Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

pup keeps trying to run, website not found

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

pup keeps trying to run, website not found

Unread postby traveler25 » June 3rd, 2014, 4:20 pm

Had a pup file always trying to run and google chrome keeps saying could not connect to website, always having to reload. Running windows 8 64 bit. Have run regular scan with avast, malware bytes, spybot s&d, and adaware, but problem still persists.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Marcos at 14:52:52 on 2014-06-03
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7629.4537 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\dwm.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\system32\notepad.exe
C:\windows\system32\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\windows\system32\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
uRun: [Akamai NetSession Interface] "C:\Users\Marcos\AppData\Local\Akamai\netsession_win.exe"
uRun: [KGShareApp] C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe
uRun: [GoogleChromeAutoLaunch_C1BC9AC30E031DFD659FEA797D292C8F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Facebook Update] "C:\Users\Marcos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{BD0ACDBE-5308-44C1-B5B0-828EF630DD41} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DCB8EC84-A807-46C0-8EA4-6B01106F2302} : DHCPNameServer = 192.168.2.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} -
x64-Run: [etMonitor] C:\windows\etMon.exe
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Marcos\AppData\Roaming\Mozilla\Firefox\Profiles\bx31vswy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=AV01
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
FF - prefs.js: browser.search.selectedEngine - Microsoft (Bing)
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Marcos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Marcos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Marcos\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\Drivers\aswRvrt.sys [2014-2-3 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\Drivers\aswVmm.sys [2014-2-3 208416]
R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswsnx.sys [2014-2-3 1039096]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswsp.sys [2014-2-3 423240]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2013-8-7 92536]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2014-1-23 239616]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2014-2-3 79184]
R2 aswStm;aswStm;C:\windows\System32\Drivers\aswstm.sys [2014-2-3 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-4-22 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-19 2266296]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 176624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-12-7 202328]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-3-5 245832]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-5-19 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-5-19 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-5-19 171928]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-3-17 266240]
R3 DCamUSBET;ET USB 2710 Camera;C:\windows\System32\Drivers\etDevice64.sys [2007-7-23 527744]
R3 FiltUSBET;ET USB Device Lower Filter;C:\windows\System32\Drivers\etFilter64.sys [2007-6-14 281088]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUStor.sys [2013-3-1 259144]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-2-19 772680]
R3 ScanUSBET;ET USB Still Image Capture Device;C:\windows\System32\Drivers\etScan64.sys [2007-7-23 9216]
R3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-4-9 23552]
S2 aswHwid;avast! HardwareID;C:\windows\System32\Drivers\aswHwid.sys [2014-4-22 29208]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AmUStor;AM USB Stroage Driver;C:\windows\System32\Drivers\AmUStor.sys [2013-3-25 108312]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-03 10:51:41 -------- d-----w- C:\Program Files (x86)\Audacity
2014-05-31 18:28:52 -------- d-----w- C:\Program Files (x86)\Coupons
2014-05-31 11:45:54 -------- d-----w- C:\Users\Marcos\AppData\Local\Adobe
2014-05-29 11:53:45 3847168 ----a-w- C:\windows\System32\drivers\athw8x.sys
2014-05-28 16:37:51 -------- d-----w- C:\ProgramData\AMMYY
2014-05-27 01:57:07 -------- d-----w- C:\Users\Marcos\AppData\Local\Facebook
2014-05-24 20:06:31 -------- d-----w- C:\Users\Marcos\AppData\Local\Macromedia
2014-05-24 13:48:54 258224 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10240.bin
2014-05-20 12:20:40 -------- d-----w- C:\Program Files (x86)\FreeAlarmClock
2014-05-19 23:13:50 -------- d-----w- C:\FRST
2014-05-19 22:46:15 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 19:21:15 -------- d-----w- C:\Users\Marcos\AppData\Roaming\LavasoftStatistics
2014-05-19 17:39:18 -------- d-----w- C:\ProgramData\Search Protection
2014-05-19 17:39:16 -------- d-----w- C:\Users\Marcos\AppData\Local\adawarebp
2014-05-19 17:39:15 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2014-05-19 17:39:10 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2014-05-19 17:38:52 -------- d-----w- C:\Program Files (x86)\Lavasoft
2014-05-19 11:51:23 21040 ----a-w- C:\windows\System32\sdnclean64.exe
2014-05-19 11:51:21 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-05-19 11:51:13 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-18 22:13:54 827904 ----a-w- C:\windows\System32\kerberos.dll
2014-05-18 22:07:44 619008 ----a-w- C:\windows\System32\drivers\srv2.sys
2014-05-18 22:07:44 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-05-18 22:07:44 309760 ----a-w- C:\windows\System32\wusa.exe
2014-05-18 22:07:44 305152 ----a-w- C:\windows\SysWow64\wusa.exe
2014-05-17 20:35:51 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-05-17 20:35:10 91352 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-05-17 20:35:10 64216 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-05-17 20:35:10 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-05-17 20:35:10 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-17 20:35:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 18:59:41 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-05-17 18:59:41 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-05-16 20:58:23 20080 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-05-16 20:58:22 75376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-05-16 20:58:22 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-05-16 20:58:22 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2014-05-16 20:58:19 305264 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
2014-05-16 20:58:19 275568 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2014-05-16 20:58:19 117360 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2014-05-16 20:58:15 965232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-16 20:58:15 1266800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2014-05-16 20:58:15 10594416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
.
==================== Find3M ====================
.
2014-06-03 04:48:57 65536 ----a-w- C:\windows\System32\spu_storage.bin
2014-05-17 07:59:29 1039096 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-05-17 07:59:28 85328 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-05-06 03:37:50 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-05-06 03:26:53 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-05-01 20:37:50 694240 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-04-22 05:50:02 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-04-22 05:50:02 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-04-22 05:50:02 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-04-22 05:50:02 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-04-22 05:50:02 208416 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-04-22 05:50:01 43152 ----a-w- C:\windows\avastSS.scr
2014-04-19 09:39:36 628024 ----a-w- C:\windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 09:27:03 172888 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-04-12 09:07:36 20480 ----a-w- C:\windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\windows\System32\workerdd.dll
2014-03-28 19:19:38 35856 ----a-w- C:\windows\System32\drivers\WdBoot.sys
2014-03-28 08:23:00 1287168 ----a-w- C:\windows\System32\schedsvc.dll
2014-03-25 07:43:45 753873 ----a-w- C:\windows\unins000.exe
2014-03-23 22:11:52 269592 ----a-w- C:\windows\System32\drivers\WdFilter.sys
2014-03-11 03:32:43 6987096 ----a-w- C:\windows\System32\ntoskrnl.exe
2014-03-11 03:25:51 100184 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2014-03-11 00:41:55 323072 ----a-w- C:\windows\SysWow64\schannel.dll
2014-03-11 00:41:51 559104 ----a-w- C:\windows\SysWow64\objsel.dll
2014-03-11 00:41:24 38400 ----a-w- C:\windows\SysWow64\dimsroam.dll
2014-03-11 00:39:12 35840 ----a-w- C:\windows\System32\lsass.exe
2014-03-11 00:38:58 27648 ----a-w- C:\windows\System32\sspisrv.dll
2014-03-11 00:38:58 164864 ----a-w- C:\windows\System32\sspicli.dll
2014-03-11 00:38:53 419328 ----a-w- C:\windows\System32\schannel.dll
2014-03-11 00:38:47 684032 ----a-w- C:\windows\System32\objsel.dll
2014-03-11 00:38:31 982016 ----a-w- C:\windows\System32\KernelBase.dll
2014-03-11 00:38:23 45056 ----a-w- C:\windows\System32\dimsroam.dll
2014-03-11 00:38:23 179712 ----a-w- C:\windows\System32\dpapisrv.dll
2014-03-10 03:05:14 668160 ----a-w- C:\windows\SysWow64\KernelBase.dll
2014-03-10 01:27:03 99840 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-03-07 00:48:11 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-03-07 00:47:24 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-03-07 00:08:30 2240000 ----a-w- C:\windows\System32\wininet.dll
2014-03-07 00:08:27 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-03-07 00:08:06 3959808 ----a-w- C:\windows\System32\jscript9.dll
2014-03-05 22:54:47 2794056 ----a-w- C:\windows\System32\RtPgEx64.dll
2014-03-05 22:54:47 1662024 ----a-w- C:\windows\System32\RTSnMg64.cpl
2014-03-05 22:54:46 3760200 ----a-w- C:\windows\System32\RtkAPO64.dll
2014-03-05 22:54:46 3446872 ----a-w- C:\windows\System32\drivers\RTKVHD64.sys
2014-03-05 22:54:45 27600896 ----a-w- C:\windows\System32\RCoRes64.dat
2014-03-05 22:54:45 143576 ----a-w- C:\windows\System32\RCoInstII64.dll
2014-03-05 22:54:45 1003592 ----a-w- C:\windows\System32\RtkApi64.dll
2014-03-05 22:54:41 2735648 ----a-w- C:\windows\System32\FMAPO64.dll
2014-03-05 22:54:38 208072 ----a-w- C:\windows\System32\AERTAC64.dll
.
============= FINISH: 14:54:01.42 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/4/2013 2:20:11 PM
System Uptime: 6/1/2014 12:18:47 PM (50 hours ago)
.
Motherboard: Hewlett-Packard | | 2B05
Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics | CPU 1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 911 GiB total, 839.935 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.343 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP34: 5/16/2014 2:24:47 PM - Restore Operation
RP35: 5/19/2014 12:36:20 PM - AA11
RP36: 5/21/2014 11:12:13 AM - Removed Skype™ 6.16
RP38: 5/29/2014 1:10:52 AM - HPSF Restore Point
RP39: 5/29/2014 6:45:20 AM - HPSF Applying updates
RP40: 5/31/2014 5:07:45 AM - AA11
.
==== Installed Programs ======================
.
4 Elements II
7-Zip 9.22 (x64 edition)
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 12.1
Aeria Ignite
Airport Mania
Akamai NetSession Interface
Alcor Micro USB Card Reader Driver
AMD APP SDK Runtime
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Wireless Display v3.0
Audacity 2.0.5
avast! Free Antivirus
Azteca
Battlefield 1942™
Bejeweled 3
Belarc Advisor 8.4
Bonjour
Bounce Symphony
Brother MFL-Pro Suite MFC-J825DW
Build-a-lot
CamStudio OSS Desktop Recorder
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Coupon Printer for Windows
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
Curse at Twilight
Cyberlink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
D3DX10
Delicious: Emily's Childhood Memories Premium Edition
Dropbox
Energy Star
Ezvid
Facebook Video Calling 2.0.0.447
Farm Frenzy
Free Alarm Clock 3.1.0
Google Chrome
Google Earth
Google Update Helper
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.2.3
House of 1000 Doors: Family Secrets
HP Connected Music (Meridian - installer)
HP Connected Music (Meridian - player)
HP Customer Experience Enhancements
HP MyRoom
HP Postscript Converter
HP Quick Start
HP Registration Service
HP Support Assistant
HP Support Information
HPDetect
Jewel Match 3
Kaspersky Security Scan
King James Pure Bible Search 2.0
KODAK Share Button App
Last Chaos
Luxor Evolved
Mah Jong Medley
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
Microsoft Application Error Reporting
Microsoft Office 365 - en-us
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Movie Maker
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
Mystery P.I. - Curious Case of Counterfeit Cove
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Origin
Peggle Nights
Photo Common
Photo Gallery
Plants vs. Zombies - Game of the Year
Polar Bowler
Qualcomm Atheros Driver Installation Program
Realtek Card Reader
Realtek High Definition Audio Driver
Recovery Manager
Roads of Rome 3
Royal Envoy 2 Collector's Edition
Skype Click to Call
Skype™ 6.16
Spybot - Search & Destroy
swMSM
Tales of Lagoona
Unity Web Player
Update Installer for WildTangent Games App
Vacation Quest™ - Australia
WebEye
WildTangent Games
WildTangent Games App (HP Games)
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Youda Jewel Shop
ZD Soft Screen Recorder
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
6/3/2014 6:16:21 AM, Error: Service Control Manager [7000] - The avast! HardwareID service failed to start due to the following error: The specified procedure could not be found.
6/1/2014 12:18:51 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
5/30/2014 6:52:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
5/30/2014 10:18:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
5/27/2014 10:43:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the netprofm service.
5/27/2014 10:42:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinHttpAutoProxySvc service.
.
==== End Of File ===========================
traveler25
Active Member
 
Posts: 2
Joined: August 8th, 2009, 6:40 pm
Advertisement
Register to Remove

Re: pup keeps trying to run, website not found

Unread postby wannabeageek » June 6th, 2014, 12:45 am

Hello traveler25, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Step 1.
Remove Program(s)
  1. If you are at the Start screen, then Right-click in the screen's bottom-right corner. A circle with three lines in it with the text All Appswill pop up at the bottom of the screen. Left Click it and choose the Control Panel from the list of apps that will pop up. You will probably find it all the way to the right. You will probably need to use the scroll bar at the bottom of the screen to get to it. Once at the Control Panel continue the same way as you would if you came from the Desktop
  2. If you are at the Desktop then pull the mouse quickly to the right lower corner of the screen. The panel with a number of choices opens up. Click on settings and a list of Settings is shown. Select Control Panel.
  3. When the Control Panel appears, choose Programs and Features.
  4. Locate the following program:
    Coupon Printer for Windows
  5. Click it to choose it and then give the permission to go ahead if the computer asks for it.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
  6. When the program(s) have been uninstalled... Close Control Panel.



Step 2.
Please explain where you used FRST and post all logs in this folder
2014-05-19 23:13:50 -------- d-----w- C:\FRST
There should be at least 2 files: FRST.txt and Addition.txt



Please include in your next reply:
  1. Answer about FRST
  2. Contents of FRST.txt and any others
  3. Contents of Addtion.txt
  4. Any problem executing the instructions?
Thanks,
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: pup keeps trying to run, website not found

Unread postby traveler25 » June 7th, 2014, 3:02 pm

Okay, I have finally gotten a response after 3 weeks from another site. Thanks for your assistance and sorry to bother you. :shock:
traveler25
Active Member
 
Posts: 2
Joined: August 8th, 2009, 6:40 pm

Re: pup keeps trying to run, website not found

Unread postby wannabeageek » June 7th, 2014, 9:45 pm

Thank you for posting back about receiving help at another site. I will ask to have this thread closed.
wbg
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: pup keeps trying to run, website not found

Unread postby NonSuch » June 9th, 2014, 2:31 am

As this issue appears to have been resolved, this topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27305
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 71 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware