2013-09-24 10:07 - 2010-11-07 13:20 - 00208896 _____ C:\windows\MBR.exe
2013-09-24 10:07 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00098816 _____ C:\windows\sed.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00080412 _____ C:\windows\grep.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00068096 _____ C:\windows\zip.exe
2013-09-24 10:04 - 2013-09-24 10:22 - 00000000 ____D C:\Qoobox
2013-09-24 10:03 - 2013-09-24 10:21 - 00000000 ____D C:\windows\erdnt
2013-09-24 10:01 - 2013-09-24 10:01 - 05130004 ____R (Swearware) C:\Users\Dean C. Miller\Desktop\ComboFix.exe
2013-09-22 16:36 - 2013-09-22 16:37 - 00047892 _____ C:\Users\Dean C. Miller\Desktop\Addition.txt
2013-09-22 16:34 - 2013-09-22 16:34 - 00000000 ____D C:\FRST
2013-09-20 15:54 - 2013-09-20 15:54 - 00000053 _____ C:\Users\Dean C. Miller\Desktop\New TVCUC Website.url
2013-09-12 03:09 - 2013-08-10 01:22 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-12 03:09 - 2013-08-10 01:22 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-12 03:09 - 2013-08-10 01:22 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-12 03:09 - 2013-08-10 01:21 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-12 03:09 - 2013-08-10 01:21 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-12 03:09 - 2013-08-09 23:59 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-12 03:09 - 2013-08-09 23:59 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-12 03:09 - 2013-08-09 23:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-12 03:09 - 2013-08-09 23:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-12 03:09 - 2013-08-09 22:27 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:09 - 2013-08-09 22:17 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 03:08 - 2013-08-10 01:21 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-12 03:08 - 2013-08-09 23:58 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-11 09:34 - 2013-08-07 21:20 - 03155456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-11 09:34 - 2013-08-01 22:23 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-11 09:34 - 2013-08-01 22:15 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2013-09-11 09:34 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2013-09-11 09:34 - 2013-08-01 22:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2013-09-11 09:34 - 2013-08-01 22:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-11 09:34 - 2013-08-01 22:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:59 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-09-11 09:34 - 2013-08-01 21:59 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-09-11 09:34 - 2013-08-01 21:51 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-11 09:34 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-09-11 09:34 - 2013-08-01 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-09-11 09:34 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:34 - 2013-07-25 22:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-09-11 09:34 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-09-11 09:34 - 2013-07-25 21:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-09-11 09:34 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-09-07 09:38 - 2013-09-07 09:59 - 00000000 ____D C:\Users\Dean C. Miller\Desktop\Charter-Live
2013-09-07 02:00 - 2013-09-07 02:00 - 00072123 _____ C:\Users\Dean C. Miller\AppData\Local\CouponsMalibu.crx
2013-09-05 02:00 - 2013-08-22 02:00 - 00085126 _____ C:\Users\Dean C. Miller\AppData\Local\BargainWorkbench.crx
2013-09-04 10:49 - 2013-09-04 10:49 - 00857466 _____ C:\Users\Dean C. Miller\Documents\ZAM.air
2013-09-04 10:46 - 2013-09-04 10:46 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4
2013-09-04 10:44 - 2013-09-04 10:44 - 00000968 _____ C:\Users\Public\Desktop\Zinio Reader 4.lnk
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4.9310D8F796442B 71068C511E15D70529A702D19D.1
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2013-09-04 10:43 - 2013-09-04 10:43 - 05505155 _____ C:\Users\Dean C. Miller\Downloads\ZinioReader4.air
2013-09-03 15:14 - 2013-09-03 15:14 - 00784832 _____ (Google Inc.) C:\Users\Dean C. Miller\Downloads\googledrivesync.exe
2013-08-29 19:29 - 2013-08-29 19:29 - 00000149 _____ C:\Users\Dean C. Miller\Desktop\Yahoo! VCUC-BOD.url

==================== One Month Modified Files and Folders =======

2013-09-26 10:01 - 2012-09-09 15:08 - 00000274 _____ C:\windows\Tasks\HP Photo Creations Messager.job
2013-09-26 10:00 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 10:00 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-26 09:59 - 2013-09-26 09:59 - 01956432 _____ (Farbar) C:\Users\Dean C. Miller\Desktop\FRST64 (1).exe
2013-09-26 09:57 - 2012-09-07 13:39 - 01200730 _____ C:\windows\WindowsUpdate.log
2013-09-26 09:55 - 2012-09-08 16:36 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\gladinet
2013-09-26 09:54 - 2012-09-09 03:12 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Skype
2013-09-26 09:53 - 2013-04-28 16:11 - 00008192 _____ C:\windows\SysWOW64\WDPABKP.dat
2013-09-26 09:53 - 2012-09-28 17:13 - 00000000 ___RD C:\Users\Dean C. Miller\Google Drive
2013-09-26 09:53 - 2012-09-08 16:52 - 00000000 ___RD C:\Users\Dean C. Miller\Dropbox
2013-09-26 09:53 - 2012-09-07 18:45 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Dropbox
2013-09-26 09:52 - 2013-07-11 03:32 - 00003166 _____ C:\windows\setupact.log
2013-09-26 09:52 - 2012-09-28 17:12 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 09:52 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-26 09:51 - 2013-08-11 12:39 - 00046036 _____ C:\windows\PFRO.log
2013-09-26 09:43 - 2013-09-26 09:43 - 01956432 _____ (Farbar) C:\Users\Dean C. Miller\Downloads\FRST64.exe
2013-09-26 09:42 - 2012-09-26 10:57 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\CrashDumps
2013-09-26 09:25 - 2012-09-28 17:12 - 00000914 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-26 09:20 - 2012-09-07 15:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Windows Live
2013-09-26 09:16 - 2012-09-15 18:18 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\CutePDF Writer
2013-09-26 02:00 - 2012-09-07 13:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Adobe
2013-09-25 22:02 - 2013-09-25 22:02 - 00008605 _____ C:\Users\Dean C. Miller\Desktop\AdwCleaner[R0].txt
2013-09-25 21:57 - 2013-09-25 21:57 - 00000348 _____ C:\Users\Dean C. Miller\Desktop\ESET.txt
2013-09-25 18:53 - 2013-09-25 18:53 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-25 18:52 - 2013-09-25 18:52 - 02347384 _____ (ESET) C:\Users\Dean C. Miller\Downloads\esetsmartinstaller_enu.exe
2013-09-25 18:41 - 2013-09-25 18:40 - 00000000 ____D C:\AdwCleaner
2013-09-25 18:40 - 2013-09-25 18:40 - 01042066 _____ C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
2013-09-25 11:31 - 2012-08-31 01:54 - 00000000 ____D C:\ProgramData\PDFC
2013-09-25 11:24 - 2009-07-13 23:20 - 00000000 ____D C:\windows\rescache
2013-09-25 10:46 - 2009-07-14 01:32 - 00000000 ____D C:\windows\system32\FxsTmp
2013-09-25 10:41 - 2013-09-25 10:41 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-09-25 10:40 - 2013-09-25 10:39 - 02013504 _____ (Acro Software Inc. ) C:\Users\Dean C. Miller\Downloads\CuteWriter.exe
2013-09-25 10:13 - 2012-09-07 13:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\PDFC
2013-09-24 15:20 - 2013-09-24 14:36 - 00011730 _____ C:\Users\Dean C. Miller\Documents\Bill thtru 11_01_13.xlsx
2013-09-24 10:22 - 2013-09-24 10:22 - 00032325 _____ C:\Users\Dean C. Miller\Desktop\ComboFix.txt
2013-09-24 10:22 - 2013-09-24 10:04 - 00000000 ____D C:\Qoobox
2013-09-24 10:22 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Default
2013-09-24 10:21 - 2013-09-24 10:03 - 00000000 ____D C:\windows\erdnt
2013-09-24 10:18 - 2009-07-13 22:34 - 00000215 _____ C:\windows\system.ini
2013-09-24 10:17 - 2012-09-08 16:38 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForDean C. Miller.job
2013-09-24 10:15 - 2009-07-13 22:34 - 84672512 _____ C:\windows\system32\config\SOFTWARE.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 44040192 _____ C:\windows\system32\config\components.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 15990784 _____ C:\windows\system32\config\SYSTEM.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\SAM.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\DEFAULT.bak
2013-09-24 10:14 - 2012-09-07 13:52 - 00000000 ___RD C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-24 10:01 - 2013-09-24 10:01 - 05130004 ____R (Swearware) C:\Users\Dean C. Miller\Desktop\ComboFix.exe
2013-09-24 10:00 - 2012-09-08 16:38 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForDean C. Miller
2013-09-24 09:59 - 2013-01-08 06:35 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED. txt
2013-09-24 09:59 - 2012-09-08 16:38 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-09-24 09:58 - 2012-09-08 16:36 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\HP Support Assistant
2013-09-24 09:58 - 2012-09-08 14:43 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\HpUpdate
2013-09-23 14:29 - 2013-03-24 20:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-22 16:37 - 2013-09-22 16:36 - 00047892 _____ C:\Users\Dean C. Miller\Desktop\Addition.txt
2013-09-22 16:34 - 2013-09-22 16:34 - 00000000 ____D C:\FRST
2013-09-22 02:00 - 2013-08-06 14:57 - 00000111 _____ C:\Users\Dean C. Miller\AppData\Roaming\WB.CFG
2013-09-22 02:00 - 2013-08-06 14:57 - 00000005 _____ C:\Users\Dean C. Miller\AppData\Roaming\WBPU-TTL.DAT
2013-09-20 15:54 - 2013-09-20 15:54 - 00000053 _____ C:\Users\Dean C. Miller\Desktop\New TVCUC Website.url
2013-09-19 13:22 - 2012-09-09 16:43 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Microsoft Help
2013-09-12 03:29 - 2012-09-07 13:52 - 00000000 ___RD C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 03:28 - 2009-07-14 00:45 - 00481272 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-12 03:08 - 2013-08-15 03:02 - 00000000 ____D C:\windows\system32\MRT
2013-09-12 03:07 - 2012-09-09 16:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:07 - 2012-09-09 13:08 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-11 16:21 - 2012-09-14 12:42 - 00000000 ____D C:\Users\Dean C. Miller\Documents\Docs_DCM
2013-09-11 12:42 - 2009-07-14 01:13 - 00778834 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-08 16:44 - 2012-09-07 13:43 - 00000000 ____D C:\Users\Dean C. Miller
2013-09-08 16:42 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-08 16:42 - 2009-07-13 23:20 - 00000000 ____D C:\windows\registration
2013-09-08 16:42 - 2009-07-13 23:20 - 00000000 ____D C:\windows\AppCompat
2013-09-07 09:59 - 2013-09-07 09:38 - 00000000 ____D C:\Users\Dean C. Miller\Desktop\Charter-Live
2013-09-07 02:00 - 2013-09-07 02:00 - 00072123 _____ C:\Users\Dean C. Miller\AppData\Local\CouponsMalibu.crx
2013-09-05 09:01 - 2013-06-17 09:49 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\SearchProtect
2013-09-05 09:01 - 2013-06-17 09:49 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-09-05 09:01 - 2012-09-17 17:14 - 00000000 ____D C:\Program Files\Web Assistant
2013-09-04 10:49 - 2013-09-04 10:49 - 00857466 _____ C:\Users\Dean C. Miller\Documents\ZAM.air
2013-09-04 10:46 - 2013-09-04 10:46 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4
2013-09-04 10:44 - 2013-09-04 10:44 - 00000968 _____ C:\Users\Public\Desktop\Zinio Reader 4.lnk
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4.9310D8F796442B 71068C511E15D70529A702D19D.1
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2013-09-04 10:44 - 2012-09-07 13:56 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Adobe
2013-09-04 10:43 - 2013-09-04 10:43 - 05505155 _____ C:\Users\Dean C. Miller\Downloads\ZinioReader4.air
2013-09-03 15:14 - 2013-09-03 15:14 - 00784832 _____ (Google Inc.) C:\Users\Dean C. Miller\Downloads\googledrivesync.exe
2013-09-02 19:30 - 2012-08-31 01:43 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-09-02 14:58 - 2012-08-31 01:52 - 00000000 ____D C:\ProgramData\Skype
2013-08-29 19:29 - 2013-08-29 19:29 - 00000149 _____ C:\Users\Dean C. Miller\Desktop\Yahoo! VCUC-BOD.url

Some content of TEMP:
====================
C:\Users\Dean C. Miller\AppData\Local\Temp\converter.exe
C:\Users\Dean C. Miller\AppData\Local\Temp\ICReinstall_ZipExtractor Setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 00:44

==================== End Of Log ============================
Reply With Quote
  #8  
Old September 27th, 2013, 07:20 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Please re-run AdwCleaner and klick delete/clean. Logfile only shows a run with search option.
Reply With Quote
  #9  
Old September 27th, 2013, 01:36 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.longfintuna.com problem

# AdwCleaner v3.005 - Report created 27/09/2013 at 08:32:50
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dean C. Miller - DCM-HOME2
# Running from : C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Users\Dean C. Miller\AppData\Local\apn
Folder Deleted : C:\Users\Dean C. Miller\AppData\Local\Conduit
Folder Deleted : C:\Users\Dean C. Miller\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dean C. Miller\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Dean C. Miller\AppData\Roaming\DSite
Folder Deleted : C:\Users\Dean C. Miller\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbhbgnpgkhbpdidkbgbhlmolp pnglog
[!] Folder Deleted : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbhbgnpgkhbpdidkbgbhlmolp pnglog
File Deleted : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcp jnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcp jnepmfjmngjenhhajpdfd
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ghbhbgnpgkh bpdidkbgbhlmolppnglog
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandi ngtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_R ASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_R ASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3061355
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uni nstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Dean C. Miller\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8605 octets] - [25/09/2013 18:41:20]
AdwCleaner[R1].txt - [9148 octets] - [27/09/2013 08:31:42]
AdwCleaner[S0].txt - [8230 octets] - [27/09/2013 08:32:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8290 octets] ##########
Reply With Quote
  #10  
Old September 27th, 2013, 05:56 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Perfect, now please post a fresh FRST logfile and tell me how the system is running.
Reply With Quote
  #11  
Old September 27th, 2013, 07:29 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.longfintuna.com problem

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013
Ran by Dean C. Miller (administrator) on DCM-HOME2 on 27-09-2013 14:23:55
Running from C:\Users\Dean C. Miller\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(AMD) C:\windows\system32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Ralink Technology, Inc.) C:\Program Files (x86)\Ralink\Common\RaWiFi.exe
(Dropbox, Inc.) C:\Users\Dean C. Miller\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.ex e
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSy ncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [PasswordGenie] - C:\Program Files (x86)\PasswordGenie\SCPGAgent.exe
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-07-09] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
Startup: C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Dean C. Miller\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charter.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox
SearchScopes: HKLM - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=I E-SearchBox
SearchScopes: HKCU - {A798BEEC-A934-40B2-ABED-FA04EE3A88E4} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 24.159.64.23 24.217.201.67 24.177.176.38

Chrome:
=======
CHR HomePage: hxxp://www.charter.net/
CHR RestoreOnStartup: "hxxp://www.charter.net/"
CHR DefaultSearchURL: (Charter.net) - http://www.charter.net/search/index.php?context=browser&q={searchTerms}
CHR DefaultSuggestURL: (Charter.net) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\gcswf 32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoo gleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.d ll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect32.dll (Adobe Systems)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Password Genie) - C:\Program Files (x86)\PasswordGenie\npPGPlugin\npPGPlugin.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp .dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0
CHR Extension: (Bazaar Friend) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\bmobdmpfgfimbnmhhnkmmecdbo blafdh\2.0.0.0_0
CHR Extension: (Google Search) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0
CHR Extension: (Bargain Workbench) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\gebcpofjimbbchggpnfcaiieol loeodp\1.4.1.0_0
CHR Extension: (InfoBird Pro) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\icanoneicgaahjbilcgdmnhooc ddknbl\3.0.0.0_0
CHR Extension: (Real Summer Sale) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\lladpgmmlijbmhfknhgkenkhik oaapmj\5.0.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\DEANC~1.MIL\AppData\Local\Google\Chrome\U ser Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0
CHR HKLM\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\DEANC~1.MIL\AppData\Local\BazaarFriend.cr x
CHR HKLM\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\DEANC~1.MIL\AppData\Local\BargainWorkbenc h.crx
CHR HKLM\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\DEANC~1.MIL\AppData\Local\InfoBirdPro.crx
CHR HKLM\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\DEANC~1.MIL\AppData\Local\RealSummerSale. crx
CHR HKLM-x32\...\Chrome\Extension: [aaaappmhgaaggeoepicjahnbofmjacog] - C:\Users\Dean C. Miller\AppData\Local\APN\GoogleCRXs\aaaappmhgaagge oepicjahnbofmjacog_7.15.4.0.crx
CHR HKLM-x32\...\Chrome\Extension: [bmobdmpfgfimbnmhhnkmmecdboblafdh] - C:\Users\DEANC~1.MIL\AppData\Local\BazaarFriend.cr x
CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnp pbbb.crx
CHR HKLM-x32\...\Chrome\Extension: [efceifepimncccpgehonijdpjigknafn] - C:\Users\Dean C. Miller\AppData\Local\CRE\efceifepimncccpgehonijdpj igknafn.crx
CHR HKLM-x32\...\Chrome\Extension: [fnbkpfmaiilonimdcoakjfanfadchgkg] - C:\Program Files (x86)\PasswordGenie\chrome\passwordgenie.crx
CHR HKLM-x32\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\DEANC~1.MIL\AppData\Local\BargainWorkbenc h.crx
CHR HKLM-x32\...\Chrome\Extension: [hdbggdifiliciigeapkneofjhojnegng] - C:\Program Files (x86)\PasswordGenie\chrome\passwordgeniebutton.crx
CHR HKLM-x32\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\DEANC~1.MIL\AppData\Local\InfoBirdPro.crx
CHR HKLM-x32\...\Chrome\Extension: [lladpgmmlijbmhfknhgkenkhikoaapmj] - C:\Users\DEANC~1.MIL\AppData\Local\RealSummerSale. crx
CHR HKLM-x32\...\Chrome\Extension: [phfmiknmhngmmlcppkpmbnopohlnfpbh] - C:\Users\Dean C. Miller\AppData\Local\CRE\phfmiknmhngmmlcppkpmbnopo hlnfpbh.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AdobeActiveFileMonitor10.0; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-15] (Adobe Systems Incorporated)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe [219480 2013-07-09] (Garmin Ltd or its subsidiaries)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-03-21] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-06-22] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-27 14:20 - 2013-09-27 14:20 - 01953854 _____ (Farbar) C:\Users\Dean C. Miller\Downloads\FRST64.exe
2013-09-27 08:29 - 2013-09-27 08:30 - 01042066 _____ C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
2013-09-25 18:53 - 2013-09-25 18:53 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-25 18:52 - 2013-09-25 18:52 - 02347384 _____ (ESET) C:\Users\Dean C. Miller\Downloads\esetsmartinstaller_enu.exe
2013-09-25 18:40 - 2013-09-27 08:33 - 00000000 ____D C:\AdwCleaner
2013-09-25 10:41 - 2013-09-25 10:41 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-09-25 10:41 - 2012-10-04 19:49 - 00087152 _____ C:\windows\system32\cpwmon64.dll
2013-09-25 10:39 - 2013-09-25 10:40 - 02013504 _____ (Acro Software Inc. ) C:\Users\Dean C. Miller\Downloads\CuteWriter.exe
2013-09-24 14:36 - 2013-09-24 15:20 - 00011730 _____ C:\Users\Dean C. Miller\Documents\Bill thtru 11_01_13.xlsx
2013-09-24 10:07 - 2011-06-26 02:45 - 00256000 _____ C:\windows\PEV.exe
2013-09-24 10:07 - 2010-11-07 13:20 - 00208896 _____ C:\windows\MBR.exe
2013-09-24 10:07 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00098816 _____ C:\windows\sed.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00080412 _____ C:\windows\grep.exe
2013-09-24 10:07 - 2000-08-30 20:00 - 00068096 _____ C:\windows\zip.exe
2013-09-24 10:04 - 2013-09-24 10:22 - 00000000 ____D C:\Qoobox
2013-09-24 10:03 - 2013-09-24 10:21 - 00000000 ____D C:\windows\erdnt
2013-09-24 10:01 - 2013-09-24 10:01 - 05130004 ____R (Swearware) C:\Users\Dean C. Miller\Downloads\ComboFix.exe
2013-09-22 16:34 - 2013-09-22 16:34 - 00000000 ____D C:\FRST
2013-09-20 15:54 - 2013-09-20 15:54 - 00000053 _____ C:\Users\Dean C. Miller\Desktop\New TVCUC Website.url
2013-09-12 03:09 - 2013-08-10 01:22 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-12 03:09 - 2013-08-10 01:22 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-12 03:09 - 2013-08-10 01:22 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-12 03:09 - 2013-08-10 01:21 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-12 03:09 - 2013-08-10 01:21 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-12 03:09 - 2013-08-10 01:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-12 03:09 - 2013-08-09 23:59 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-12 03:09 - 2013-08-09 23:59 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-12 03:09 - 2013-08-09 23:58 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-12 03:09 - 2013-08-09 23:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-12 03:09 - 2013-08-09 23:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-12 03:09 - 2013-08-09 22:27 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:09 - 2013-08-09 22:17 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 03:08 - 2013-08-10 01:21 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-12 03:08 - 2013-08-09 23:58 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-11 09:34 - 2013-08-07 21:20 - 03155456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-11 09:34 - 2013-08-01 22:23 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-11 09:34 - 2013-08-01 22:15 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-09-11 09:34 - 2013-08-01 22:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2013-09-11 09:34 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2013-09-11 09:34 - 2013-08-01 22:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2013-09-11 09:34 - 2013-08-01 22:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-11 09:34 - 2013-08-01 22:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:59 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-09-11 09:34 - 2013-08-01 21:59 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-09-11 09:34 - 2013-08-01 21:51 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2013-09-11 09:34 - 2013-08-01 21:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-11 09:34 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-09-11 09:34 - 2013-08-01 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-09-11 09:34 - 2013-08-01 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-09-11 09:34 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:34 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:34 - 2013-07-25 22:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-09-11 09:34 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-09-11 09:34 - 2013-07-25 21:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-09-11 09:34 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-09-07 09:38 - 2013-09-07 09:59 - 00000000 ____D C:\Users\Dean C. Miller\Desktop\Charter-Live
2013-09-07 02:00 - 2013-09-07 02:00 - 00072123 _____ C:\Users\Dean C. Miller\AppData\Local\CouponsMalibu.crx
2013-09-05 02:00 - 2013-08-22 02:00 - 00085126 _____ C:\Users\Dean C. Miller\AppData\Local\BargainWorkbench.crx
2013-09-04 10:49 - 2013-09-04 10:49 - 00857466 _____ C:\Users\Dean C. Miller\Documents\ZAM.air
2013-09-04 10:46 - 2013-09-04 10:46 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4
2013-09-04 10:44 - 2013-09-04 10:44 - 00000968 _____ C:\Users\Public\Desktop\Zinio Reader 4.lnk
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4.9310D8F796442B 71068C511E15D70529A702D19D.1
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2013-09-04 10:43 - 2013-09-04 10:43 - 05505155 _____ C:\Users\Dean C. Miller\Downloads\ZinioReader4.air
2013-09-03 15:14 - 2013-09-03 15:14 - 00784832 _____ (Google Inc.) C:\Users\Dean C. Miller\Downloads\googledrivesync.exe
2013-08-29 19:29 - 2013-08-29 19:29 - 00000149 _____ C:\Users\Dean C. Miller\Desktop\Yahoo! VCUC-BOD.url

==================== One Month Modified Files and Folders =======

2013-09-27 14:20 - 2013-09-27 14:20 - 01953854 _____ (Farbar) C:\Users\Dean C. Miller\Downloads\FRST64.exe
2013-09-27 14:03 - 2012-09-09 15:08 - 00000274 _____ C:\windows\Tasks\HP Photo Creations Messager.job
2013-09-27 13:42 - 2012-09-07 13:39 - 01512577 _____ C:\windows\WindowsUpdate.log
2013-09-27 13:25 - 2012-09-28 17:12 - 00000914 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-27 09:57 - 2012-09-07 15:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Windows Live
2013-09-27 08:43 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-27 08:43 - 2009-07-14 00:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-27 08:42 - 2012-09-09 03:12 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Skype
2013-09-27 08:38 - 2012-09-08 16:36 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\gladinet
2013-09-27 08:36 - 2013-04-28 16:11 - 00008192 _____ C:\windows\SysWOW64\WDPABKP.dat
2013-09-27 08:36 - 2012-09-08 16:52 - 00000000 ___RD C:\Users\Dean C. Miller\Dropbox
2013-09-27 08:36 - 2012-09-07 18:45 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Dropbox
2013-09-27 08:36 - 2012-08-31 01:54 - 00000000 ____D C:\ProgramData\PDFC
2013-09-27 08:35 - 2013-07-11 03:32 - 00003278 _____ C:\windows\setupact.log
2013-09-27 08:35 - 2012-09-28 17:13 - 00000000 ___RD C:\Users\Dean C. Miller\Google Drive
2013-09-27 08:35 - 2012-09-28 17:12 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-27 08:35 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-27 08:33 - 2013-09-25 18:40 - 00000000 ____D C:\AdwCleaner
2013-09-27 08:30 - 2013-09-27 08:29 - 01042066 _____ C:\Users\Dean C. Miller\Downloads\adwcleaner.exe
2013-09-27 08:19 - 2013-08-11 12:39 - 00047050 _____ C:\windows\PFRO.log
2013-09-27 02:00 - 2012-09-07 13:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Adobe
2013-09-26 09:42 - 2012-09-26 10:57 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\CrashDumps
2013-09-26 09:17 - 2012-09-15 18:18 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\CutePDF Writer
2013-09-25 18:53 - 2013-09-25 18:53 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-25 18:52 - 2013-09-25 18:52 - 02347384 _____ (ESET) C:\Users\Dean C. Miller\Downloads\esetsmartinstaller_enu.exe
2013-09-25 11:24 - 2009-07-13 23:20 - 00000000 ____D C:\windows\rescache
2013-09-25 10:46 - 2009-07-14 01:32 - 00000000 ____D C:\windows\system32\FxsTmp
2013-09-25 10:41 - 2013-09-25 10:41 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-09-25 10:40 - 2013-09-25 10:39 - 02013504 _____ (Acro Software Inc. ) C:\Users\Dean C. Miller\Downloads\CuteWriter.exe
2013-09-25 10:13 - 2012-09-07 13:52 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\PDFC
2013-09-24 15:20 - 2013-09-24 14:36 - 00011730 _____ C:\Users\Dean C. Miller\Documents\Bill thtru 11_01_13.xlsx
2013-09-24 10:22 - 2013-09-24 10:04 - 00000000 ____D C:\Qoobox
2013-09-24 10:22 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Default
2013-09-24 10:21 - 2013-09-24 10:03 - 00000000 ____D C:\windows\erdnt
2013-09-24 10:18 - 2009-07-13 22:34 - 00000215 _____ C:\windows\system.ini
2013-09-24 10:17 - 2012-09-08 16:38 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForDean C. Miller.job
2013-09-24 10:15 - 2009-07-13 22:34 - 84672512 _____ C:\windows\system32\config\SOFTWARE.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 44040192 _____ C:\windows\system32\config\components.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 15990784 _____ C:\windows\system32\config\SYSTEM.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\SAM.bak
2013-09-24 10:15 - 2009-07-13 22:34 - 00262144 _____ C:\windows\system32\config\DEFAULT.bak
2013-09-24 10:14 - 2012-09-07 13:52 - 00000000 ___RD C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-24 10:01 - 2013-09-24 10:01 - 05130004 ____R (Swearware) C:\Users\Dean C. Miller\Downloads\ComboFix.exe
2013-09-24 10:00 - 2012-09-08 16:38 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForDean C. Miller
2013-09-24 09:59 - 2013-01-08 06:35 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED. txt
2013-09-24 09:59 - 2012-09-08 16:38 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-09-24 09:58 - 2012-09-08 16:36 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\HP Support Assistant
2013-09-24 09:58 - 2012-09-08 14:43 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\HpUpdate
2013-09-23 14:29 - 2013-03-24 20:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-22 16:34 - 2013-09-22 16:34 - 00000000 ____D C:\FRST
2013-09-22 02:00 - 2013-08-06 14:57 - 00000111 _____ C:\Users\Dean C. Miller\AppData\Roaming\WB.CFG
2013-09-22 02:00 - 2013-08-06 14:57 - 00000005 _____ C:\Users\Dean C. Miller\AppData\Roaming\WBPU-TTL.DAT
2013-09-20 15:54 - 2013-09-20 15:54 - 00000053 _____ C:\Users\Dean C. Miller\Desktop\New TVCUC Website.url
2013-09-19 13:22 - 2012-09-09 16:43 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Local\Microsoft Help
2013-09-12 03:29 - 2012-09-07 13:52 - 00000000 ___RD C:\Users\Dean C. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 03:28 - 2009-07-14 00:45 - 00481272 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-12 03:08 - 2013-08-15 03:02 - 00000000 ____D C:\windows\system32\MRT
2013-09-12 03:07 - 2012-09-09 16:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:07 - 2012-09-09 13:08 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-11 16:21 - 2012-09-14 12:42 - 00000000 ____D C:\Users\Dean C. Miller\Documents\Docs_DCM
2013-09-11 12:42 - 2009-07-14 01:13 - 00778834 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-08 16:44 - 2012-09-07 13:43 - 00000000 ____D C:\Users\Dean C. Miller
2013-09-08 16:42 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-08 16:42 - 2009-07-13 23:20 - 00000000 ____D C:\windows\registration
2013-09-08 16:42 - 2009-07-13 23:20 - 00000000 ____D C:\windows\AppCompat
2013-09-07 09:59 - 2013-09-07 09:38 - 00000000 ____D C:\Users\Dean C. Miller\Desktop\Charter-Live
2013-09-07 02:00 - 2013-09-07 02:00 - 00072123 _____ C:\Users\Dean C. Miller\AppData\Local\CouponsMalibu.crx
2013-09-04 10:49 - 2013-09-04 10:49 - 00857466 _____ C:\Users\Dean C. Miller\Documents\ZAM.air
2013-09-04 10:46 - 2013-09-04 10:46 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4
2013-09-04 10:44 - 2013-09-04 10:44 - 00000968 _____ C:\Users\Public\Desktop\Zinio Reader 4.lnk
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\ZinioReader4.9310D8F796442B 71068C511E15D70529A702D19D.1
2013-09-04 10:44 - 2013-09-04 10:44 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2013-09-04 10:44 - 2012-09-07 13:56 - 00000000 ____D C:\Users\Dean C. Miller\AppData\Roaming\Adobe
2013-09-04 10:43 - 2013-09-04 10:43 - 05505155 _____ C:\Users\Dean C. Miller\Downloads\ZinioReader4.air
2013-09-03 15:14 - 2013-09-03 15:14 - 00784832 _____ (Google Inc.) C:\Users\Dean C. Miller\Downloads\googledrivesync.exe
2013-09-02 19:30 - 2012-08-31 01:43 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-09-02 14:58 - 2012-08-31 01:52 - 00000000 ____D C:\ProgramData\Skype
2013-08-29 19:29 - 2013-08-29 19:29 - 00000149 _____ C:\Users\Dean C. Miller\Desktop\Yahoo! VCUC-BOD.url

Some content of TEMP:
====================
C:\Users\Dean C. Miller\AppData\Local\Temp\converter.exe
C:\Users\Dean C. Miller\AppData\Local\Temp\ICReinstall_ZipExtractor Setup.exe
C:\Users\Dean C. Miller\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 00:44

==================== End Of Log ============================



System seems to be running fine. Haven't had "web.longfintuns.com" for three days. MalwareBytes-Pro is finding 6-8 PUP dailey and quarantines them.

Thanks Again,

Dean
Reply With Quote
  #12  
Old September 29th, 2013, 06:22 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Where did it find them?
Reply With Quote
  #13  
Old September 29th, 2013, 06:46 PM
Dean C Miller Dean C Miller is offline
CTH Subscriber
 
Join Date: Sep 2013
O/S: Windows 7 64-bit
Location: Lenoir City, TN
Posts: 10
Web.longfintuna.com problem

Sorry, Should have said "Had been finding" 6-8 per day". Haven't found any past week or so. I think you solved my problem whatever it was. Thanks again.

// Dean Miller
Reply With Quote
  #14  
Old September 30th, 2013, 08:02 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,438
Delete ComboFix and Clean Up
Click Start > Run > type combofix /Uninstall > OK (Note the space between combofix and /Uninstall)
Please advise if this step is missed for any reason as it performs some important actions.


  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.




Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it Clean

Hiding Hidden Files
Please set your system to hide all hidden files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, uncheck Show hidden files and folders.
Check: Hide file extensions for known file types
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.

Purging System Restore Points
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
One of the most common questions found when cleaning Spyware or other Malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are going to sites that you are not practicing Safe Internet, you are not running the proper security software, and that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer so that you will not be infected again in the future.


Practice Safe Internet

One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
  1. If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.

  2. If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.

  3. If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.

  4. If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.

    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites

  5. Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.

  6. Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.

  7. When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.

  8. Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

  9. Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.

  10. DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
Visit Microsoft's Windows Update Site Frequently

It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Make Internet Explorer 7 more secure
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialize and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.


If we have helped you, please consider supporting Cyber Tech Help with a subscription.
Reply With Quote
  #15  
Old October 3rd, 2013, 01:27 PM
ryancarter ryancarter is offline
New Member
 
Join Date: Sep 2013
Location: TX
Posts: 3
As per the CTH guidelines for the Malware Removal Forum shown Here, this post has been deleted. Members who have not been approved by the CTH Staff to provide infection removal/repair steps are prohibited from posting advice. Please disregard any information/steps that had been posted here.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 01:58 PM.