uTalk

Official forum for Utopia Community

You are not logged in.

#1 2021-03-02 07:35:44

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Iexplore.exe Virus Help

Hey there, I have a virus situation, it seems I've been infected with a virus that disguises as iexplore.exe; it shows multiple times on my task manager and I can't kill it, it just keeps coming back over and over. I got this a few days ago so I've been searching for a solution and I've tried various different methods I found through out the internet, but it seems that the problem is still there. I also noticed that a lot of these situations from people I read on different forums have different issues and they got personalized help to solve this problem, so I decided to ask for professional help to see if I get rid of this issue.
The Methods I used were: Malwarebytes, Hitman Pro, AVG Anti-Virus, MS Security Essentials, and some Registry scans. Some of them managed to clean my PC a little more, but it didn't solve the problem.
I would appreciate any kind of help, I haven't had a virus for a long time and it really bothers me the fact that I have one now, Please help.

Offline

#2 2021-03-02 07:57:02

lolapolooza
Member
Registered: 2021-01-11
Posts: 66

Re: Iexplore.exe Virus Help

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...l … ons.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Offline

#3 2021-03-09 09:50:29

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

Hey, thanks for the reply I hope that with your help we get the problem solved.
Anyway, I forgot to mention this on the previous post, apart from the iexplore.exe processes showing with about 46,500k each, there seems to be a problem with dwm.exe as well as it appears to be consuming approximately 67,000k+ which it didn't consume that before, I don't know if its related to the iexplore.exe issue, but I think it does cause it appeared to behave like that when the iexplore.exe problem emerged.
Also I will post the different logs I had from the various software I used from other forums. If it helps to fast up the pace of this, Thanks.

DDS Log with Attatchment

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 10.71.2
Run by CASZ at 15:17:29 on 2015-01-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8140.3630 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: AVG Internet Security 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: AVG Internet Security 2015 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files (x86)\JuegosLevelUp\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Windows\System32\regsvr32.exe
C:\Windows\SysWOW64\regsvr32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Bruteforce Save Data\BruteforceSaveData.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
mSearch Page = www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uProxyServer = hxxp=127.0.0.1:8555;https=127.0.0.1:8555
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Imcxsoft] regsvr32.exe C:\Users\CASZ\AppData\Local\Imcxsoft\LibcrtKit32.dll
uRun: [EPSON NX125 NX127 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGGA.EXE /FU "C:\Windows\TEMP\E_S5A5F.tmp" /EF "HKCU"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\CASZ\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SYSTWE~1\NOVABA~1.LNK - C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SYSTWE~1\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: 4game.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: google-analytics.com
Trusted Zone: novastor.com
Trusted Zone: novastor.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {12193C65-F0E1-4DD1-AD4E-DB73C6911011} - file:///E:/activeX/DCP.cab
DPF: {7191F0AC-D686-46A8-BFCC-EA61778C74DD} - hxxps://la.mydlink.com/8D/activeX//DCS-93x/aplugLiteDL.cab
TCP: NameServer = 10.213.4.14 10.213.1.11
TCP: Interfaces\{0A56AFA7-2FFD-43B9-A3E7-137BA6623546} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{732EF926-EB8B-42F8-AE77-2C3F8D8A5ACC} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{8F9BD33E-C441-4F8A-8ED2-B1AB11ECAD95} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{9460A5EF-DCB1-44F1-891B-3FE12E1C00F8} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86} : DHCPNameServer = 10.213.4.14 10.213.1.11
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\34F40594B40234C69656E6475637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D403637303 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D407239773F5548545 : DHCPNameServer = 192.168.1.254 0.0.0.0
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D423939333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D4533434835423 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D4542303631373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ADCA6528-C351-4285-AF74-268745990D86}\94E46494E4944555D454831353 : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mSearch Page = www.google.com
x64-mDefault_Page_URL = www.google.com
x64-mDefault_Search_URL = www.google.com
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: WB - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 192.95.55.229 www.google-analytics.com.
Hosts: 192.95.55.229 google-analytics.com.
Hosts: 192.95.55.229 connect.facebook.net.
Hosts: 95.141.32.66 www.google-analytics.com.
Hosts: 95.141.32.66 google-analytics.com.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\CASZ\AppData\Roaming\Mozilla\Firefox\Profiles\6umba1y0.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
FF - ExtSQL: !HIDDEN! 1970-05-28 22:26; {C7E010A3-B924-DD24-96FD-0B2E450F4D81}; -
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2013-1-15 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2013-1-15 912504]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-12-8 260888]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-1-16 50976]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [2011-6-12 953904]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-16 283200]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20101201.001\IDSviA64.sys [2011-6-12 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2013-1-15 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2013-1-15 386168]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-3-6 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-6-12 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2013-7-9 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2013-7-9 128512]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
R2 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2013-1-14 9216]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\JuegosLevelUp\Hi-Rez Studios\HiPatchService.exe [2014-11-25 9216]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-1-26 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-12 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-1-2 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-2 969016]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2013-1-15 130008]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-31 125584]
R2 nsService;NovaStor NovaBACKUP Backup/Copy Engine;C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe [2011-11-11 371856]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-10-26 39568]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-12-15 1141848]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-4-17 105448]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-12 2656280]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-8-3 40432]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-6-12 132656]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-3-30 450520]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-8-9 12289472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-1-2 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-1-2 129752]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2013-8-12 107912]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2013-8-12 226696]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2014-1-7 359128]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-10 849992]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-16 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
S2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-9-23 108032]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Backup Client Agent Service;Backup Client Agent Service;C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\ManagementServer.Agent.Service.exe [2011-11-8 217600]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-6-12 344616]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-6-12 39464]
S3 GamesAppService;GamesAppService;"C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" --> C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [?]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-1-2 63704]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-9-17 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-14 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-01-03 20:30:17 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E97285C1-A7D8-44BA-989A-9BF7BCA4D5B4}\offreg.dll
2015-01-03 20:30:04 -------- d-----w- C:\FRST
2015-01-03 19:32:33 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E97285C1-A7D8-44BA-989A-9BF7BCA4D5B4}\mpengine.dll
2015-01-03 19:26:31 -------- d-----w- C:\ProgramData\HitmanPro
2015-01-03 19:05:37 -------- d-----w- C:\AdwCleaner
2015-01-03 07:32:32 -------- d-----w- C:\Windows\pss
2015-01-03 03:03:50 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-03 03:02:31 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-01-03 03:02:31 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-01-03 03:02:31 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-01-03 03:02:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-03 02:00:53 -------- d-----w- C:\Users\CASZ\AppData\Roaming\AVG2015
2015-01-03 01:54:41 -------- d--h--w- C:\$AVG
2015-01-03 01:54:41 -------- d-----w- C:\ProgramData\AVG2015
2015-01-03 01:52:41 -------- d-----w- C:\Program Files (x86)\AVG
2015-01-03 01:49:03 -------- d-----w- C:\Users\CASZ\AppData\Local\MFAData
2015-01-03 01:49:03 -------- d-----w- C:\Users\CASZ\AppData\Local\Avg2015
2015-01-03 01:49:03 -------- d-----w- C:\ProgramData\MFAData
2015-01-03 00:15:14 -------- d-----w- C:\Users\CASZ\AppData\Local\Imcxsoft
2015-01-03 00:13:09 -------- d-sh--w- C:\Users\CASZ\AppData\Local\EmieBrowserModeList
2015-01-03 00:13:04 -------- d-----w- C:\Users\CASZ\AppData\Local\Ihmjsoft
2015-01-02 17:17:11 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8931C16A-A520-4C68-89AF-2A568BE7F0D6}\gapaengine.dll
2015-01-02 17:15:38 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-02 01:58:39 -------- d-----w- C:\ProgramData\amfpanleeekjndiijbaehciilmkjeipb
2014-12-18 16:09:08 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 16:09:08 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-12-16 06:45:27 -------- d-----w- C:\Users\CASZ\AppData\Local\{646D5578-C680-484E-A1AA-118F54C1467F}
2014-12-15 16:43:58 -------- d-----w- C:\Users\CASZ\AppData\Roaming\RealNetworks
2014-12-15 16:43:52 -------- d-----w- C:\ProgramData\Package Cache
2014-12-15 16:43:08 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2014-12-15 16:42:34 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-12-15 16:42:34 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-12-11 05:49:11 -------- d-----w- C:\Windows\System32\appraiser
2014-12-11 05:21:31 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-11 05:21:29 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 19:26:59 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-12-10 19:24:01 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-12-10 19:24:01 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-12-10 19:23:56 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-12-10 19:23:56 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-12-10 19:23:56 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-12-10 19:23:55 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-10 19:23:55 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-12-10 19:23:55 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 19:23:55 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-12-10 19:23:55 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 19:23:55 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-12-10 19:23:55 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-12-10 19:23:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-12-10 19:23:52 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-12-10 02:01:59 -------- d-----w- C:\Program Files (x86)\Ultra Street Fighter IV
2014-12-09 05:33:47 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2014-12-09 05:20:17 -------- d-----w- C:\Program Files (x86)\Capcom
2014-12-09 03:24:26 260888 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
.
==================== Find3M ====================
.
2014-12-17 03:49:14 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-17 03:49:13 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-19 10:31:16 1217192 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-19 03:42:04 203544 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-11-18 01:27:29 1648 ----a-w- C:\Windows\System32\ASOROSet.bin
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-20 15:40:47 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-12 17:12:26 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-10 21:14:32 274200 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-06 02:41:40 124184 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 15:19:01.48 ===============

Offline

#4 2021-03-09 09:52:24

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

Malwarebytes Log 1 Part 1
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1/2/2015
Scan Time: 9:06:17 PM
Logfile:
Administrator: No

Version: 2.00.4.1028
Malware Database: v2015.01.03.01
Rootkit Database: v2014.12.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CASZ

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 480991
Time Elapsed: 3 hr, 25 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 1
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, Delete-on-Reboot, [ce2f975b3059b482076cb2b2768ded13],

Registry Keys: 46
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
PUP.Optional.SupTab.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [55a846ac19700f27b9cc944f36cca25e],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, Quarantined, [a15c72806a1f6fc729d9da252ed3926e],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [ee0fea080a7f201620b8be0922e2936d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, Quarantined, [04f924cec7c254e2200f80fce91ad729],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, Quarantined, [ad502bc72762f640c53c92d7b74cb848],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Quarantined, [da238270e5a449edd3317cfb768d5aa6],
PUP.Optional.FTDownloader.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbffdhejhaoiflnpooogkckfdcmmjppn, Quarantined, [c7364ea44b3eb28416335c09f11207f9],
PUP.Optional.ExtendedProtection.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ogfjmhfnldnajmfaofeiaepghjenbgjo, Quarantined, [cc31e909bdcca690e24870f510f3a25e],
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}, Quarantined, [7e7fdb171277092d441452303fc48d73],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, Quarantined, [5da0a54d4346a2946f6389edf01315eb],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [ec11db1798f1a096ec17a8cfd52e4fb1],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\Advanced-System Protector, Quarantined, [96670de512779d99affe34422fd4768a],
PUP.Optional.DeltaFix.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fc67e7a0, Quarantined, [df1e16dc94f5ae88640e174d966d2ad6],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, Quarantined, [a459886a29605cda07b1fe6a9a69bd43],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [2fce3cb6ccbdc6709b8d71fb1de6a759],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, Quarantined, [1ce117dbf49524124f50541159aaa45c],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [ba431dd591f8ad89387b0375679cb64a],
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced-System Protector, Quarantined, [53aa3db5f792af878c224c2a54af4eb2],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{8B906AF1-C9E5-493C-9B36-8E1CBAE28522}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9A71EC22-9AAE-421E-98BC-59E12779D611}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{B6E5186F-181F-48C2-A8C0-9191A1707AEA}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8B906AF1-C9E5-493C-9B36-8E1CBAE28522}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9A71EC22-9AAE-421E-98BC-59E12779D611}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B6E5186F-181F-48C2-A8C0-9191A1707AEA}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D37BD00-E9FD-40D1-80E7-1795E510ECAA}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{77858244-d98f-433c-8358-4d677b1c095c}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P77858244_d98f_433c_8358_4d677b1c095c_.P77858244_d98f_433c_8358_4d677b1c095c_, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P77858244_d98f_433c_8358_4d677b1c095c_.P77858244_d98f_433c_8358_4d677b1c095c_.9, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P77858244_d98f_433c_8358_4d677b1c095c_.P77858244_d98f_433c_8358_4d677b1c095c_, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P77858244_d98f_433c_8358_4d677b1c095c_.P77858244_d98f_433c_8358_4d677b1c095c_.9, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{77858244-D98F-433C-8358-4D677B1C095C}, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{77858244-D98F-433C-8358-4D677B1C095C}\INPROCSERVER32, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],

Registry Values: 3
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, Quarantined, [fffe5999f69379bd9e79412ac14258a8]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, Quarantined, [5da0a54d4346a2946f6389edf01315eb]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, exp, Quarantined, [ec11db1798f1a096ec17a8cfd52e4fb1]

Registry Data: 14
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com/?type=...),Replaced,[1edf00f2c9c041f589a5fa803dc8c040]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?t...5 … archTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?t...),Replaced,[ba433bb7761387af4a2f2e4c1aebc43c]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=...),Replaced,[02fbe50d49403006c9af98e2ed1817e9]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=...),Replaced,[a558539f038663d39779acdce0259868]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?t...5 … archTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?t...),Replaced,[f30a4da5c8c11422ef8bb7c334d1c53b]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[59a40ee4fc8df046d97ebbcb7d8832ce]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.mystartsearch.com/?type=...),Replaced,[25d8935f226787afc06ea2d859ac57a9]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?t...5 … archTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?t...),Replaced,[8d70c1319aef5adc4b2ee19937ce9d63]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=...),Replaced,[5da046ac3158d660cdabaad0a065857b]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=...),Replaced,[42bb43afb3d660d60f013751966f6997]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?t...5 … archTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?t...),Replaced,[ba43d2203e4b48ee4139f486b1541be5]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[1edf648eb8d187afff58c4c25baa9868]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=...H … N9GH4NN9GX, Good: (www.google.com), Bad: (http://www.mystartsearch.com/?type=...),Replaced,[59a4f8faa6e3bd793546f68445c03cc4]
PUP.Optional.Delta.A, HKU\S-1-5-21-1331771087-30956632-3492572574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?...G … archTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?...),Replaced,[7f7e19d9f89155e148117b0cab5a0af6]

Folders: 54
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix, Delete-on-Reboot, [ce2f975b3059b482076cb2b2768ded13],
PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector, Quarantined, [f30a866cd6b34fe7f7a98fe841c2aa56],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Temp, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Quarantined, [45b827cb29606fc77d4a98a957acf30d],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [45b827cb29606fc77d4a98a957acf30d],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Users\CASZ\AppData\Roaming\SupTab, Quarantined, [0bf27280c4c50b2b2c0562e833d01fe1],
PUP.Optional.DownTango.A, C:\Program Files (x86)\Red Sky\DownTango, Quarantined, [f40934bee5a40432e8c684c918eb0cf4],
PUP.Optional.DownTango.A, C:\Users\CASZ\AppData\Local\DownTango, Quarantined, [af4e03ef7019c472cfe0e469b84b7f81],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, Quarantined, [7a83876b99f0b97dd3974906f11235cb],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, Quarantined, [7a83876b99f0b97dd3974906f11235cb],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, Quarantined, [7a83876b99f0b97dd3974906f11235cb],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector, Quarantined, [25d8dd15494070c6adbdf05f32d17789],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Backup, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\native, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.EzDownloader.A, C:\Users\CASZ\AppData\Roaming\EZDownloader, Quarantined, [07f6c62c2e5be74f90ae273a20e321df],
PUP.Optional.EzDownloader.A, C:\Users\CASZ\AppData\Roaming\EZDownloader\Errors, Quarantined, [07f6c62c2e5be74f90ae273a20e321df],

Files: 234
Trojan.Agent, C:\Program Files (x86)\Missing e\Missing e.exe, Quarantined, [a15c72806a1f6fc729d9da252ed3926e],
Trojan.Agent, C:\Program Files (x86)\youtubeadblocker\1mEC5ewRmizzkW.exe, Quarantined, [f607718156335fd7bb479b647f8257a9],
PUP.Optional.SearchProtect, C:\Program Files (x86)\SupTab\Loader64.exe, Quarantined, [9f5e16dc5138c175f78d6c7923de7c84],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, Quarantined, [e518bd3559301b1bad90b1f5ce33e818],
Trojan.Agent, C:\$Recycle.Bin\S-1-5-21-1331771087-30956632-3492572574-1000\$RAWH47V\unisaless.exe, Quarantined, [6a93ec06513877bfdd25fe01867b8e72],
PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\sasnative64.exe, Quarantined, [6c916e84a0e95bdbf07a10ad867bfb05],
PUP.Optional.OpenCandy, C:\Users\CASZ\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.14.exe, Quarantined, [45b872803c4d78beffd50a23649d5fa1],
Trojan.Agent, C:\Users\CASZ\AppData\Local\Temp\tmpC3A4.tmp, Quarantined, [31cc62907514b87ec2d038ca40c244bc],
PUP.Optional.MyPCBackup.A, C:\Users\CASZ\AppData\Local\Temp\BackupSetup.exe, Quarantined, [b24be80a0287f73f81ce1fc608f92bd5],
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, Delete-on-Reboot, [ce2f975b3059b482076cb2b2768ded13],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx, Quarantined, [1fde0ee4b2d7bf7750db85e09b68e21e],
PUP.Optional.MyStartSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml, Quarantined, [eb1291618bfe72c4c13e92d6dc276799],
PUP.Optional.Conduit.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage, Quarantined, [eb1224ceaddc85b1cde0155fab58a45c],
PUP.Optional.Conduit.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal, Quarantined, [ea13dc16e8a167cf624bcca826dddd23],
PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\Tasks\Advanced-System Protector_startup, Quarantined, [807d16dc5a2f79bd26f5d2a5ec17e61a],
PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Uninstall Advanced-System Protector.lnk, Quarantined, [f30a866cd6b34fe7f7a98fe841c2aa56],
PUP.Optional.AdvancedSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector\Advanced-System Protector.lnk, Quarantined, [f30a866cd6b34fe7f7a98fe841c2aa56],
PUP.Optional.AdvancedSystemProtector, C:\Users\Public\Desktop\Advanced-System Protector.lnk, Quarantined, [d4294aa84148b77f564bf78058ab8e72],
PUP.Optional.RegCleanerPro, C:\Windows\System32\Tasks\RegClean Pro, Quarantined, [03fa3eb44b3e5adc10affd7c0af958a8],
PUP.Optional.ContinueToSave.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage, Quarantined, [b449faf8a0e974c22a002a5215eecc34],
PUP.Optional.ContinueToSave.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal, Quarantined, [7c81e70b5c2d6bcbfa307a02bd46db25],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe.config, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AppResource.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\asp.ico, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\AspManager.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\aspsys.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\ASPUninstall.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\categories.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Chinese_asp_ZH-CN.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Chinese_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\traditionalcn_uninst_zh-tw.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Turkish_uninst_tr.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.dat, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unins000.msg, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\unrar.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Compression.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Compression.Formats.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.FileSystem.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Xceed.Zip.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],

Offline

#5 2021-03-09 10:08:11

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

Malwarebytes Log 1 Part 2

PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\french_asp_FR.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\French_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\german_asp_DE.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\German_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\greek_uninst_el.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Interop.IWshRuntimeLibrary.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\italian_asp_IT.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Italian_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Communication.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\danish_asp_DA.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Danish_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\dutch_asp_NL.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Dutch_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\eng_asp_en.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\eng_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\filetypehelper.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Finnish_asp_FI.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Finnish_uninst_fi.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\russian_asp_ru.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\russian_uninst_ru.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\scandll.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\spanish_asp_ES.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\spanish_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\swedish_asp_SV.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\swedish_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\System.Core.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\System.Data.SQLite.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\japanese_asp_JA.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Japanese_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\korean_uninst_ko.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\loading_withWhiteBG.avi, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Microsoft.Win32.TaskScheduler.DLL, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\norwegian_asp_NO.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Norwegian_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\polish_uninst_pl.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\portugese_uninst_pt.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\portuguese_asp_PT-BR.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Portuguese_uninst.ini, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\Register Advanced-System Protector.lnk, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\TPS.ico, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\clamscan.exe, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\libclamav.dll, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\ASP\clamunpack\readme.txt, Quarantined, [c538aa48fb8edb5b2139f2ec9c68cb35],
PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\1mEC5ewRmizzkW.dat, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\1mEC5ewRmizzkW.exe, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\1mEC5ewRmizzkW.tlb, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\1mEC5ewRmizzkW.x64.dll, Quarantined, [cd30c82a4f3aa98da9b68ba3ea19c63a],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Quarantined, [c03dd919e4a5c86e35fbbf8bf112649c],
PUP.Optional.DownTango.A, C:\Program Files (x86)\Red Sky\DownTango\libeay32.dll, Quarantined, [f40934bee5a40432e8c684c918eb0cf4],
PUP.Optional.DownTango.A, C:\Program Files (x86)\Red Sky\DownTango\ssleay32.dll, Quarantined, [f40934bee5a40432e8c684c918eb0cf4],
PUP.Optional.DownTango.A, C:\Users\CASZ\AppData\Local\DownTango\application.log, Quarantined, [af4e03ef7019c472cfe0e469b84b7f81],
PUP.Optional.DownTango.A, C:\Users\CASZ\AppData\Local\DownTango\config.db, Quarantined, [af4e03ef7019c472cfe0e469b84b7f81],
PUP.Optional.DownTango.A, C:\Users\CASZ\AppData\Local\DownTango\corefiles.db, Quarantined, [af4e03ef7019c472cfe0e469b84b7f81],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\aspsetup_update.exe, Quarantined, [7a83876b99f0b97dd3974906f11235cb],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\AddonSafelist, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\laststatus.lic, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\log.xslt, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\status.lic, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\completedatabase.db, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\Cookies.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\DigSign.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\FilePathFIX.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\FilePaths.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\FileSignature.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\Folders.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\Md5.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\Registry.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\SetupSign.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\signatures\StrSetupSign.bin, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\100oupdate.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\1997completedatabase.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2060mupdate.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2061update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2062update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2063update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2064update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2065update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2066update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2067update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2068update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2069update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2070update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2071update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2072update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2073update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2074update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2075update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2076update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2077update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2078update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2079update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2080update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2081update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2082update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2083update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced-System Protector\updates\2084update.zip, Quarantined, [d627fef4a7e2ac8aaebc202fdf24629e],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\ASPLog.txt, Quarantined, [25d8dd15494070c6adbdf05f32d17789],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\QDetail.db, Quarantined, [25d8dd15494070c6adbdf05f32d17789],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\Settings.db, Quarantined, [25d8dd15494070c6adbdf05f32d17789],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\Update.ini, Quarantined, [25d8dd15494070c6adbdf05f32d17789],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\ASPLog.txt, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\QDetail.db, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Settings.db, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Update.ini, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_01-01-15_06-21-01.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_02-01-15_03-52-09.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_17-12-14_02-39-19.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_21-12-14_11-41-46.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_22-12-14_08-06-48.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_23-12-14_06-54-53.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_24-12-14_04-03-31.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_25-12-14_05-49-09.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_25-12-14_11-34-53.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_26-12-14_03-45-26.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_27-12-14_04-20-17.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_28-12-14_05-00-13.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\log_31-12-14_06-59-34.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Logs\SMLog.xml, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\native\nativeapp.out, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\pup.optional-nz._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\pup.optional-snk._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\pup.optional-wsas._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\pup.optional._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\Restricted Settings._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced-System Protector\Quarantine\trojan.agent._qt_, Quarantined, [5ca16f8397f26dc9aebc68e7669d738d],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\background.html, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\background.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\data.json, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\icon128.png, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\inject.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\jquery.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\manifest.json, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\xa.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_0\xagainit.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\background.html, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\background.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\data.json, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\icon128.png, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\inject.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\jquery.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\manifest.json, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\xa.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.ExtendedProtection.A, C:\Users\CASZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\1.4.1_1\xagainit.js, Quarantined, [9f5e8b673356da5ca3d30d500bf8e51b],
PUP.Optional.QuickStart.A, C:\Users\CASZ\AppData\Roaming\Mozilla\Firefox\Profiles\6umba1y0.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Replaced,[bc41787a8affb87e6d6d209e21e4cc34]

Physical Sectors: 0
(No malicious items detected)


(end)

Offline

#6 2021-03-09 12:45:48

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

Malwarebytes Log 2

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/3/2015
Scan Time: 11:58:31 AM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.03.07
Rootkit Database: v2014.12.30.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CASZ

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 477855
Time Elapsed: 40 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, Quarantined, [61a2e310345536007e5fda750102d62a],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, Quarantined, [61a2e310345536007e5fda750102d62a],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, Quarantined, [61a2e310345536007e5fda750102d62a],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector, Quarantined, [20e3d41f52374fe7e7f6b699b44f38c8],

Files: 4
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\ASPLog.txt, Quarantined, [20e3d41f52374fe7e7f6b699b44f38c8],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\QDetail.db, Quarantined, [20e3d41f52374fe7e7f6b699b44f38c8],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\Settings.db, Quarantined, [20e3d41f52374fe7e7f6b699b44f38c8],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\CASZ\AppData\Roaming\systweak\Advanced System Protector\Update.ini, Quarantined, [20e3d41f52374fe7e7f6b699b44f38c8],

Physical Sectors: 0
(No malicious items detected)


(end)

Offline

#7 2021-03-09 12:52:24

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

Malwarebytes Hyper Scan 1

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/3/2015
Scan Time: 2:40:27 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.03.10
Rootkit Database: v2014.12.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CASZ

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 404011
Time Elapsed: 28 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Offline

#8 2021-03-09 13:10:37

HanBaoCinch
Member
Registered: 2021-01-11
Posts: 93

Re: Iexplore.exe Virus Help

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 1/12/2013 10:41:27 PM
System Uptime: 1/3/2015 1:12:19 PM (2 hours ago)
.
Motherboard: Hewlett-Packard | | 165A
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU1 | 2001/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 350.998 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.602 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Hotspot Shield Routing Driver 6
Device ID: ROOT\LEGACY_HSSDRV6\0000
Manufacturer:
Name: Hotspot Shield Routing Driver 6
PNP Device ID: ROOT\LEGACY_HSSDRV6\0000
Service: HssDRV6
.
==== System Restore Points ===================
.
RP426: 12/22/2014 10:53:52 AM - Windows Update
RP427: 12/25/2014 1:31:28 PM - Windows Update
RP428: 12/31/2014 2:43:35 PM - Windows Update
RP429: 1/2/2015 4:11:43 PM - Advanced-System Protector
RP430: 1/2/2015 7:51:33 PM - Installed AVG 2015
RP431: 1/2/2015 7:53:26 PM - Installed AVG 2015
RP432: 1/3/2015 1:52:33 PM - Checkpoint by HitmanPro
RP433: 1/3/2015 2:19:31 PM - Checkpoint by HitmanPro
.
==== Hosts File Hijack ======================
.
Hosts: 192.95.55.229 www.google-analytics.com.
Hosts: 192.95.55.229 google-analytics.com.
Hosts: 192.95.55.229 connect.facebook.net.
Hosts: 95.141.32.66 www.google-analytics.com.
Hosts: 95.141.32.66 google-analytics.com.
Hosts: 95.141.32.66 connect.facebook.net.
Hosts: 85.25.107.101 www.google-analytics.com.
Hosts: 85.25.107.101 google-analytics.com.
Hosts: 85.25.107.101 connect.facebook.net.
.
==== Installed Programs ======================
.
Abogados - MF
ActiveCheck component for HP Active Support Library
Administrador de Despachos Jurídicos
Adobe After Effects CS5.5
Adobe AIR
Adobe Community Help
Adobe Flash Player 15 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Media Player
Adobe Photoshop CS5
Adobe Premiere Pro CS5.5
Adobe Reader X (10.1.13) MUI
Adobe Shockwave Player 11.5
Adobe Story
Advanced Archive Password Recovery
Advanced System Optimizer
Agatha Christie - Peril at End House
Anime Studio Pro 9.2
Anime Studio Pro 9.2 (x86)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
AuthenTec TrueAPI
AVG 2015
Bejeweled 2 Deluxe
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Broadcom 2070 Bluetooth 3.0
Bruteforce Save Data
Build-a-lot 2
Cake Mania
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Company of Heroes
Company of Heroes 2
CyberLink YouCam
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
DomDomSoft Manga Downloader (remove only)
Dora's World Adventure
Empire Earth II
Empire Earth II Gold Edition
Energy Star Digital Logo
Epson Event Manager
EPSON NX100 Series Printer Uninstall
EPSON NX125 NX127 Series Printer Uninstall
EPSON Scan
EPSON TX300F Series Printer Uninstall
EssentialPIM
ESU for Microsoft Windows 7
Evernote v. 4.2.2
FaceGen Modeller 3.5 Free
Farm Frenzy
FATE - The Traitor Soul
Female Voice Pack
Freemake Video Converter version 4.1.4
Freemake Video Downloader
Google Chrome
Google Earth
Google Update Helper
Guitar Pro 6
Happy Cloud Client
Hi-Rez Studios Authenticate and Update Service
HP 3D DriveGuard
HP Auto
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass 2011
HP Software Framework
HP Support Assistant
HPAsset component for HP Active Support Library
iCloud
IDT Audio
iMindMap 6
Intel PROSet Wireless
Intel(R) Display Audio Driver
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
iTunes
Java 7 Update 67 (64-bit)
Java 7 Update 71
Java Auto Updater
Junk Mail filter update
Jurassic Park Operation Genesis
Jurisprudencia y Tesis Aisladas IUS (Junio 1917 - Diciembre 2012) ver.USB
Knights of the Force 2.0
League of Legends
Mah Jong Medley
Malwarebytes Anti-Malware version 2.0.4.1028
Manga Studio
Masters of the World
Media Player Codec Pack 4.2.2
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
MKLOL
MorphVOX Pro
Mozilla Firefox 34.0.5 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Norton Internet Security
NovaBACKUP
PDF Settings CS5
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PowerISO
Project64 1.6
Práctico Jurídico Forense - 2011
PX Profile Update
QuickTime
Rainmeter
Razer Game Booster
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RealUpgrade 1.1
Recovery Manager
Renesas Electronics USB 3.0 Host Controller Driver
Replay Video Capture 6
RocketDock 1.3.5
RoxioNow Player
Samsung Universal Print Driver 2
SecondLifeViewer (remove only)
Security Task Manager 1.8g
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype™ 7.0
Slingo Supreme
Smite Level Up LATAM
Spotify
Star Wars Jedi Knight Jedi Academy
Steam
Synaptics Pointing Device Driver
TeamSpeak 3 Client
TuneUp Utilities Language Pack (en-US)
Ultra Street Fighter IV
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update Installer for WildTangent Games App
UpdateService
Validity WBF DDK
Video Downloader
Video Padlock
Virtual Villagers 4 - The Tree of Life
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
Vuze
WebM Project Directshow Filters
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR 4.20 (64-bit)
Xvid Video Codec
YouWave for Android
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
12/31/2014 6:26:18 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DDZM-TZ1 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{ADCA6528-C351-4285-AF74-268745990D86}. The master browser is stopping or an election is being forced.
1/3/2015 12:48:22 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Network Acceleration service to connect.
1/3/2015 12:08:15 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.191.1381.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.11302.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
1/3/2015 12:08:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/3/2015 11:52:47 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
1/3/2015 11:52:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/3/2015 11:52:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/3/2015 11:52:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/3/2015 11:52:29 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
1/3/2015 11:52:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/3/2015 11:52:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgdiska AVGIDSDriver Avgldx64 BHDrvx64 discache eeCtrl HssDRV6 IDSVia64 MpFilter SCDEmu spldr SRTSPX SymIRON SymNetS Wanarpv6
1/3/2015 11:52:11 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/3/2015 11:52:11 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
1/3/2015 11:52:06 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
1/3/2015 1:23:02 PM, Error: Service Control Manager [7034] - The Easybits Services for Windows service terminated unexpectedly. It has done this 1 time(s).
1/3/2015 1:16:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: HssDRV6
1/3/2015 1:15:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.
1/3/2015 1:15:06 PM, Error: Service Control Manager [7000] - The Freemake Improver service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/3/2015 1:11:34 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
1/3/2015 1:11:33 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
1/3/2015 1:11:18 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
1/2/2015 8:27:10 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
1/2/2015 8:19:28 PM, Error: Service Control Manager [7000] - The WinZiper service service failed to start due to the following error: Access is denied.
1/2/2015 8:00:55 PM, Error: Service Control Manager [7034] - The IePlugin Services service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

Offline

#9 2021-03-30 08:10:55

Ollester
Member
Registered: 2021-01-11
Posts: 64

Re: Iexplore.exe Virus Help

Please observe forum rules.
All logs have to be pasted not attached.
Paste Attach.txt log from DDS into your next reply.

redtarget.gif You're running three AV programs, MSE, AVG and Norton.
You have to uninstall TWO of them.
If AVG is one of them use AVG Remover: http://www.avg.com/us-en/utilities
If Norton is another one use this tool: http://www.majorgeeks.com/files/details … _tool.html

Offline

#10 2021-09-23 13:01:18

Makedonskiy
Member
Registered: 2020-11-20
Posts: 108

Re: Iexplore.exe Virus Help

I would reinstall the entire system again. It's safer this way.

Offline

Board footer

Powered by FluxBB