We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Somoto
billyolly
Posts: 175 Forumite
in Techie Stuff
Is there a program i can run to make sure Somoto is not running on my lap top.It ask me to down load it ,i didn't.I read its some sort of virus,i am I E 8 if that helps.Also i have a limited knowledge ,so a idiots guide would help.
0
Comments
-
Post me a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts).0 -
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686
Run by kevin powell at 18:18:51 on 2013-09-30
.
============== Running Processes ================
.
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\RpsSecurityAwareR.exe
C:\Program Files (x86)\Virgin Media\Service Manager\ServicepointService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Users\kevin powell\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\Rps.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Facebook Update] "C:\Users\kevin powell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\kevin powell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SDP] C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Virgin Media Security] "C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\RPS.exe" -set Silent "1" SplashURL ""
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ServiceManager.exe] "C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe" /AUTORUN
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342}\35B4953323730373 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342}\F42377962756C6563737930303247364 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8B41CF5D-9847-4CFE-A770-6D89861890D8} : DHCPNameServer = 194.168.4.100 194.168.8.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;SAMSUNG Android Composite ADB Interface Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
R? EgisTec Ticket Service;EgisTec Ticket Service
R? GamesAppIntegrationService;GamesAppIntegrationService
R? GamesAppService;GamesAppService
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
R? ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM)
R? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
R? ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.)
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? USBAAPL64;Apple Mobile USB Driver
R? WatAdminSvc;Windows Activation Technologies Service
R? WDC_SAM;WD SCSI Pass Thru driver
R? wlcrasvc;Windows Live Mesh remote connections service
S? Amsp;Trend Micro Solution Platform
S? DsiWMIService;Dritek WMI Service
S? ePowerSvc;Acer ePower Service
S? ETD;ELAN PS/2 Port Input Device
S? GREGService;GREGService
S? HECIx64;Intel(R) Management Engine Interface
S? IAStorDataMgrSvc;Intel(R) Rapid Storage Technology
S? Impcd;Impcd
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? Live Updater Service;Live Updater Service
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NTI IScheduleSvc;NTI IScheduleSvc
S? Radialpoint Security Services;Virgin Media Security
S? RapportCerberus_56758;RapportCerberus_56758
S? RapportEI64;RapportEI64
S? RapportKE64;RapportKE64
S? RapportMgmtService;Rapport Management Service
S? RapportPG64;RapportPG64
S? ServicepointService;ServicepointService
S? Skype C2C Service;Skype C2C Service
S? tmevtmgr;tmevtmgr
S? tmlwf;Trend Micro NDIS 6.0 Filter Driver
S? tmwfp;Trend Micro WFP Callout Driver
S? UNS;Intel(R) Management & Security Application User Notification Service
.
=============== Created Last 30 ================
.
2013-09-30 15:47:07
d-sh--w- C:\found.001
2013-09-26 11:32:52
d
w- C:\Program Files (x86)\Movies Toolbar
2013-09-26 11:32:51
d
w- C:\ProgramData\SafetyNut
2013-09-26 11:32:48
d
w- C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker
2013-09-25 18:56:38
d
w- C:\Users\kevin powell\AppData\Local\{FE764307-6207-4814-A602-5524514F7748}
2013-09-23 19:18:47
d
w- C:\Users\kevin powell\AppData\Roaming\Rainbow
2013-09-23 09:27:35
d-sh--w- C:\found.000
2013-09-19 14:00:05
d
w- C:\Users\kevin powell\AppData\Roaming\Legacy Games
2013-09-19 08:51:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-02 16:35:35
d
w- C:\Users\kevin powell\AppData\Roaming\ERS Game Studios
2013-08-31 17:23:39
d
w- C:\Users\kevin powell\AppData\Roaming\Nitreal Games
.
==================== Find3M ====================
.
2013-09-23 20:30:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 20:30:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-10 22:18:28 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 03:22:02 278800
w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-05 19:30:52 5401296 ----a-w- C:\ProgramData\pclunst.exe
.
============= FINISH: 18:19:51.56 ===============0 -
Thanks. Now post the contents of attach.txt0
-
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686
Run by kevin powell at 18:18:51 on 2013-09-30
.
============== Running Processes ================
.
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\RpsSecurityAwareR.exe
C:\Program Files (x86)\Virgin Media\Service Manager\ServicepointService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker\update_checker.exe
C:\Users\kevin powell\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\Rps.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kevin powell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Facebook Update] "C:\Users\kevin powell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "C:\Users\kevin powell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SDP] C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Virgin Media Security] "C:\Program Files (x86)\Virgin Media\Virgin Media Security\10.0.41.60198.1\RPS.exe" -set Silent "1" SplashURL ""
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ServiceManager.exe] "C:\Program Files (x86)\Virgin Media\Service Manager\ServiceManager.exe" /AUTORUN
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342}\35B4953323730373 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{6CFF031B-188F-4BC2-B664-BD01B6858342}\F42377962756C6563737930303247364 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8B41CF5D-9847-4CFE-A770-6D89861890D8} : DHCPNameServer = 194.168.4.100 194.168.8.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg32.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1505\6.6.1091\TmIEPlg.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R? androidusb;SAMSUNG Android Composite ADB Interface Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
R? EgisTec Ticket Service;EgisTec Ticket Service
R? GamesAppIntegrationService;GamesAppIntegrationService
R? GamesAppService;GamesAppService
R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader
R? SkypeUpdate;Skype Updater
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
R? ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM)
R? ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
R? ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.)
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? USBAAPL64;Apple Mobile USB Driver
R? WatAdminSvc;Windows Activation Technologies Service
R? WDC_SAM;WD SCSI Pass Thru driver
R? wlcrasvc;Windows Live Mesh remote connections service
S? Amsp;Trend Micro Solution Platform
S? DsiWMIService;Dritek WMI Service
S? ePowerSvc;Acer ePower Service
S? ETD;ELAN PS/2 Port Input Device
S? GREGService;GREGService
S? HECIx64;Intel(R) Management Engine Interface
S? IAStorDataMgrSvc;Intel(R) Rapid Storage Technology
S? Impcd;Impcd
S? k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0
S? Live Updater Service;Live Updater Service
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NTI IScheduleSvc;NTI IScheduleSvc
S? Radialpoint Security Services;Virgin Media Security
S? RapportCerberus_56758;RapportCerberus_56758
S? RapportEI64;RapportEI64
S? RapportKE64;RapportKE64
S? RapportMgmtService;Rapport Management Service
S? RapportPG64;RapportPG64
S? ServicepointService;ServicepointService
S? Skype C2C Service;Skype C2C Service
S? tmevtmgr;tmevtmgr
S? tmlwf;Trend Micro NDIS 6.0 Filter Driver
S? tmwfp;Trend Micro WFP Callout Driver
S? UNS;Intel(R) Management & Security Application User Notification Service
.
=============== Created Last 30 ================
.
2013-09-30 15:47:07
d-sh--w- C:\found.001
2013-09-26 11:32:52
d
w- C:\Program Files (x86)\Movies Toolbar
2013-09-26 11:32:51
d
w- C:\ProgramData\SafetyNut
2013-09-26 11:32:48
d
w- C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker
2013-09-25 18:56:38
d
w- C:\Users\kevin powell\AppData\Local\{FE764307-6207-4814-A602-5524514F7748}
2013-09-23 19:18:47
d
w- C:\Users\kevin powell\AppData\Roaming\Rainbow
2013-09-23 09:27:35
d-sh--w- C:\found.000
2013-09-19 14:00:05
d
w- C:\Users\kevin powell\AppData\Roaming\Legacy Games
2013-09-19 08:51:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-02 16:35:35
d
w- C:\Users\kevin powell\AppData\Roaming\ERS Game Studios
2013-08-31 17:23:39
d
w- C:\Users\kevin powell\AppData\Roaming\Nitreal Games
.
==================== Find3M ====================
.
2013-09-23 20:30:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 20:30:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-10 22:18:28 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 03:22:02 278800
w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-05 19:30:52 5401296 ----a-w- C:\ProgramData\pclunst.exe
.
============= FINISH: 18:19:51.56 ===============0 -
That's DDS.txt again, the other one is attach.txt0
-
.
==== Installed Programs ======================
.
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Registration
Acer ScreenSaver
Acer Updater
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01)
Amazing Adventures: Riddle of The Two Knights™
Amazon MP3 Downloader 1.0.9
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Backup Manager V3
Bonjour
Broadcom Gigabit NetLink Controller
clear.fi
clear.fi Client
Coupon Printer for Windows
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
eBay Worldwide
Eighteen Wheels of Steel: Extreme Trucker 2
ETDWare PS/2-X64 8.0.6.3_WHQL
Facebook Video Calling 1.2.0.287
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galeria fotogràfica del Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galer!a fotogr!fica de Windows Live
Gear Grinder
Google Chrome
Google Earth
Google Update Helper
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Deskjet 3050 J610 series Product Improvement Study
HP Photo Creations
HP Update
iCloud
Identity Card
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
iTunes
Jane Austen's Estate of Affairs
Junk Mail filter update
Kobo
Launch Manager
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
MyTomTom 3.2.0.1116
MyWinLocker
MyWinLocker 4
MyWinLocker Suite
NTI Media Maker 9
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Pošta Windows Live
QuickTime
Raccolta foto di Windows Live
Rapport
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Rush for Gold Alaska
S?????? f?t???af??? t?? Windows Live
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
Shared C Run-time for x64
Shredder
Skype Click to Call
Skype™ 6.6
The Snow
Trusteer Endpoint Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update Installer for WildTangent Games App
Virgin Media Security
Virgin Media Service Manager 4.1.18
Virtual Families
Visual Studio C++ 10.0 Runtime
Welcome Center
WildTangent Games
WildTangent Games App
Windows Live
Windows Live ???
Windows Live ????
Windows Live Argazki Galeria
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fot!t!r
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogal!ria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Player Firefox Plugin
.
==== End Of File ===========================0 -
These are the problem entries by the looks of it.2013-09-26 11:32:52
d
w- C:\Program Files (x86)\Movies Toolbar
2013-09-26 11:32:51
d
w- C:\ProgramData\SafetyNut
2013-09-26 11:32:48
d
w- C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker
Download AdwCleaner from the link below & save it to your desktop.
LINK
If you don't save it to your desktop, look in:
C:\Users\kevin powell\Downloads
Then,- Right click adwcleaner.exe and choose "Run as Administrator"
- Click the Scan button.
- When the scan finishes, click the Report button.
- A logfile will open in notepad. Copy/paste to post the contents of the logfile in your next reply.
- Close AdwCleaner
- You can also find the logfile at C:\AdwCleaner\AdwCleaner[R**].txt.
0 -
# AdwCleaner v3.005 - Report created 30/09/2013 at 19:15:39
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kevin powell - KEVINPOWELL-PC
# Running from : C:\Users\kevin powell\Downloads\adwcleaner (9).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Users\kevin powell\AppData\Local\FilesFrog Update Checker
Folder Found C:\Users\kevin powell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found C:\Users\kevin powell\AppData\Roaming\PC Speed Maximizer
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Somoto
Key Found : [x64] HKCU\Software\Somoto
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_18-wheels-of-steel_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_18-wheels-of-steel_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Google Chrome v
[ File : C:\Users\kevin powell\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
Found : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [2006 octets] - [30/09/2013 19:15:39]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2066 octets] ##########0 -
Good - now to delete it.
- Right click AdwCleaner.exe and choose "Run as Administrator" to run it.
- Click the Scan button.
- When the scan finishes, click the Clean button.
- Click OK to the prompt and let AdwCleaner reboot the computer.
- A logfile will open in notepad after reboot. Copy/paste to post the contents of the logfile in your next reply.
- You can also find the logfile at C:\AdwCleaner\AdwCleaner[S**].txt.
0 -
# AdwCleaner v3.005 - Report created 30/09/2013 at 20:33:47
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kevin powell - KEVINPOWELL-PC
# Running from : C:\Users\kevin powell\Downloads\adwcleaner (11).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Google Chrome v
[ File : C:\Users\kevin powell\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2150 octets] - [30/09/2013 19:15:39]
AdwCleaner[R1].txt - [902 octets] - [30/09/2013 20:32:56]
AdwCleaner[S0].txt - [1986 octets] - [30/09/2013 19:21:39]
AdwCleaner[S1].txt - [824 octets] - [30/09/2013 20:33:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [883 octets] ##########0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.5K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178K Life & Family
- 260.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards