Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Popups, DLL files missing, and web browser ads.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 16th, 2015, 10:22 pm

The problem that I am having is as follows: Random pop ups, programs files missing (DLL Files), Tons of pop up ads, and I also just factory reset my computer to try and fix these problems but that didn't seem to help at all. My computer hasn't blue screened at all. The only DLL file that I know is missing is LIBEAY32.dll . I found this out because I was in the works of making a server for a game and the launcher wouldn't work and gave me the error code "The program can't start because LIBEAY32.dll is missing from your computer. Try reinstalling the program to fix this problem."


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16384
Run by Sweetestprawn at 21:09:36 on 2015-02-16
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3678.1577 [GMT -8:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Teco\TecoService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\dwm.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
C:\Program Files\Toshiba\Teco\TecoResident.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Echobit\Evolve\EvolveClient.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Users\Sweetestprawn\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Razer\Razer Cortex\main.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Echobit\Evolve\EvoSvc.exe
C:\Program Files\Echobit\Evolve\Drivers\EvolveTracker_32.exe
C:\Program Files\Echobit\Evolve\Drivers\EvolveTracker_64.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\Echobit\Evolve\EvolveUI.exe
C:\Program Files\Echobit\Evolve\EvolveUI.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\msiexec.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://toshiba13.msn.com
uWindow Title = Internet Explorer provided by TOSHIBA
uDefault_Page_URL = hxxp://toshiba13.msn.com
mStart Page = hxxp://toshiba13.msn.com
mWindow Title = Internet Explorer provided by TOSHIBA
mDefault_Page_URL = hxxp://toshiba13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
uRun: [GoogleChromeAutoLaunch_714305BA47F499101495CA421FB933EC] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\Users\SWEETE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\Sweetestprawn\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
TCP: Interfaces\{8BF9E506-C0C9-4CB2-BE86-F6FCE205BFAC} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://toshiba13.msn.com
x64-mWindow Title = Internet Explorer provided by TOSHIBA
x64-mDefault_Page_URL = hxxp://toshiba13.msn.com
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\System32\Drivers\NISx64\1405000.01C\symds64.sys [2015-2-15 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\NISx64\1405000.01C\symefa64.sys [2015-2-15 1139800]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2012-9-6 499096]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\Drivers\NISx64\1405000.01C\ccsetx64.sys [2015-2-15 169048]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\NISx64\1405000.01C\ironx64.sys [2015-2-15 224416]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-8-8 240640]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-1-20 2485608]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-9-6 2451456]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-1-14 417552]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-2-14 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-2-14 969016]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe [2015-2-15 144368]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-1-30 186560]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [2015-2-13 129168]
R2 rzpmgrk;rzpmgrk;C:\windows\System32\Drivers\rzpmgrk.sys [2015-2-13 37184]
R2 taisregispinger;taisregispinger;C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe [2012-8-18 2196120]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\Teco\TecoService.exe [2012-8-13 289192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-21 16768]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20150203.001\BHDrvx64.sys [2015-2-3 1622744]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-2-12 142640]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;C:\windows\System32\Drivers\evolve.sys [2015-2-13 21656]
R3 EvoSvc;Evolve Service;C:\Program Files\Echobit\Evolve\EvoSvc.exe [2015-2-13 1580416]
R3 FwLnk;FwLnk Driver;C:\windows\System32\Drivers\FwLnk.sys [2012-9-6 9216]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20150213.001\IDSviA64.sys [2015-2-13 669400]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2015-2-14 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\Drivers\MBAMSwissArmy.sys [2015-2-14 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\Drivers\mwac.sys [2015-2-14 64216]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2012-9-6 315536]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-9-6 683664]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1496720]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2015-2-14 433752]
R3 TMachInfo;TMachInfo;C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2012-7-28 458152]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-9-6 57000]
S0 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\NISx64\1405000.01C\symelam.sys [2015-2-15 23448]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1496720]
.
=============== Created Last 30 ================
.
2015-02-16 02:53:46 796760 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\srtsp64.sys
2015-02-16 02:53:46 493656 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\symds64.sys
2015-02-16 02:53:46 433752 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\symnets.sys
2015-02-16 02:53:46 36952 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\srtspx64.sys
2015-02-16 02:53:46 23448 ----a-r- C:\windows\System32\drivers\NISx64\1405000.01C\symelam.sys
2015-02-16 02:53:46 1139800 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\symefa64.sys
2015-02-16 02:53:45 224416 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\ironx64.sys
2015-02-16 02:53:45 169048 ----a-w- C:\windows\System32\drivers\NISx64\1405000.01C\ccsetx64.sys
2015-02-16 02:53:22 -------- d-----w- C:\windows\System32\drivers\NISx64\1405000.01C
2015-02-15 07:46:34 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-02-15 07:46:08 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-02-15 07:46:08 64216 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-02-15 07:46:08 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2015-02-15 07:46:07 -------- d-----w- C:\ProgramData\Malwarebytes
2015-02-15 07:46:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-15 07:31:30 -------- d-----w- C:\ProgramData\Logs
2015-02-15 07:31:25 19392 ----a-w- C:\windows\System32\roboot64.exe
2015-02-14 20:12:29 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Blizzard Entertainment
2015-02-14 19:25:33 796760 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\srtsp64.sys
2015-02-14 19:25:33 493656 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\symds64.sys
2015-02-14 19:25:33 433752 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\symnets.sys
2015-02-14 19:25:33 36952 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\srtspx64.sys
2015-02-14 19:25:33 23448 ----a-r- C:\windows\System32\drivers\NISx64\1404000.028\symelam.sys
2015-02-14 19:25:33 224416 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\ironx64.sys
2015-02-14 19:25:33 169048 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\ccsetx64.sys
2015-02-14 19:25:33 1139800 ----a-w- C:\windows\System32\drivers\NISx64\1404000.028\symefa64.sys
2015-02-14 19:25:13 -------- d-----w- C:\windows\System32\drivers\NISx64\1404000.028
2015-02-14 09:31:03 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\LogMeIn Hamachi
2015-02-14 09:31:03 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\LogMeIn
2015-02-14 09:31:03 -------- d-----w- C:\ProgramData\LogMeIn
2015-02-14 09:29:39 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2015-02-14 09:15:39 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2015-02-14 09:15:38 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2015-02-14 06:01:30 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2015-02-14 05:29:47 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2015-02-14 05:29:39 -------- d-----w- C:\Program Files (x86)\Steam
2015-02-14 05:28:17 2526056 ----a-w- C:\windows\System32\D3DCompiler_43.dll
2015-02-14 05:28:14 1907552 ----a-w- C:\windows\System32\d3dcsx_43.dll
2015-02-14 05:28:14 1868128 ----a-w- C:\windows\SysWow64\d3dcsx_43.dll
2015-02-14 05:28:10 276832 ----a-w- C:\windows\System32\d3dx11_43.dll
2015-02-14 05:28:10 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
2015-02-14 05:28:05 511328 ----a-w- C:\windows\System32\d3dx10_43.dll
2015-02-14 05:28:00 2401112 ----a-w- C:\windows\System32\D3DX9_43.dll
2015-02-14 05:27:54 81768 ----a-w- C:\windows\SysWow64\xinput1_3.dll
2015-02-14 05:27:54 107368 ----a-w- C:\windows\System32\xinput1_3.dll
2015-02-14 05:24:59 21656 ----a-w- C:\windows\System32\drivers\evolve.sys
2015-02-14 05:24:12 -------- d-----w- C:\Program Files\Echobit
2015-02-14 05:23:39 -------- d-----w- C:\ProgramData\Echobit
2015-02-14 05:23:27 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Echobit
2015-02-14 00:45:59 1890816 ----a-w- C:\windows\System32\crypt32.dll
2015-02-14 00:45:59 1569792 ----a-w- C:\windows\SysWow64\crypt32.dll
2015-02-14 00:35:48 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Skype
2015-02-14 00:35:04 -------- d-----r- C:\Program Files (x86)\Skype
2015-02-14 00:27:09 269992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-02-14 00:26:14 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\CrashDumps
2015-02-14 00:24:55 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Razer_Inc
2015-02-14 00:17:56 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Razer
2015-02-14 00:16:11 470880 ----a-w- C:\windows\SysWow64\d3dx10_43.dll
2015-02-14 00:16:11 1998168 ----a-w- C:\windows\SysWow64\D3DX9_43.dll
2015-02-14 00:15:12 37184 ----a-w- C:\windows\System32\drivers\rzpmgrk.sys
2015-02-14 00:13:11 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Programs
2015-02-14 00:05:07 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-02-14 00:04:57 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-02-12 23:02:33 -------- d-----w- C:\Users\Sweetestprawn\AppData\Roaming\GameRanger
2015-02-12 22:56:09 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2015-02-12 21:19:45 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2015-02-12 20:47:23 13 --sh--r- C:\windows\System32\drivers\fbd.sys
2015-02-12 20:31:05 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Google
2015-02-12 20:26:21 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Deployment
2015-02-12 20:26:21 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Apps
2015-02-12 20:23:21 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\ATI
2015-02-12 20:18:22 -------- d-sh--w- C:\$RECYCLE.BIN
2015-02-12 20:18:10 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\TOSHIBA
2015-02-12 20:17:31 -------- d-----r- C:\Users\Sweetestprawn\Searches
2015-02-12 20:17:30 -------- d-----r- C:\Users\Sweetestprawn\Contacts
2015-02-12 20:17:16 -------- d-----w- C:\Users\Sweetestprawn\AppData\Roaming\WinBatch
2015-02-12 20:15:12 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\VirtualStore
2015-02-12 20:14:01 -------- d-----w- C:\Users\Sweetestprawn\AppData\Local\Packages
2015-01-20 21:16:24 44296 ---ha-w- C:\windows\System32\drivers\Hamdrv.sys
.
==================== Find3M ====================
.
2015-02-14 19:25:47 177312 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 21:13:52.30 ===============








DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 2/12/2015 12:13:21 PM
System Uptime: 2/15/2015 12:39:34 AM (45 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: AMD E-300 APU with Radeon(tm) HD Graphics | Socket FT1 | 1300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 200.699 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 2/12/2015 2:54:01 PM - Windows Update
RP2: 2/13/2015 9:26:49 PM - Installed DirectX
RP3: 2/14/2015 11:41:06 PM - DLL-Files Fixer Sat, Feb 14, 15 23:41
.
==== Installed Programs ======================
.
Adobe Flash Player 16 NPAPI
Adobe Reader X (10.1.3)
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD VISION Engine Control Center
Bejeweled 3
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
D3DX10
Evolve
Farmscapes
FATE
GameRanger
Google Chrome
Google Update Helper
LogMeIn Hamachi
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft Application Error Reporting
Microsoft Office
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Norton Internet Security
Origin
Penguins!
Photo Common
Photo Gallery
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
Razer Cortex
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Skype™ 7.1
Steam
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Audio Enhancement
Toshiba Book Place
TOSHIBA Desktop Assist
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA Password Utility
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA User's Guide
TOSHIBA VIDEO PLAYER
TOSHIBARegistration
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Warcraft III
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 5.21 beta 2 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
2/16/2015 8:58:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} and APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} to the user Nightmare\Sweetestprawn SID (S-1-5-21-3280380806-90793125-3982338534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
2/15/2015 6:42:45 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 25.44.172.232. The computer with the IP address 25.32.2.96 did not allow the name to be claimed by this computer.
2/14/2015 11:26:38 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service has not been started.
2/14/2015 1:47:56 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer ZACKERY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{338B8CCB-9005-4591-A64E-5AB2C4CE5E89}. The master browser is stopping or an election is being forced.
2/14/2015 1:44:04 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
2/14/2015 1:30:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
2/14/2015 1:30:43 AM, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/14/2015 1:30:32 AM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2/13/2015 9:35:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/13/2015 9:35:40 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/12/2015 2:26:30 AM, Error: volmgr [46] - Crash dump initialization failed!
2/12/2015 12:23:48 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
.
==== End Of File ===========================
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm
Advertisement
Register to Remove

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 17th, 2015, 2:17 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 17th, 2015, 4:14 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi Sweetestprawn

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 8, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


There's no obvious signs of infection in the DDS logs that you've supplied, so I'm going to need you to run some additional scans for me to see if we can find out what it is that is causing your problems.

First ...

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next ...

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

AT THIS POINT, DO NOT ATTEMPT TO CLEAN ANYTHING THAT MAY BE FOUND

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • FRST.txt
  • Addition.txt
  • ADWCleaner log
  • E-Set.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 11:36 am

I keep trying to run FRST64 and it keeps saying "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I ran it as admin but it still doesn't want to work.
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 17th, 2015, 12:01 pm

OK, leave FRST for the time being, and try running the other 2 scans I asked for in my last post (adwceaner and e-set).

If you have any problems please let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 12:11 pm

Adwcleaner

# AdwCleaner v4.110 - Logfile created 17/02/2015 at 11:05:16
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 8 (x64)
# Username : Sweetestprawn - NIGHTMARE
# Running from : C:\Users\Sweetestprawn\Downloads\adwcleaner_4.110.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\windows\System32\roboot64.exe
Folder Found : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbmfljfohghaepamnfokgggaejlmfol
Folder Found : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\Sweetestprawn\Favorites\StumbleUpon
Folder Found : C:\Users\Sweetestprawn\Favorites\StumbleUpon

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.16384

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com

-\\ Google Chrome v40.0.2214.111

*************************

AdwCleaner[R0].txt - [2117 bytes] - [17/02/2015 11:05:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2176 bytes] ##########
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 1:52 pm

ESET C:\Users\Sweetestprawn\Downloads\dffsetup-libeay32.exe a variant of Win32/Systweak potentially unwanted application
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 17th, 2015, 6:06 pm

OK, please do the following ...

  • Double click AdwCleaner.exe to run it.
  • Click Scan and allow the scan to finish.
  • Now click Clean to remove the items found.
  • Click OK to the prompt.
  • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
  • Post the contents of the logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[s1].txt.

Next ...

Go to your Downloads folder and delete dffsetup-libeay32.exe

Next ...

Please follow the instructions on THIS webpage for deleting the temporary files in your Temp folders.

Summary of the logs I need from you in your next post:
  • ADWCleaner fix log
  • Please let me know how your computer is behaving now.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 7:41 pm

# AdwCleaner v4.110 - Logfile created 17/02/2015 at 18:30:03
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 8 (x64)
# Username : Sweetestprawn - NIGHTMARE
# Running from : C:\Users\Sweetestprawn\Downloads\adwcleaner_4.110 (1).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Sweetestprawn\Favorites\StumbleUpon
Folder Deleted : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbmfljfohghaepamnfokgggaejlmfol
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Sweetestprawn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.16384

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Google Chrome v40.0.2214.111


*************************

AdwCleaner[R0].txt - [2263 bytes] - [17/02/2015 11:05:16]
AdwCleaner[R1].txt - [2112 bytes] - [17/02/2015 18:26:34]
AdwCleaner[S0].txt - [1824 bytes] - [17/02/2015 18:30:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1883 bytes] ##########
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 7:43 pm

It still says the libeay32.dll file is missing
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 17th, 2015, 7:50 pm

Never mind. That fixed the problem.

Thank you sooo much :)
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 18th, 2015, 2:14 am

You're welcome. :)

Now before we finish, we just need to remove the programs we've been using to clean your computer.

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check all the boxes then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Post the contents of this notepad in your next reply.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Sweetestprawn » February 19th, 2015, 1:26 pm

# DelFix v10.8 - Logfile created 19/02/2015 at 12:20:45
# Updated 29/07/2014 by Xplode
# Username : Sweetestprawn - NIGHTMARE
# Operating System : Windows 8 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Users\Sweetestprawn\Downloads\adwcleaner_4.110 (1).exe
Deleted : C:\Users\Sweetestprawn\Downloads\adwcleaner_4.110.exe
Deleted : C:\Users\Sweetestprawn\Downloads\dds.scr
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1 [Windows Update | 02/12/2015 22:54:01]
Deleted : RP #2 [Installed DirectX | 02/14/2015 05:26:49]
Deleted : RP #3 [DLL-Files Fixer Sat, Feb 14, 15 23:41 | 02/15/2015 07:41:06]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
Sweetestprawn
Active Member
 
Posts: 9
Joined: February 15th, 2015, 11:50 pm

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 19th, 2015, 1:46 pm

Looks good, you're clear to go. :thumbright:
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Popups, DLL files missing, and web browser ads.

Unread postby Gary R » February 23rd, 2015, 7:56 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21869
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 37 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware