BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
I think my system has a virus?!
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > I think my system has a virus?!  
Forum Quick Jump
 
New Topic Post reply to : I think my system has a virus?! Printable version of : I think my system has a virus?!
39 posts in this thread.
Viewing Page :
 1  2 
[ << Previous Thread | Next Thread >> ]

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/20/2013 3:10 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
I think I just want to disable the McAfee rather than deleting the entire program. Just want it to stop popping up. I used to use a free anti virus program before I bought this system with Windows 7. Are there any decent ones that are free or should I really be purchasing the McAfee that is installed on this system already? Just curious on your thoughts on this......
 
 
 
I would strongly recommend that it be removed entirely, and you can always download it again if you wish.

I can recommend Kingsoft Antivirus Free
  http://kingsoft-antivirus.en.softonic.com/
 
 
NB. Do not have 2 antivirus running at at the same time as they will slow down your computer and conflict with each other.
 


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 6/25/2013 5:24 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Okay I will remove it andd try the other softeare that you have suggested. One last question and I do not even know if this is the place to ask it. I have recently learned through friends that they are receiveing emails that are from me (my name is on them) but they are sent from someone else's email address (I do not even recognize the addresses). Before I realized that it was not my email they were being sent from, I changed my email passwords. Since the emails are not coming from my addresses and only have my name attached to them, this did not help. Do you know if there is anything that I can do other than to alert friends not to open any links that appear to come from me? Thanks for your help, as always!! I so appreciate it!!
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 6/27/2013 2:17 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
It is no great comfort, but after you have changed the email password, the mail eventually stop.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/6/2013 7:05 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Hi. This is getting quite pathetic, I know. My system was running fine for about a week. All of the people in my family that have user names/accounts can log onto their user accounts and get online. I, on the other hand have the administrator account and I cannot get online. I can sign into my user account just fine and can even get online to Google. Once there, my browser stops working-I can type sites in there but I cannot get to them. I either get a question mark or the page just stays on Google. I am not sure what to do. How can I even run a scan to see what is going on if I cannot get online when I sign in? No one else seems to be having this issue. Any help would be greatly appreciated. Thanks in advance!
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/6/2013 11:14 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Let´see what´s going on
 
 
Download to another computer, save it on a external drive
 
Get Farbar Recovery Scan:

For 32-bit Windows, download:
 http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
and save it to your desktop

For 64-bit Windows, download:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
and save it to your desktop.


Run  a scan with Farbar Recovery Scan.

When the scan is complete, you have two (2) log files on the desktop - FRST.txt and Addition.txt as you please copy here.


Since they are relatively long, you should probably send them in several posts.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/6/2013 5:27 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Hi. Thanks. Here are the logs...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Prism2 (administrator) on 06-07-2013 10:19:59
Running from C:\Users\Prism2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Storage Appliance Corp.) C:\ProgramData\OfficeGuardianV2\UACProxy.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Core\mchost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6463080 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [66872 2012-03-10] ()
HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [968048 2012-02-01] ()
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Alannah\...\Policies\system: [LogonHoursAction] 2
HKU\Alannah\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Grayson\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Grayson\...\Policies\system: [LogonHoursAction] 2
HKU\Grayson\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Kids\...\Policies\system: [LogonHoursAction] 2
HKU\Kids\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Krista\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-09-30] (Google Inc.)
HKU\Krista\...\Policies\system: [LogonHoursAction] 2
HKU\Krista\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll No File
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120908174900.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120908174900.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

Chrome:
=======

==================== Services (Whitelisted) =================

R2 CFUACProxy_officeguardianv2; C:\ProgramData\OfficeGuardianV2\UACProxy.exe [83824 2012-06-28] (Storage Appliance Corp.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-09-10] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-07-17] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-07-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-07-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [180824 2013-06-17] (Sandboxie Holdings, LLC)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [198360 2013-06-17] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S2 MCSTRM; No ImagePath
U3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 10:19 - 2013-07-06 10:19 - 00000000 ____D C:\FRST
2013-07-06 10:19 - 2013-07-06 10:17 - 01934636 ____A (Farbar) C:\Users\Prism2\Desktop\FRST64.exe
2013-07-04 14:31 - 2013-07-04 14:40 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (4)
2013-07-03 03:01 - 2013-05-16 21:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-03 03:01 - 2013-05-16 21:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-03 03:01 - 2013-05-16 20:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-03 03:01 - 2013-05-16 20:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-03 03:01 - 2013-05-16 20:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-03 03:01 - 2013-05-16 20:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-03 03:01 - 2013-05-14 08:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-03 03:01 - 2013-05-14 04:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-03 03:00 - 2013-06-08 10:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-03 03:00 - 2013-06-08 10:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-03 03:00 - 2013-06-08 10:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-03 03:00 - 2013-06-08 10:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-03 03:00 - 2013-06-08 10:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-03 03:00 - 2013-06-08 08:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-03 03:00 - 2013-06-08 07:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-03 03:00 - 2013-06-08 07:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-03 03:00 - 2013-06-08 07:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-03 03:00 - 2013-06-08 07:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-03 03:00 - 2013-06-08 07:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-03 03:00 - 2013-06-08 07:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-02 13:32 - 2013-07-02 13:32 - 00388608 ____A (Trend Micro Inc.) C:\Users\Todd\Desktop\HijackThis.exe
2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe
2013-07-02 13:19 - 2013-07-02 13:20 - 00001159 ____A C:\AdwCleaner[S6].txt
2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 03:21 - 2013-07-02 03:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 03:21 - 2013-07-02 03:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 03:21 - 2013-07-02 03:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-02 03:21 - 2013-07-02 03:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 03:21 - 2013-07-02 03:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 03:21 - 2013-07-02 03:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-02 03:00 - 2013-07-02 03:23 - 00007305 ____A C:\Windows\IE10_main.log
2013-07-01 10:52 - 2013-07-01 10:52 - 00000000 ____D C:\Users\Alannah\AppData\Local\Apple
2013-06-29 17:03 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Prism2\Desktop\camping
2013-06-27 18:41 - 2013-07-04 18:52 - 00000004 ____A C:\Users\Todd\AppData\Roaming\159676
2013-06-26 12:49 - 2013-06-26 12:49 - 00001099 ____A C:\AdwCleaner[S5].txt
2013-06-26 12:48 - 2013-06-26 12:48 - 00648201 ____A C:\Users\Prism2\Desktop\adwcleaner.exe
2013-06-26 12:37 - 2013-06-26 12:37 - 00111124 ____A C:\Users\Prism2\Desktop\OTL.Txt
2013-06-26 12:31 - 2013-06-26 12:31 - 00602112 ____A (OldTimer Tools) C:\Users\Prism2\Desktop\OTL.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 17:24 - 2013-06-24 17:25 - 00000000 ____D C:\Users\Grayson\AppData\Local\{559EF506-EDC1-46DF-917D-824CDC6D633D}
2013-06-24 17:24 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{E51C3296-EFD5-4578-B924-2C7F5EDC10EF}
2013-06-22 13:13 - 2012-12-21 12:28 - 00001230 ____A C:\Users\Grayson\Desktop\Calculator - Copy.lnk
2013-06-22 12:09 - 2013-06-22 12:09 - 00000004 ____A C:\Users\Alannah\AppData\Roaming\159676
2013-06-22 08:45 - 2013-06-22 08:49 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (3)
2013-06-19 12:33 - 2013-06-19 12:33 - 00388608 ____A (Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe
2013-06-19 12:30 - 2013-06-19 12:30 - 00000634 ____A C:\Users\Prism2\Documents\JRTa.txt
2013-06-19 12:26 - 2013-06-19 12:26 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Prism2\Desktop\JRT.exe
2013-06-19 12:24 - 2013-06-19 12:24 - 00001038 ____A C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt
2013-06-19 12:16 - 2013-06-19 12:17 - 00001038 ____A C:\AdwCleaner[S4].txt
2013-06-17 12:05 - 2013-06-17 12:43 - 00000000 ____D C:\Users\Prism2\Desktop\2008-01-01
2013-06-17 12:04 - 2013-06-17 12:36 - 00000000 ____D C:\Users\Prism2\Desktop\Picture
2013-06-17 12:01 - 2013-06-17 12:40 - 00000000 ____D C:\Users\Prism2\Desktop\kids
2013-06-17 11:58 - 2013-06-17 12:39 - 00000000 ____D C:\Users\Prism2\Desktop\2010-04-22
2013-06-17 11:18 - 2013-06-17 11:18 - 00128000 ____A C:\Users\Prism2\Desktop\AUTISMSIGN.PSproj
2013-06-17 09:10 - 2013-06-17 09:10 - 00000000 ____D C:\Users\Todd\AppData\Local\Apple
2013-06-16 20:23 - 2013-06-16 20:23 - 09718726 ____A C:\Users\Prism2\Desktop\LAWLzip-older_version.zip
2013-06-16 19:50 - 2013-06-16 19:52 - 00000000 ____D C:\Users\Prism2\Desktop\FATHER'S DAY
2013-06-16 10:39 - 2013-06-16 10:39 - 00379387 ____A C:\Users\Kids\Documents\fsathers.xps
2013-06-16 10:38 - 2013-06-16 10:38 - 00379387 ____A C:\Users\Kids\Documents\card.xps
2013-06-14 22:31 - 2013-06-14 22:58 - 00000000 ____D C:\Users\Prism2\Desktop\Last Day Of School
2013-06-12 22:53 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Prism2\Desktop\backups
2013-06-12 16:47 - 2013-06-28 11:29 - 00000004 ____A C:\Users\Kids\AppData\Roaming\159676
2013-06-12 15:22 - 2013-06-29 15:11 - 00000004 ____A C:\Users\Prism2\AppData\Roaming\159676
2013-06-12 08:20 - 2013-05-13 01:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 08:20 - 2013-05-13 01:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 08:20 - 2013-05-13 01:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 08:20 - 2013-05-13 01:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 08:20 - 2013-05-13 00:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 08:20 - 2013-05-13 00:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 08:20 - 2013-05-13 00:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 08:20 - 2013-05-12 23:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 08:20 - 2013-05-12 23:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 08:20 - 2013-05-12 23:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 08:20 - 2013-05-10 01:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 08:20 - 2013-05-09 23:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 08:20 - 2013-05-08 02:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 08:20 - 2013-04-26 01:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 08:20 - 2013-04-26 00:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 08:20 - 2013-04-17 03:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 08:20 - 2013-04-17 02:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 08:19 - 2013-04-25 19:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 08:19 - 2013-03-31 18:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 08:10 - 2013-06-12 08:12 - 00000000 ____D C:\Users\Prism2\Desktop\june2
2013-06-11 10:56 - 2013-06-12 22:51 - 00015351 ____A C:\Users\Prism2\Desktop\hijackthis.log
2013-06-10 18:31 - 2013-06-10 18:31 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-10 18:31 - 2013-06-10 18:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-10 18:29 - 2013-06-10 18:29 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iPod
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-09 10:01 - 2013-06-09 10:01 - 00000000 ____D C:\Users\Todd\AppData\Local\SkyHawke
2013-06-09 10:00 - 2013-06-09 10:00 - 00000000 ____D C:\Users\Prism2\AppData\Local\SkyHawke
2013-06-09 09:59 - 2013-06-09 10:26 - 00000000 ____D C:\Program Files (x86)\SkyGolf
2013-06-09 09:59 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\Silabs
2013-06-08 13:18 - 2013-07-03 13:06 - 00000000 ____D C:\Users\Todd\Desktop\virus scans
2013-06-08 13:10 - 2013-06-08 13:10 - 00000000 __SHD C:\Users\Prism2\Desktop\%APPDATA%
2013-06-08 12:52 - 2013-06-08 12:53 - 00001083 ____A C:\AdwCleaner[S3].txt
2013-06-08 12:39 - 2013-06-08 12:42 - 00007107 ____A C:\AdwCleaner[S2].txt
2013-06-08 12:38 - 2013-06-08 12:38 - 00006933 ____A C:\Users\Prism2\Desktop\AdwCleaner[R1].txt
2013-06-08 12:38 - 2013-06-08 12:38 - 00000319 ____A C:\AdwCleaner[S1].txt
2013-06-08 12:36 - 2013-06-08 12:36 - 00006933 ____A C:\AdwCleaner[R1].txt
2013-06-08 12:32 - 2013-06-08 12:35 - 00640135 ____A C:\Users\Todd\Downloads\adwcleaner.exe
2013-06-07 19:04 - 2013-06-07 19:04 - 00000000 ____D C:\Users\Krista\AppData\Roaming\Apple Computer
2013-06-07 18:52 - 2013-06-07 18:52 - 00023905 ____A C:\ComboFix.txt
2013-06-07 18:19 - 2011-06-26 02:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-07 18:19 - 2010-11-07 13:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-07 18:19 - 2009-04-20 00:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-07 18:19 - 2000-08-30 20:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-07 18:19 - 2000-08-30 20:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-07 18:19 - 2000-08-30 20:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-07 18:19 - 2000-08-30 20:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-07 18:19 - 2000-08-30 20:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-07 18:15 - 2013-06-07 18:53 - 00000000 ____D C:\Qoobox
2013-06-07 18:15 - 2013-06-07 18:48 - 00000000 ____D C:\Windows\erdnt
2013-06-07 18:14 - 2013-06-07 18:14 - 05078746 ____R (Swearware) C:\Users\Todd\Desktop\ComboFix.exe
2013-06-06 18:49 - 2013-06-07 19:06 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-06-06 18:49 - 2013-06-06 18:49 - 00959772 ____A ( ) C:\Users\Prism2\Downloads\pivot_setup.exe
2013-06-06 18:49 - 2013-06-06 18:49 - 00000000 ____D C:\ProgramData\Real
2013-06-06 18:48 - 2013-07-06 09:39 - 00000264 ____A C:\Windows\Tasks\TopArcadeHits.job
2013-06-06 18:48 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Kids\AppData\Local\TopArcadeHits
2013-06-06 18:48 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Roaming\Mozilla
2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2013-06-06 18:47 - 2013-05-27 04:58 - 01447728 ____A C:\Windows\System32\dmwu.exe
2013-06-06 18:47 - 2013-05-27 04:57 - 00033792 ____A (IncrediMail, Ltd.) C:\Windows\System32\ImHttpComm.dll

==================== One Month Modified Files and Folders =======

2013-07-06 10:19 - 2013-07-06 10:19 - 00000000 ____D C:\FRST
2013-07-06 10:19 - 2009-07-14 01:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 10:17 - 2013-07-06 10:19 - 01934636 ____A (Farbar) C:\Users\Prism2\Desktop\FRST64.exe
2013-07-06 10:15 - 2012-09-30 17:36 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-06 10:15 - 2012-08-28 12:52 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-07-06 10:15 - 2012-08-28 12:52 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-07-06 10:15 - 2012-08-28 12:33 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-07-06 10:12 - 2012-08-28 12:15 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 09:53 - 2012-12-29 22:33 - 00001518 ____A C:\Windows\Sandboxie.ini
2013-07-06 09:53 - 2012-09-22 12:39 - 00000000 ____D C:\Users\Todd\AppData\Roaming\SoftGrid Client
2013-07-06 09:48 - 2012-09-30 17:36 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-06 09:40 - 2012-08-28 12:14 - 01188574 ____A C:\Windows\WindowsUpdate.log
2013-07-06 09:39 - 2013-06-06 18:48 - 00000264 ____A C:\Windows\Tasks\TopArcadeHits.job
2013-07-05 19:25 - 2012-09-22 12:44 - 00000000 ____D C:\Users\Todd\Desktop\Prism Estimates
2013-07-05 19:25 - 2012-09-09 11:53 - 00058808 ____A C:\Users\Todd\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 12:32 - 2012-09-09 11:51 - 00000000 ____D C:\Users\Todd\AppData\Local\VirtualStore
2013-07-04 18:52 - 2013-06-27 18:41 - 00000004 ____A C:\Users\Todd\AppData\Roaming\159676
2013-07-04 18:52 - 2012-10-07 11:42 - 00870128 ____A C:\Users\Todd\AppData\Roaming\mcs.rma
2013-07-04 14:40 - 2013-07-04 14:31 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (4)
2013-07-04 11:08 - 2009-07-14 00:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-04 11:08 - 2009-07-14 00:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-04 11:00 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 11:00 - 2009-07-14 00:51 - 00041993 ____A C:\Windows\setupact.log
2013-07-03 13:06 - 2013-06-08 13:18 - 00000000 ____D C:\Users\Todd\Desktop\virus scans
2013-07-02 13:55 - 2012-09-30 16:08 - 00000000 ____D C:\Users\Prism2\AppData\Roaming\SoftGrid Client
2013-07-02 13:54 - 2013-01-29 10:57 - 00000000 ____D C:\Users\Prism2\Desktop\miscppwk
2013-07-02 13:32 - 2013-07-02 13:32 - 00388608 ____A (Trend Micro Inc.) C:\Users\Todd\Desktop\HijackThis.exe
2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe
2013-07-02 13:25 - 2013-04-23 11:01 - 00000000 ____D C:\JRT
2013-07-02 13:20 - 2013-07-02 13:19 - 00001159 ____A C:\AdwCleaner[S6].txt
2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe
2013-07-02 06:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-07-02 03:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-02 03:23 - 2013-07-02 03:00 - 00007305 ____A C:\Windows\IE10_main.log
2013-07-02 03:21 - 2013-07-02 03:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 03:21 - 2013-07-02 03:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 03:21 - 2013-07-02 03:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 03:21 - 2013-07-02 03:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-02 03:21 - 2013-07-02 03:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 03:21 - 2013-07-02 03:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 03:21 - 2013-07-02 03:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 03:21 - 2013-07-02 03:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 03:21 - 2013-07-02 03:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-01 20:48 - 2012-10-20 09:48 - 00000000 ____D C:\Users\Prism2\Desktop\kidsppwk
2013-07-01 19:17 - 2013-03-25 12:07 - 00000516 ____A C:\Users\Grayson\Desktop\The Wiggles PBS KIDS Sprout.website
2013-07-01 13:41 - 2013-02-24 10:01 - 00000497 ____A C:\Users\Alannah\Desktop\PBS KIDS Educational Games, Videos and Activities For Kids!.website
2013-07-01 10:52 - 2013-07-01 10:52 - 00000000 ____D C:\Users\Alannah\AppData\Local\Apple
2013-06-30 08:49 - 2013-02-24 09:53 - 00000497 ____A C:\Users\Luke\Desktop\PBS KIDS Educational Games, Videos and Activities For Kids!.website
2013-06-29 17:11 - 2013-06-29 17:03 - 00000000 ____D C:\Users\Prism2\Desktop\camping
2013-06-29 15:11 - 2013-06-12 15:22 - 00000004 ____A C:\Users\Prism2\AppData\Roaming\159676
2013-06-29 15:11 - 2012-09-10 19:18 - 00870128 ____A C:\Users\Prism2\AppData\Roaming\mcs.rma
2013-06-28 11:29 - 2013-06-12 16:47 - 00000004 ____A C:\Users\Kids\AppData\Roaming\159676
2013-06-28 11:29 - 2012-09-16 10:51 - 00870128 ____A C:\Users\Kids\AppData\Roaming\mcs.rma
2013-06-26 12:49 - 2013-06-26 12:49 - 00001099 ____A C:\AdwCleaner[S5].txt
2013-06-26 12:48 - 2013-06-26 12:48 - 00648201 ____A C:\Users\Prism2\Desktop\adwcleaner.exe
2013-06-26 12:45 - 2010-11-20 23:47 - 00019676 ____A C:\Windows\PFRO.log
2013-06-26 12:37 - 2013-06-26 12:37 - 00111124 ____A C:\Users\Prism2\Desktop\OTL.Txt
2013-06-26 12:31 - 2013-06-26 12:31 - 00602112 ____A (OldTimer Tools) C:\Users\Prism2\Desktop\OTL.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-25 10:19 - 2013-06-25 10:19 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-25 10:19 - 2012-09-10 18:28 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-25 10:19 - 2012-09-10 18:28 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 17:25 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{559EF506-EDC1-46DF-917D-824CDC6D633D}
2013-06-24 17:24 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{E51C3296-EFD5-4578-B924-2C7F5EDC10EF}
2013-06-22 12:09 - 2013-06-22 12:09 - 00000004 ____A C:\Users\Alannah\AppData\Roaming\159676
2013-06-22 12:09 - 2012-09-15 15:02 - 00870128 ____A C:\Users\Alannah\AppData\Roaming\mcs.rma
2013-06-22 08:49 - 2013-06-22 08:45 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (3)
2013-06-21 08:11 - 2012-12-05 18:41 - 00000496 ____A C:\Users\Luke\Desktop\Official NORAD Santa Tracker.website
2013-06-19 12:47 - 2013-04-30 13:39 - 00000000 ____D C:\Program Files (x86)\Pearson
2013-06-19 12:47 - 2012-08-28 12:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-19 12:33 - 2013-06-19 12:33 - 00388608 ____A (Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe
2013-06-19 12:30 - 2013-06-19 12:30 - 00000634 ____A C:\Users\Prism2\Documents\JRTa.txt
2013-06-19 12:26 - 2013-06-19 12:26 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Prism2\Desktop\JRT.exe
2013-06-19 12:24 - 2013-06-19 12:24 - 00001038 ____A C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt
2013-06-19 12:17 - 2013-06-19 12:16 - 00001038 ____A C:\AdwCleaner[S4].txt
2013-06-19 11:10 - 2013-04-25 20:57 - 00000000 ____D C:\Users\Prism2\Desktop\camera
2013-06-18 08:04 - 2013-02-24 09:52 - 00000495 ____A C:\Users\Luke\Desktop\Caillou Games, Coloring and Activities PBS KIDS.website
2013-06-17 12:43 - 2013-06-17 12:05 - 00000000 ____D C:\Users\Prism2\Desktop\2008-01-01
2013-06-17 12:40 - 2013-06-17 12:01 - 00000000 ____D C:\Users\Prism2\Desktop\kids
2013-06-17 12:39 - 2013-06-17 11:58 - 00000000 ____D C:\Users\Prism2\Desktop\2010-04-22
2013-06-17 12:36 - 2013-06-17 12:04 - 00000000 ____D C:\Users\Prism2\Desktop\Picture
2013-06-17 11:19 - 2013-01-24 22:49 - 00792064 __ASH C:\Users\Prism2\Desktop\Thumbs.db
2013-06-17 11:18 - 2013-06-17 11:18 - 00128000 ____A C:\Users\Prism2\Desktop\AUTISMSIGN.PSproj
2013-06-17 09:10 - 2013-06-17 09:10 - 00000000 ____D C:\Users\Todd\AppData\Local\Apple
2013-06-16 20:23 - 2013-06-16 20:23 - 09718726 ____A C:\Users\Prism2\Desktop\LAWLzip-older_version.zip
2013-06-16 19:52 - 2013-06-16 19:50 - 00000000 ____D C:\Users\Prism2\Desktop\FATHER'S DAY
2013-06-16 11:51 - 2012-11-03 13:51 - 00000506 ____A C:\Users\Luke\Desktop\Farme search - Y8.COM - Play Games for Free.website
2013-06-16 10:39 - 2013-06-16 10:39 - 00379387 ____A C:\Users\Kids\Documents\fsathers.xps
2013-06-16 10:38 - 2013-06-16 10:38 - 00379387 ____A C:\Users\Kids\Documents\card.xps
2013-06-15 03:03 - 2011-02-10 12:10 - 00773448 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-14 22:58 - 2013-06-14 22:31 - 00000000 ____D C:\Users\Prism2\Desktop\Last Day Of School
2013-06-14 11:33 - 2012-09-22 10:25 - 00000000 ____D C:\Users\Kids\AppData\Roaming\SoftGrid Client
2013-06-13 15:34 - 2012-09-22 12:45 - 00000000 ____D C:\Users\Todd\Desktop\Prism Invoices
2013-06-13 03:02 - 2013-02-20 10:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 22:53 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Prism2\Desktop\backups
2013-06-12 22:53 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Local\TopArcadeHits
2013-06-12 22:51 - 2013-06-11 10:56 - 00015351 ____A C:\Users\Prism2\Desktop\hijackthis.log
2013-06-12 22:49 - 2012-08-28 12:15 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 22:49 - 2012-08-28 12:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 08:12 - 2013-06-12 08:10 - 00000000 ____D C:\Users\Prism2\Desktop\june2
2013-06-12 08:09 - 2013-06-03 15:19 - 00000000 ____D C:\Users\Prism2\Desktop\JUNEiphone
2013-06-12 08:08 - 2013-04-30 18:31 - 00000000 ____D C:\Users\Prism2\AppData\Roaming\Apple Computer
2013-06-11 19:58 - 2013-05-10 13:59 - 00000000 ____D C:\Users\Grayson\AppData\Local\Apple Computer
2013-06-11 10:54 - 2012-09-08 11:29 - 00000000 ____D C:\Users\Prism2\AppData\Local\VirtualStore
2013-06-10 18:31 - 2013-06-10 18:31 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-10 18:31 - 2013-06-10 18:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-10 18:30 - 2013-04-30 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-06-10 18:29 - 2013-06-10 18:29 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iPod
2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-09 10:26 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\SkyGolf
2013-06-09 10:01 - 2013-06-09 10:01 - 00000000 ____D C:\Users\Todd\AppData\Local\SkyHawke
2013-06-09 10:00 - 2013-06-09 10:00 - 00000000 ____D C:\Users\Prism2\AppData\Local\SkyHawke
2013-06-09 09:59 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\Silabs
2013-06-08 13:10 - 2013-06-08 13:10 - 00000000 __SHD C:\Users\Prism2\Desktop\%APPDATA%
2013-06-08 12:53 - 2013-06-08 12:52 - 00001083 ____A C:\AdwCleaner[S3].txt
2013-06-08 12:42 - 2013-06-08 12:39 - 00007107 ____A C:\AdwCleaner[S2].txt
2013-06-08 12:38 - 2013-06-08 12:38 - 00006933 ____A C:\Users\Prism2\Desktop\AdwCleaner[R1].txt
2013-06-08 12:38 - 2013-06-08 12:38 - 00000319 ____A C:\AdwCleaner[S1].txt
2013-06-08 12:36 - 2013-06-08 12:36 - 00006933 ____A C:\AdwCleaner[R1].txt
2013-06-08 12:35 - 2013-06-08 12:32 - 00640135 ____A C:\Users\Todd\Downloads\adwcleaner.exe
2013-06-08 10:08 - 2013-07-03 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 10:07 - 2013-07-03 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 10:06 - 2013-07-03 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 10:06 - 2013-07-03 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 10:06 - 2013-07-03 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 08:28 - 2013-07-03 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 07:42 - 2013-07-03 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 07:40 - 2013-07-03 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 07:40 - 2013-07-03 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 07:40 - 2013-07-03 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 07:40 - 2013-07-03 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 07:13 - 2013-07-03 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 19:07 - 2013-04-30 13:46 - 00000000 ____D C:\Windows\Crystal
2013-06-07 19:06 - 2013-06-06 18:49 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-06-07 19:04 - 2013-06-07 19:04 - 00000000 ____D C:\Users\Krista\AppData\Roaming\Apple Computer
2013-06-07 18:53 - 2013-06-07 18:15 - 00000000 ____D C:\Qoobox
2013-06-07 18:53 - 2009-07-13 23:20 - 00000000 __RHD C:\users\Default
2013-06-07 18:52 - 2013-06-07 18:52 - 00023905 ____A C:\ComboFix.txt
2013-06-07 18:48 - 2013-06-07 18:15 - 00000000 ____D C:\Windows\erdnt
2013-06-07 18:34 - 2009-07-13 22:34 - 00000215 ____A C:\Windows\system.ini
2013-06-07 18:14 - 2013-06-07 18:14 - 05078746 ____R (Swearware) C:\Users\Todd\Desktop\ComboFix.exe
2013-06-06 18:49 - 2013-06-06 18:49 - 00959772 ____A ( ) C:\Users\Prism2\Downloads\pivot_setup.exe
2013-06-06 18:49 - 2013-06-06 18:49 - 00000000 ____D C:\ProgramData\Real
2013-06-06 18:48 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Roaming\Mozilla
2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2013-06-06 18:45 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Resources

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 00:15

==================== End Of Log ============================
Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/6/2013 5:28 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013
Ran by Prism2 at 2013-07-06 10:20:52
Running from C:\Users\Prism2\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.4) (x32 Version: 10.1.4)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ASPCA Reminder by We-Care.com v4.1.22.1 (x32 Version: 4.1.22.1)
Bing Bar (x32 Version: 7.1.391.0)
Blio (x32 Version: 2.3.7140)
Bonjour (Version: 3.0.0.10)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Consumer In-Home Service Agreement (x32 Version: 2.0.0)
Coupon Printer for Windows (x32 Version: 5.0.0.3)
Cozi (x32 Version: 1.0.6505.38692)
D3DX10 (x32 Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67)
Dell DataSafe Local Backup (x32 Version: 9.4.67)
Dell Digital Delivery (x32 Version: 2.5.1400.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell MusicStage (x32 Version: 1.6.225.0)
Dell PhotoStage (x32 Version: 1.5.0.130)
Dell Stage (x32 Version: 1.7.209.0)
Dell Stage Remote (x32 Version: 2.0.0.43)
Dell Support Center (Version: 3.1.5907.16)
Dell VideoStage (x32 Version: 1.3.0.2214)
Dell Wireless Driver Installation (x32 Version: 9.0)
eBay (x32 Version: 1.4.0)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.149)
High-Definition Video Playback (x32 Version: 7.3.10000.0.0)
HP Officejet 4620 series Basic Device Software (Version: 26.0.784.0)
HP Officejet 4620 series Help (x32 Version: 6.0.0)
HP Officejet 4620 series Product Improvement Study (Version: 26.0.784.0)
HP Update (x32 Version: 5.003.000.004)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
iCloud (Version: 2.1.2.8)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.0.1351)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2696)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
McAfee Security Scan Plus (x32 Version: 2.1.121.2)
McAfee SecurityCenter (x32 Version: 11.6.434)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10200.0.0)
Nero Control Center 10 (x32 Version: 10.6.12800.0.8)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800)
Nero Core Components 10 (x32 Version: 2.0.20500.9.16)
Nero Update (x32 Version: 1.0.0018)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6554)
Rhapsody (x32)
Sandboxie 4.02 (64-bit) (Version: 4.02)
Shared C Run-time for x64 (Version: 10.0.0)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (x32)
Skype™ 5.10 (x32 Version: 5.10.116)
Smilebox (HKCU)
swMSM (x32 Version: 12.0.0.1)
SyncUP (x32 Version: 1.12.11500.11.105)
SyncUP (x32 Version: 10.2.16500)
The Print Shop 3.0 Fonts (x32 Version: 1.0)
The Print Shop 3.0 Professional (x32 Version: 3.0.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Updater By SweetPacks 2.0.0.586 (Version: 2.0.0.586)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Zinio Reader 4 (x32 Version: 4.2.4164)

==================== Restore Points =========================

19-06-2013 16:46:44 Removed PsychCorpCenter-II
22-06-2013 07:00:10 Windows Update
25-06-2013 14:18:28 Installed Java 7 Update 25
26-06-2013 16:39:42 OTL Restore Point - 6/26/2013 12:39:42 PM
02-07-2013 07:00:23 Windows Update
03-07-2013 07:00:25 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2013-06-26 12:39 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C032FDA-03A9-4983-9E1D-D65F9FDB5790} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {1D8952B5-5FC1-47C7-AA2D-E5B107E6C193} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {4B3A10B1-BCB3-487F-8E20-C0EBCC9DBE42} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {56BB57FC-FFB8-4A90-82F3-E7D737C67B58} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {73ECDBA1-3992-4F35-88C2-09837B27EA8A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {796B714E-FBEB-4744-950E-301F129B3973} - System32\Tasks\TopArcadeHits => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe [2013-06-06] ()
Task: {880E40E0-E591-46B3-92BF-C11D7712087A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.)
Task: {DCC23AFF-8BF7-473B-B90B-FD6EF29F945A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2013 00:57:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/04/2013 00:03:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/04/2013 11:38:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/04/2013 11:02:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 03:19:56 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 03:02:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2013 01:23:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 01:09:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 03:41:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 00:48:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/05/2013 11:43:00 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/04/2013 11:00:49 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (07/04/2013 11:00:43 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:44:31 PM on ?7/?3/?2013 was unexpected.

Error: (07/03/2013 01:21:53 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/03/2013 00:05:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (07/03/2013 03:18:19 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (07/02/2013 01:21:47 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (07/02/2013 01:08:13 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (07/02/2013 03:40:15 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (07/01/2013 08:01:02 PM) (Source: DCOM) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}


Microsoft Office Sessions:
=========================
Error: (07/06/2013 00:57:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (07/04/2013 00:03:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (07/04/2013 11:38:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (07/04/2013 11:02:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 03:19:56 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2013 03:02:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (07/02/2013 01:23:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 01:09:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 03:41:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/27/2013 00:48:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe


CodeIntegrity Errors:
===================================
Date: 2013-06-07 18:28:12.274
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-07 18:28:12.242
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-06-07 16:05:18.321
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-07 16:05:18.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-07 16:05:18.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-05-24 16:01:50.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-05-24 16:01:50.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-05-24 16:01:50.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-09 10:12:46.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-03-09 10:12:46.807
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 6022.16 MB
Available physical RAM: 4514 MB
Total Pagefile: 12042.51 MB
Available Pagefile: 9300.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:675.57 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: A3AE97B5)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/7/2013 10:45 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire txt in bold below.
(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
 Save it on the desktop as fixlist.txt.
 
 
 
 
start
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll No File
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S2 MCSTRM; No ImagePath
U3 mfeavfk01; No ImagePath
2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe
2013-07-02 13:19 - 2013-07-02 13:20 - 00001159 ____A C:\AdwCleaner[S6].txt
2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe
c:\Users\Prism2\Desktop\adwcleaner.exe
C:\Users\Prism2\Desktop\OTL.Txt
C:\Users\Prism2\Desktop\OTL.exe
(Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe
C:\Users\Prism2\Documents\JRTa.txt
C:\Users\Prism2\Desktop\JRT.exe
C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt
C:\AdwCleaner[S4].txt
C:\Users\Prism2\Desktop\hijackthis.log
C:\AdwCleaner[S3].txt
C:\AdwCleaner[S2].txt
C:\Users\Prism2\Desktop\AdwCleaner[R1].txt
C:\AdwCleaner[S1].txt
C:\AdwCleaner[R1].txt
C:\Users\Todd\Downloads\adwcleaner.exe
C:\ComboFix.txt
C:\JRT
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
{1D8952B5-5FC1-47C7-AA2D-E5B107E6C193} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.)
{4B3A10B1-BCB3-487F-8E20-C0EBCC9DBE42} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
T{56BB57FC-FFB8-4A90-82F3-E7D737C67B58} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
{73ECDBA1-3992-4F35-88C2-09837B27EA8A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {796B714E-FBEB-4744-950E-301F129B3973} - System32\Tasks\TopArcadeHits => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe [2013-06-06] ()
{880E40E0-E591-46B3-92BF-C11D7712087A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.)
{DCC23AFF-8BF7-473B-B90B-FD6EF29F945A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.)
C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe
end
 
 
Now open Farbar ensure its on your desktop and click the fix botton.

The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system
 


  1. Open Disk Cleanup by clicking the Start button Picture of the Start button. In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
  2. In the Drives list, click the hard disk drive that you want to clean up, and then click OK.
  3. In the Disk Cleanup dialog box, on the Disk Cleanup tab, select the check boxes for the file types that you want to delete, and then click OK.
  4. In the message that appears, click Delete files.

Please tell how things are running now  ?



 


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/7/2013 10:12 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by Prism2 at 2013-07-07 15:10:36 Run:1
Running from C:\Users\Prism2\Desktop
Boot Mode: Normal
==============================================

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} => Key deleted successfully.
HKCR\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\cozi => Key deleted successfully.
HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F} => Key not found.
catchme => Service deleted successfully.
MCSTRM => Service deleted successfully.
mfeavfk01 => Service deleted successfully.
C:\Users\Todd\Desktop\JRT.exe => Moved successfully.
C:\AdwCleaner[S6].txt => Moved successfully.
C:\Users\Todd\Desktop\adwcleaner.exe => Moved successfully.
c:\Users\Prism2\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Prism2\Desktop\OTL.Txt => Moved successfully.
C:\Users\Prism2\Desktop\OTL.exe => Moved successfully.
C:\Users\Prism2\Desktop\HijackThis.exe => No running process found
C:\Users\Prism2\Documents\JRTa.txt => Moved successfully.
C:\Users\Prism2\Desktop\JRT.exe => Moved successfully.
C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt => Moved successfully.
C:\AdwCleaner[S4].txt => Moved successfully.
C:\Users\Prism2\Desktop\hijackthis.log => Moved successfully.
C:\AdwCleaner[S3].txt => Moved successfully.
C:\AdwCleaner[S2].txt => Moved successfully.
C:\Users\Prism2\Desktop\AdwCleaner[R1].txt => Moved successfully.
C:\AdwCleaner[S1].txt => Moved successfully.
C:\AdwCleaner[R1].txt => Moved successfully.
C:\Users\Todd\Downloads\adwcleaner.exe => Moved successfully.
C:\ComboFix.txt => Moved successfully.
C:\JRT => Moved successfully.
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{796B714E-FBEB-4744-950E-301F129B3973} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{796B714E-FBEB-4744-950E-301F129B3973} => Key deleted successfully.
C:\Windows\System32\Tasks\TopArcadeHits => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TopArcadeHits => Key deleted successfully.
"C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" => File/Directory not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" => File/Directory not found.
"C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe" => File/Directory not found.

==== End of Fixlog ====
Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/7/2013 10:25 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Okay.  I still cannot get online other than onto Google using the browser line on my user page.  Once I get to Google I cannot go anywhere else unless I right click on the internet (e) icon on the bottom of the page and then click on one of the pages that are listed there that I believe are my frequently visited pages.  If I click on one of the pages listed, then I can visit that page but still cannot go anywhere else if I then type a new page address on the browser line that I usually would use. This is really strange especially because I can browse the internet or visit any pages I want if I sign into anyone else's user page.  Mine seems to be the only one affected. Any idea what might be going on?
 
Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/8/2013 7:13 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
I have an update from yesterday's reply that I made. There is only 1 user who can get online and search the web. The other users either get stuck on Google as I do or a security warning pops up that says our security settings are not correct and asks if we want to update them by clicking on a button. I did not click on the button though. I just logged those users out. Everything else works for all users except for the internet issues that I have described. There is only 1 user who can utilize the internet normally from what I can tell.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/9/2013 10:04 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
" security warning pops up that says our security settings"
 
 
 
 
Which  - Program or file - pops up with the warning  ?
 
 
 
Try to reset IE.
 
  1. Close any Internet Explorer or Windows Explorer windows that are currently open.
  2. Open Internet Explorer by clicking the Start button Picture of the Start button. In the search box, type Internet Explorer, and then, in the list of results, click Internet Explorer.
  3. Click the Tools button, and then click Internet Options.
  4. Click the Advanced tab, and then click Reset.
  5. Select the Delete personal settings check box if you would like to remove browsing history, search providers, Accelerators, home pages, and InPrivate Filtering data.
  6. In the Reset Internet Explorer Settings dialog box, click Reset.
  7. When Internet Explorer finishes restoring the settings, click Close, and then click OK.
  8. Close Internet Explorer.
    Your changes will take effect the next time you open Internet Explorer.







Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

KMB1999
Trusted Member


Date Joined Jan 2009
Total Posts : 138
 
   Posted 7/9/2013 5:47 PM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
Hi. It seems that resetting IE for all users has remedied the issues. We can all get online and browse. The security warnings have also disappeared. It was a page that popped up that said "Your Security Level Puts Your Computer At Risk" and then gave the option to fix settings(recommended) or continue browsing(not recommended). I never did anything. The browser line read "About:SecurityRisk". But, now that we have reset IE, all users are fine and no warnings are popping up. This is good, correct? Finally, I am installing virus software today....I will either install the free one that you suggested or purchase the McAfee that is already in my system. A quick question......Once I decide, how do I get it to protect all users? Does installing it to the administrator page automatically do this or is there something else that I would need to do in order to protect each user so they do not continue to infect my system? I wish there was a specific way to block pages so that my kids cannot get on ones I do not want then on but I haven't found a way to do this in windows 7 for just one or two pages(game pages) that I know have been an issue so I want to make sure that virus software is installed. Thanks for all of your help!!
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/12/2013 2:03 AM (GMT +3)    Quote: I think my system has a virus?!Alert an admin about: I think my system has a virus?!
" Does installing it to the administrator page automatically do this or is there something else that I would need to do in order to protect each user so they do not continue to infect my system? I wish there was a specific way to block pages so that my kids cannot get on ones I do not want then on but I haven't found a way to do this in windows 7 for just one or two pages(game pages) that I know have been an issue so I want to make sure that virus software is installed."
 
 
 
It Looks like McAfee                                     
Protect Your Family, it probably mean all users !
 
 
Have you links for the game pages ?


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 
New Topic Post reply to : I think my system has a virus?! Printable version of : I think my system has a virus?!
39 posts in this thread.
Viewing Page :
 1  2 
 
Forum Information
Currently it is Wednesday, September 03, 2014 5:27 AM (GMT +3)
There are a total of 60,587 posts in 13,315 threads.
In the last 3 days there were 3 new threads and 4 reply posts. View Active Threads
Who's Online
This forum has 36306 registered members. Please welcome our newest member, bcbjork.
2 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Slow Performance Since Installing Bullguard (0)9/2/2014 8:24:31 PM (bcbjork)
BullGuard2014 Quarantine BUG (0)9/2/2014 5:40:39 PM (ztlol1314)
Bullguard Backup: 3 GB of files are "missing" but freespace calcuation seems to think they (3)8/31/2014 11:20:08 PM (Robert Mateescu)
Blocking of sites (5)8/31/2014 6:53:45 PM (Robert Mateescu)