Post by katrina on Nov 5, 2014 7:26:15 GMT -8
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-11-2014
Ran by Katrina at 2014-11-05 07:22:55 Run:4
Running from C:\Users\Katrina\Desktop
Loaded Profiles: Katrina & (Available profiles: Katrina)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
C:\ProgramData\RogueKiller
C:\TDSSKiller_Quarantine
C:\Users\All Users\RogueKiller
C:\Users\Katrina\AppData\Local\nsk14B6.tmp
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\2fz8xvx2sx[1].htm
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\diRKr5EYHSMj_0w_awag9_7VCVaHm92oWfUTGMsiZq65LZ0YptyIoCIoK2QiQEPG[1].swf
C:\Users\Katrina\AppData\Local\Temp\2e58\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JFA22UL\n82i3ofii8[1].htm
C:\Users\Katrina\AppData\Local\Temp\5c6c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\a3boafyd4e[1].htm
C:\Users\Katrina\AppData\Local\Temp\8640\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G5Q6NA1G\1f63cmov9j[1].htm
C:\Users\Katrina\AppData\Local\Temp\8d4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RK2Z1O1\ap7fcv158j[1].htm
C:\Users\Katrina\AppData\LocalLow\aisdjzm.dll
C:\Users\Katrina\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe
C:\Users\Katrina\Documents\Downloaded Laptop files\Weatherbug\WeatherBugSetup.msi
C:\Users\Katrina\Documents\Downloads\AWSetup.exe
C:\Users\Katrina\Documents\Downloads\registrybooster.exe
C:\Users\Katrina\Documents\Downloads\WeatherBugSetup.msi
C:\Users\Katrina\Documents\Homeschool\BitTorrent-6.2.exe
C:\Users\Katrina\Downloads\Weatherbug\WeatherBugSetup.msi
C:\Windows\Installer\{063DF01F-86F0-425D-A41B-857D26B7C65F}\msiexec.exe
C:\Windows\Installer\{0896F78A-96B3-4CE7-88DB-50CC30677D0F}\msiexec.exe
C:\Windows\Installer\{17B74679-40C3-4C70-B15A-147F6EA7790A}\msiexec.exe
C:\Windows\Installer\{18FA68AF-5BA9-469B-85BC-AE3F49B839F6}\msiexec.exe
C:\Windows\Installer\{1F4F1F2A-3DC9-4F41-BFC0-EB522ECAD044}\msiexec.exe
C:\Windows\Installer\{2026F9E1-2098-49F6-8E5D-BB99478E072F}\msiexec.exe
C:\Windows\Installer\{24F2AA27-F0E3-4513-AE28-29B7C223FA63}\msiexec.exe
C:\Windows\Installer\{2E93DEC0-51C1-4DE8-A07E-1A11FC5EBF8B}\msiexec.exe
C:\Windows\Installer\{33098C89-075B-4779-BEFB-6B99560487D5}\msiexec.exe
C:\Windows\Installer\{39DBC1E4-435A-4B21-9529-06F580040E5E}\msiexec.exe
C:\Windows\Installer\{4CC20EB1-E775-4174-831A-5C46A1BDC09B}\msiexec.exe
C:\Windows\Installer\{593B1F85-D773-4E7C-AE7B-84823DD324FA}\msiexec.exe
C:\Windows\Installer\{6BA836C6-F270-477A-AEED-837A6AC821A4}\msiexec.exe
C:\Windows\Installer\{6C0290ED-C59B-43CE-BDDC-9C9A06C56006}\msiexec.exe
C:\Windows\Installer\{74C336B9-7AF2-4A62-975F-D229AB454FDF}\msiexec.exe
C:\Windows\Installer\{75A561AE-B82F-4EDF-84CC-60478E5F3226}\msiexec.exe
C:\Windows\Installer\{A93A45F0-F3BB-4159-A13B-B816CEE14BD0}\msiexec.exe
C:\Windows\Installer\{AB56D97B-7EFF-404B-BC5A-DC237BA9BDB5}\msiexec.exe
C:\Windows\Installer\{E38A61A6-4327-48BA-B012-5BAA0892ADC8}\msiexec.exe
C:\Windows\Installer\{EC370EAD-4722-4203-B908-B5D6A22FA787}\msiexec.exe
C:\Windows\Installer\{F4907713-1B3F-41DF-9797-E153B8BA6F6F}\msiexec.exe
C:\Windows\Installer\{F925AF5E-649A-4A84-A3EB-30963609F225}\msiexec.exe
DeleteQuarantine:
end
*****************
C:\ProgramData\RogueKiller => Moved successfully.
C:\TDSSKiller_Quarantine => Moved successfully.
"C:\Users\All Users\RogueKiller" => File/Directory not found.
C:\Users\Katrina\AppData\Local\nsk14B6.tmp => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\2fz8xvx2sx[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\diRKr5EYHSMj_0w_awag9_7VCVaHm92oWfUTGMsiZq65LZ0YptyIoCIoK2QiQEPG[1].swf => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\2e58\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JFA22UL\n82i3ofii8[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\5c6c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\a3boafyd4e[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\8640\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G5Q6NA1G\1f63cmov9j[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\8d4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RK2Z1O1\ap7fcv158j[1].htm => Moved successfully.
C:\Users\Katrina\AppData\LocalLow\aisdjzm.dll => Moved successfully.
C:\Users\Katrina\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloaded Laptop files\Weatherbug\WeatherBugSetup.msi => Moved successfully.
C:\Users\Katrina\Documents\Downloads\AWSetup.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloads\registrybooster.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloads\WeatherBugSetup.msi => Moved successfully.
C:\Users\Katrina\Documents\Homeschool\BitTorrent-6.2.exe => Moved successfully.
C:\Users\Katrina\Downloads\Weatherbug\WeatherBugSetup.msi => Moved successfully.
C:\Windows\Installer\{063DF01F-86F0-425D-A41B-857D26B7C65F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{0896F78A-96B3-4CE7-88DB-50CC30677D0F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{17B74679-40C3-4C70-B15A-147F6EA7790A}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{18FA68AF-5BA9-469B-85BC-AE3F49B839F6}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{1F4F1F2A-3DC9-4F41-BFC0-EB522ECAD044}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{2026F9E1-2098-49F6-8E5D-BB99478E072F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{24F2AA27-F0E3-4513-AE28-29B7C223FA63}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{2E93DEC0-51C1-4DE8-A07E-1A11FC5EBF8B}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{33098C89-075B-4779-BEFB-6B99560487D5}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{39DBC1E4-435A-4B21-9529-06F580040E5E}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{4CC20EB1-E775-4174-831A-5C46A1BDC09B}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{593B1F85-D773-4E7C-AE7B-84823DD324FA}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{6BA836C6-F270-477A-AEED-837A6AC821A4}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{6C0290ED-C59B-43CE-BDDC-9C9A06C56006}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{74C336B9-7AF2-4A62-975F-D229AB454FDF}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{75A561AE-B82F-4EDF-84CC-60478E5F3226}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{A93A45F0-F3BB-4159-A13B-B816CEE14BD0}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{AB56D97B-7EFF-404B-BC5A-DC237BA9BDB5}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{E38A61A6-4327-48BA-B012-5BAA0892ADC8}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{EC370EAD-4722-4203-B908-B5D6A22FA787}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{F4907713-1B3F-41DF-9797-E153B8BA6F6F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{F925AF5E-649A-4A84-A3EB-30963609F225}\msiexec.exe => Moved successfully.
"C:\FRST\Quarantine" => Removed successfully.
==== End of Fixlog ====
Ran by Katrina at 2014-11-05 07:22:55 Run:4
Running from C:\Users\Katrina\Desktop
Loaded Profiles: Katrina & (Available profiles: Katrina)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
C:\ProgramData\RogueKiller
C:\TDSSKiller_Quarantine
C:\Users\All Users\RogueKiller
C:\Users\Katrina\AppData\Local\nsk14B6.tmp
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\2fz8xvx2sx[1].htm
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\diRKr5EYHSMj_0w_awag9_7VCVaHm92oWfUTGMsiZq65LZ0YptyIoCIoK2QiQEPG[1].swf
C:\Users\Katrina\AppData\Local\Temp\2e58\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JFA22UL\n82i3ofii8[1].htm
C:\Users\Katrina\AppData\Local\Temp\5c6c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\a3boafyd4e[1].htm
C:\Users\Katrina\AppData\Local\Temp\8640\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G5Q6NA1G\1f63cmov9j[1].htm
C:\Users\Katrina\AppData\Local\Temp\8d4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RK2Z1O1\ap7fcv158j[1].htm
C:\Users\Katrina\AppData\LocalLow\aisdjzm.dll
C:\Users\Katrina\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe
C:\Users\Katrina\Documents\Downloaded Laptop files\Weatherbug\WeatherBugSetup.msi
C:\Users\Katrina\Documents\Downloads\AWSetup.exe
C:\Users\Katrina\Documents\Downloads\registrybooster.exe
C:\Users\Katrina\Documents\Downloads\WeatherBugSetup.msi
C:\Users\Katrina\Documents\Homeschool\BitTorrent-6.2.exe
C:\Users\Katrina\Downloads\Weatherbug\WeatherBugSetup.msi
C:\Windows\Installer\{063DF01F-86F0-425D-A41B-857D26B7C65F}\msiexec.exe
C:\Windows\Installer\{0896F78A-96B3-4CE7-88DB-50CC30677D0F}\msiexec.exe
C:\Windows\Installer\{17B74679-40C3-4C70-B15A-147F6EA7790A}\msiexec.exe
C:\Windows\Installer\{18FA68AF-5BA9-469B-85BC-AE3F49B839F6}\msiexec.exe
C:\Windows\Installer\{1F4F1F2A-3DC9-4F41-BFC0-EB522ECAD044}\msiexec.exe
C:\Windows\Installer\{2026F9E1-2098-49F6-8E5D-BB99478E072F}\msiexec.exe
C:\Windows\Installer\{24F2AA27-F0E3-4513-AE28-29B7C223FA63}\msiexec.exe
C:\Windows\Installer\{2E93DEC0-51C1-4DE8-A07E-1A11FC5EBF8B}\msiexec.exe
C:\Windows\Installer\{33098C89-075B-4779-BEFB-6B99560487D5}\msiexec.exe
C:\Windows\Installer\{39DBC1E4-435A-4B21-9529-06F580040E5E}\msiexec.exe
C:\Windows\Installer\{4CC20EB1-E775-4174-831A-5C46A1BDC09B}\msiexec.exe
C:\Windows\Installer\{593B1F85-D773-4E7C-AE7B-84823DD324FA}\msiexec.exe
C:\Windows\Installer\{6BA836C6-F270-477A-AEED-837A6AC821A4}\msiexec.exe
C:\Windows\Installer\{6C0290ED-C59B-43CE-BDDC-9C9A06C56006}\msiexec.exe
C:\Windows\Installer\{74C336B9-7AF2-4A62-975F-D229AB454FDF}\msiexec.exe
C:\Windows\Installer\{75A561AE-B82F-4EDF-84CC-60478E5F3226}\msiexec.exe
C:\Windows\Installer\{A93A45F0-F3BB-4159-A13B-B816CEE14BD0}\msiexec.exe
C:\Windows\Installer\{AB56D97B-7EFF-404B-BC5A-DC237BA9BDB5}\msiexec.exe
C:\Windows\Installer\{E38A61A6-4327-48BA-B012-5BAA0892ADC8}\msiexec.exe
C:\Windows\Installer\{EC370EAD-4722-4203-B908-B5D6A22FA787}\msiexec.exe
C:\Windows\Installer\{F4907713-1B3F-41DF-9797-E153B8BA6F6F}\msiexec.exe
C:\Windows\Installer\{F925AF5E-649A-4A84-A3EB-30963609F225}\msiexec.exe
DeleteQuarantine:
end
*****************
C:\ProgramData\RogueKiller => Moved successfully.
C:\TDSSKiller_Quarantine => Moved successfully.
"C:\Users\All Users\RogueKiller" => File/Directory not found.
C:\Users\Katrina\AppData\Local\nsk14B6.tmp => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\2fz8xvx2sx[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\12698\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\diRKr5EYHSMj_0w_awag9_7VCVaHm92oWfUTGMsiZq65LZ0YptyIoCIoK2QiQEPG[1].swf => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\2e58\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JFA22UL\n82i3ofii8[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\5c6c\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9586JTQ\a3boafyd4e[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\8640\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G5Q6NA1G\1f63cmov9j[1].htm => Moved successfully.
C:\Users\Katrina\AppData\Local\Temp\8d4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2RK2Z1O1\ap7fcv158j[1].htm => Moved successfully.
C:\Users\Katrina\AppData\LocalLow\aisdjzm.dll => Moved successfully.
C:\Users\Katrina\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloaded Laptop files\Weatherbug\WeatherBugSetup.msi => Moved successfully.
C:\Users\Katrina\Documents\Downloads\AWSetup.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloads\registrybooster.exe => Moved successfully.
C:\Users\Katrina\Documents\Downloads\WeatherBugSetup.msi => Moved successfully.
C:\Users\Katrina\Documents\Homeschool\BitTorrent-6.2.exe => Moved successfully.
C:\Users\Katrina\Downloads\Weatherbug\WeatherBugSetup.msi => Moved successfully.
C:\Windows\Installer\{063DF01F-86F0-425D-A41B-857D26B7C65F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{0896F78A-96B3-4CE7-88DB-50CC30677D0F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{17B74679-40C3-4C70-B15A-147F6EA7790A}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{18FA68AF-5BA9-469B-85BC-AE3F49B839F6}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{1F4F1F2A-3DC9-4F41-BFC0-EB522ECAD044}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{2026F9E1-2098-49F6-8E5D-BB99478E072F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{24F2AA27-F0E3-4513-AE28-29B7C223FA63}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{2E93DEC0-51C1-4DE8-A07E-1A11FC5EBF8B}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{33098C89-075B-4779-BEFB-6B99560487D5}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{39DBC1E4-435A-4B21-9529-06F580040E5E}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{4CC20EB1-E775-4174-831A-5C46A1BDC09B}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{593B1F85-D773-4E7C-AE7B-84823DD324FA}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{6BA836C6-F270-477A-AEED-837A6AC821A4}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{6C0290ED-C59B-43CE-BDDC-9C9A06C56006}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{74C336B9-7AF2-4A62-975F-D229AB454FDF}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{75A561AE-B82F-4EDF-84CC-60478E5F3226}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{A93A45F0-F3BB-4159-A13B-B816CEE14BD0}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{AB56D97B-7EFF-404B-BC5A-DC237BA9BDB5}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{E38A61A6-4327-48BA-B012-5BAA0892ADC8}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{EC370EAD-4722-4203-B908-B5D6A22FA787}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{F4907713-1B3F-41DF-9797-E153B8BA6F6F}\msiexec.exe => Moved successfully.
C:\Windows\Installer\{F925AF5E-649A-4A84-A3EB-30963609F225}\msiexec.exe => Moved successfully.
"C:\FRST\Quarantine" => Removed successfully.
==== End of Fixlog ====