theredog

Members
  • Content Count

    89
  • Joined

  • Last visited

Everything posted by theredog

  1. Ran adwcleaner then malwarebytes quickscan. After adw was run agv popped up with threat. Repaired. 1st adw log # AdwCleaner v3.014 - Report created 04/12/2013 at 04:49:36 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Redog # Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : Level Quality Watcher ***** [ Files / Folders ] ***** File Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected] File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js File Found : C:\Windows\SysWOW64\conduitEngine.tmp Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg Folder Found C:\Program Files (x86)\BitTorrentBar Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\ConduitEngine Folder Found C:\Program Files\Level Quality Watcher Folder Found C:\ProgramData\eSafe Folder Found C:\Users\Redog\AppData\Local\Conduit Folder Found C:\Users\Redog\AppData\LocalLow\BitTorrentBar Folder Found C:\Users\Redog\AppData\LocalLow\Conduit Folder Found C:\Users\Redog\AppData\LocalLow\ConduitEngine ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKCU\Software\AppDataLow\Software\BitTorrentBar Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\AVG SafeGuard toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Softonic Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : [x64] HKCU\Software\Softonic Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Found : HKLM\Software\AVG Secure Search Key Found : HKLM\Software\AVG Security Toolbar Key Found : HKLM\Software\BitTorrentBar Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Found : HKLM\Software\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\Tarma Installer Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ] Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...] Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922"); -\\ Google Chrome v [ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : homepage Found : search_url Found : keyword Found : urls_to_restore_on_startup Found : homepage Found : search_url Found : urls_to_restore_on_startup Found : homepage Found : search_url Found : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [10568 octets] - [04/12/2013 04:49:36] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10629 octets] ########## 2nd adw log (after clean?) # AdwCleaner v3.014 - Report created 04/12/2013 at 04:52:29 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Redog # Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : Level Quality Watcher ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\eSafe Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\BitTorrentBar Folder Deleted : C:\Program Files\Level Quality Watcher Folder Deleted : C:\Users\Redog\AppData\Local\Conduit Folder Deleted : C:\Users\Redog\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Redog\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Redog\AppData\LocalLow\BitTorrentBar Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid [!] Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected] File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js File Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Key Deleted : HKCU\Software\AVG SafeGuard toolbar Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\Software\BitTorrentBar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ] Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...] Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922"); -\\ Google Chrome v [ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : search_url Deleted : keyword Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [10750 octets] - [04/12/2013 04:49:36] AdwCleaner[s0].txt - [8761 octets] - [04/12/2013 04:52:29] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8821 octets] ########## Malwarebytes log Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.03.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Redog :: [administrator] 12/4/2013 4:59:10 AM MBAM-log-2013-12-04 (05-09-11).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 261532 Time elapsed: 6 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 2 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken. HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg (PUP.Optional.ScorpionSaver) -> No action taken. Files Detected: 0 (No malicious items detected) (end)
  2. I picked this up from who knows where. Every time I remove it, it will reinstall itself. Tried to find all of it's components and delete but it still reinstalls. Quick search says it's not harmful but I don't want it. Use Firefox, Windows 7, AGV Free and Malwarebytes. Can't figure out how to close AGV2014 to start runnig your recommended programs either. It's been a long time since I've had to go through this and never on the dreaded Windows 7 with it's admin permission CRAP! I use to go to G4 Tech Forum but they are gone. Pete C was a big help a few years ago. Will you guys help me out?
  3. OK Pete, updates done. Now if I could figure out why the Windows update shield shows up in the top left of HTC Incredible cell phone.
  4. I noticed about a week ago that windows update page seemed different. Different color scheme and layout. On the computer I am using, windows has two critical updates keeping the yellow shield in the taskbar. Problem is, I don't have office on this OS/Computer. Also, when I select XP, in the left column of updates, there are no critical updates. What gives? This is messing with my OCD! Redog
  5. Got this build fired up for the first time today w/ 64 bit W7 Pro. I partitioned and formatted an OCZ 120Gb SSD. I was wondering why the HDD LED light on the case stays lit and I was wondering if defraging an SSD is uneccessary? Is there a way to make mouse commands one click in W7?
  6. Ahhh, screwed by Bill Gates again! Thanks for the info.
  7. Bummer. What happens if I try and load the 64 bit on to a HDD , then register? Will Microsoft inform me that the reg key is already being used and I need to decide which one to keep? Already spent way too much money on this build.
  8. I have a Windows disc I bought that has the 32 bit and 64 bit OS on it. I have the 32 bit loaded on a HDD and was wondering if I can load and register the 64 bit on another hard drive or does registering one, cancel the other?
  9. I am building a back up to my current confuser using similar mobo. I have the mobo and processor but the QVL is lacking in choices for memory and the selections they show seem to have issues when the item numbers are googled. Any suggestions? ASUS P5E3 Deluxe WiFi Intel Core 2 Quad CPU Q9300 2.5 Ghz L2 Cache 6 MB. Socket LGA 775 might get crossfired XFX ATI Radeon HD 5770 HD-577X-ZNFC also I have seen SATA items that are SATA 3 or something. Will those things work with this old mobo? Redog
  10. I think it's fixed. Removed all ATi stuff. Used Driver Sweeper to clean all ATi registry entries. Then I installed the drivers only from Mfg Disc and not the CCC and Hydravision. Next I updated my Bios and finally installed the updated driver only. Took all day to download Anti-Virus since I am at the end of my billing cycle I am throttled back to dial-up speeds.So far it seems to be OK.
  11. Thats the last one I installed, and it gives me the failure pop up you see in the first post. 49.5 Mb You want me to uninstall driver in device manager and then install this same package of drivers again?
  12. Thats what this is. It's where the latest came from. Remember, I had first picked it up through the windows update but after the BSOD crap I went in to SAFE MODE and removed the driver.I then went to ATi and downloaded the driver package "AMD Catalyst Accelerated Parallel Processing Technology Edition". It was 49 Mb and I also went and installed Net Framework and all its updates. I was thinking about removing the driver again and picking driver only instead of the package but DANG IT, why? I have another hard drive I just installed Windows 7 on and none of the ASUS Motherboard Utilities works. What a sham. Another thing is, on the ATi forums, someone had similar issues and they ran a program called GACview or something and it showed all these registry or some kind of entries that he removed and claims he's up and running.I have similar entries but not the same and don't know if I should try it.
  13. Hello all. I have a home built that has given me very little problems until now. A few weeks ago, Windows Update popped up in the task bar notifying me of updates.I almost always choose custom and saw the ATi 3800 series in the results so I added that to the update list to install. Ever since then the monitor will go black and reboot while the computer stays running or the computer will reboot.This happens when doing photo editing and certain downloads.It rebooted while doing a search for a file in the computer yet I can copy media. So, some things cause the computer to reboot and some cause the monitor to go black and restart. A week or so later I was getting pop ups from Avast saying my version was about to expire.A few days later I decided to look at it closer and decided to purchase a special they had going to cover three computers for x amount of dollars.All hell broke loose then.The computer reboots all on it's own.Removed Avast and downloaded AVG 2011 and at first it seemed OK but then I tried some photo editing and a download and the same thing happens.Computer will freeze up then reboot. It went downhill from there.At one point I had the BSOD flashing by real fast at every reboot.Finally I went SAFE Mode and ended up uninstalling display driver from device manager. Loaded the Radeon/Catalyst install disc, installed driver then tried to install the latest ATi update labeled: AMD Catalyst Accelerated Parallel Processing Technology Edition 49 Mb While installing components, I get a pop up that says, Application Install: install package failure! Posted at the ATi Forum but I get no replies.I am without antivirus because the computer will not function, it just reboots with it installed and operating and I have to be careful what I do or the thing will freeze and reboot. What am I doing wrong? Why is this so difficult? Why does two of the new Anti Virus's cause this thing to shut down and reboot? ASUS P5E3 Deluxe, E6850 Core 2 Duo, Corsair RAM, SATA Seagate HD 500Gb and this ATi Radeon HD 3850 GPU Thanks in advance for any helpful replies Redog