Cleaning up

Posted 11/28/2013 6:02 PM
#96252
User avatar

Derrack Valued member

Date Joined Nov 2016
Total Posts: 19
Here's all the logs. Thanks for the help. <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware (PRO) 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.11.28.03 <br/> <br/>Windows XP Service Pack 3 x86 NTFS <br/>Internet Explorer 8.0.6001.18702 <br/>Bill :: ANCHOR-AA653044 [administrator] <br/> <br/>Protection: Disabled <br/> <br/>11/27/2013 8:32:29 PM <br/>mbam-log-2013-11-27 (20-32-29).txt <br/> <br/>Scan type: Full scan (C:\|D:\|E:\|F:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 304925 <br/>Time elapsed: 1 hour(s), 28 minute(s), 42 second(s) <br/> <br/>Memory Processes Detected: 2 <br/>C:\Program Files\BuzzSearch\updateBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> 3840 -> Delete on reboot. <br/>C:\Program Files\BuzzSearch\bin\utilBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> 348 -> Delete on reboot. <br/> <br/>Memory Modules Detected: 1 <br/>C:\Program Files\BuzzSearch\bin\sqlite3.dll (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/> <br/>Registry Keys Detected: 75 <br/>HKLM\SYSTEM\CurrentControlSet\Services\Update BuzzSearch (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKLM\SYSTEM\CurrentControlSet\Services\Util BuzzSearch (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{5cf5a690-c8f4-488e-9d20-f21aef602d41} (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{396ecd31-edf7-489f-bda1-83dba4c36e81} (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{D0EC4142-5808-41D2-A4DC-6081CF1A9693} (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CF5A690-C8F4-488E-9D20-F21AEF602D41} (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CF5A690-C8F4-488E-9D20-F21AEF602D41} (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{562B9316-C08A-444A-9482-62080DD851AE} (PUP.Optional.SpeedAnalysis3.A) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{0BDCB0B7-26EE-4B62-B240-1260CD6930E0} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F} (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7} (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKCR\AddonsFramework.PropertySyncObj.1 (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKCR\AddonsFramework.PropertySyncObj (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\m (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{4B8AECDD-D9FF-499E-8E9F-F90A9EF1930D} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{E65CE95B-56E9-47C9-8707-A1D1DE30760F} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{25C65308-8937-4D76-BEFB-6AF0A468E75A} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\AddonsFramework.Navbar.1 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\AddonsFramework.Navbar (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\MYSEARCHDIAL (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/> <br/>Registry Values Detected: 8 <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?affID=121284&tt=gc_&babsrc=HP_ss&mntrId=B8700013E828B869 -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully. <br/>HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully. <br/>HKCU\Software\mysearchdial|TM (PUP.Optional.MySearchDial.A) -> Data: 0142 -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|bProtectTabs (PUP.Optional.BrowserProtect.A) -> Data: http://www1.delta-search.com/?affID=121284&tt=gc_&babsrc=NT_ss&mntrId=B8700013E828B869 -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DATAMNGR (PUP.Optional.Datamngr.A) -> Data: C:\PROGRA~1\WI83E4~1\Datamngr\DATAMN~1.EXE -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Detected: 2 <br/>HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=dnldstr&cd=2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1034430740&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=dnldstr&cd=2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1034430740&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully. <br/> <br/>Folders Detected: 15 <br/>C:\Documents and Settings\All Users\Application Data\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2 (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\mz (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/>C:\Program Files\BuzzSearch\bin (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/>C:\Program Files\BuzzSearch\bin\plugins (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\icons_2.2.14.1379 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/> <br/>Files Detected: 68 <br/>C:\Program Files\BuzzSearch\updateBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/>C:\Program Files\BuzzSearch\bin\utilBuzzSearch.exe (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/>C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\BuzzSearchBHO.dll (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\ScriptHost.dll (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\PropertySync.exe (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{4D7022CF-A177-4C27-A072-0E72DA670A62}\RP235\A0058861.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{4D7022CF-A177-4C27-A072-0E72DA670A62}\RP235\A0058862.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{4D7022CF-A177-4C27-A072-0E72DA670A62}\RP235\A0058863.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{4D7022CF-A177-4C27-A072-0E72DA670A62}\RP235\A0058864.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. <br/>C:\System Volume Information\_restore{4D7022CF-A177-4C27-A072-0E72DA670A62}\RP235\A0058866.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully. <br/>C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Local Settings\Temp\Сodec Performer803975.exe (Adware.InstallBrain) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Local Settings\Temp\is1275519350\11186691_stp\BuzzSearchSetup.exe (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Local Settings\Temporary Internet Files\Content.IE5\O08D0QCN\Setup[1].exe (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\All Users\Application Data\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\updater.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\AddonsFramework.dll (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\background.html (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\bg.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\ButtonSite.dll (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\config.xml (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\content.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon128.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon16.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon18.ico (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon18.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon24.ico (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon24.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon32.ico (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon32.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\icon48.png (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\jquery-1.6.2.min.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\json2.min.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\PropertySyncPS.dll (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\uninstall.exe (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\updaterWrapper.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\mz\background.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Speed Analysis 2\mz\content.js (PUP.Optional.SpeedAnalysis.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\BuzzSearch.ico (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\BuzzSearchUninstall.exe (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\updateBuzzSearch.InstallState (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\bin\sqlite3.dll (PUP.Optional.BuzzSearch.A) -> Delete on reboot. <br/>C:\Program Files\BuzzSearch\bin\utilBuzzSearch.InstallState (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\bin\plugins\BuzzSearch.FFUpdate.dll (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\bin\plugins\BuzzSearch.GCUpdate.dll (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\BuzzSearch\bin\plugins\BuzzSearch.IEUpdate.dll (PUP.Optional.BuzzSearch.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\icons_2.2.14.1379\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\icons_2.2.14.1379\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Documents and Settings\Bill\Application Data\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/>C:\Program Files\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully. <br/> <br/>(end) <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_x86 <br/>Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29 <br/>Run by Bill at 8:59:09 on 2013-11-28 <br/>Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.944 [GMT -8:00] <br/>. <br/>AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} <br/>. <br/>============== Running Processes ================ <br/>. <br/>c:\Program Files\Microsoft Security Client\MsMpEng.exe <br/>C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\AmosConnect\dbssvc.exe <br/>C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe <br/>C:\MSSQL2005\MSSQL.2\MSSQL\Binn\sqlservr.exe <br/>C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe <br/>C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe <br/>C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe <br/>C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe <br/>C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\WINDOWS\system32\hkcmd.exe <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\WINDOWS\system32\igfxsrvc.exe <br/>C:\Program Files\QuickTime\QTTask.exe <br/>C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe <br/>C:\Program Files\iTunes\iTunesHelper.exe <br/>C:\Program Files\Microsoft Security Client\msseces.exe <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Documents and Settings\Bill\Local Settings\Application Data\Akamai\netsession_win.exe <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe <br/>C:\Documents and Settings\Bill\Local Settings\Application Data\Akamai\netsession_win.exe <br/>C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe <br/>C:\Documents and Settings\Bill\Application Data\Dropbox\bin\Dropbox.exe <br/>C:\WINDOWS\system32\wbem\wmiapsrv.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\WINDOWS\System32\alg.exe <br/>C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\Program Files\Mozilla Firefox\plugin-container.exe <br/>C:\WINDOWS\system32\wbem\wmiprvse.exe <br/>C:\WINDOWS\System32\svchost.exe -k netsvcs <br/>C:\WINDOWS\system32\svchost.exe -k NetworkService <br/>C:\WINDOWS\system32\svchost.exe -k LocalService <br/>C:\WINDOWS\System32\svchost.exe -k Akamai <br/>C:\WINDOWS\System32\svchost.exe -k HPZ12 <br/>C:\WINDOWS\System32\svchost.exe -k HPZ12 <br/>C:\WINDOWS\system32\svchost.exe -k imgsvc <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://www.google.com <br/>uSearch Bar = hxxp://www.google.com/ie <br/>uSearch Page = hxxp://www.google.com <br/>mStart Page = hxxp://www.google.com <br/>uProxyOverride = 127.0.0.1:9421;*.local;<local> <br/>uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> <br/>dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned> <br/>dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned> <br/>BHO: jZip Toolbar: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - <br/>BHO: UrlHelper Class: {41C4AA37-1DDD-4345-B8DC-734E4B38414D} - <br/>BHO: Smiley Bar for Facebook: {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} - c:\program files\smiley bar for facebook\ScriptHost.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll <br/>BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll <br/>TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll <br/>TB: jZip Toolbar: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - <br/>EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll <br/>uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe <br/>uRun: [Akamai NetSession Interface] "c:\documents and settings\bill\local settings\application data\akamai\netsession_win.exe" <br/>uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background <br/>uRun: [Uploader] c:\program files\seagate\seagate dashboard 2.0\Seagate.Dashboard.Uploader.exe <br/>mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe <br/>mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe <br/>mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" <br/>mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe <br/>mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" <br/>mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" <br/>mRun: [IgfxTray] c:\windows\system32\igfxtray.exe <br/>mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe <br/>mRun: [Persistence] c:\windows\system32\igfxpers.exe <br/>mRun: [Alcmtr] ALCMTR.EXE <br/>mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" <br/>mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe <br/>mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin <br/>mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime <br/>mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k <br/>mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" <br/>mRun: [DBAgent] "c:\program files\seagate\seagate dashboard 2.0\DBAgent.exe" /WinStart <br/>mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" <br/>mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey <br/>mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVDNkQtS1JORjQtOUhSWEotQUtUSzMtTFI2UFEtTkpTQUg"&"inst=NzctMTQ0NDU4MTU5Ny1GUDkrNi1CQVI5RysxLVRCOSsyLUZMKzktWDIwMTArMi1RSVgxKzQtRjEwTTEwRCsyLUNJQTEwKzItU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtRERUKzAtTFNEKzItREQxMCsxLVNUMTBBUFArMS1QMTBNMTJDKzEtVEIrMS1QMTBUQisyLVNUMTBGQVBQKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1430 <br/>dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t <br/>StartupFolder: c:\docume~1\bill\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\bill\application data\dropbox\bin\Dropbox.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 <br/>mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 <br/>mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 <br/>mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 <br/>mPolicies-Explorer: NoFolderOptions = dword:1 <br/>mPolicies-System: DisableRegistryTools = dword:1 <br/>IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} <br/>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe <br/>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe <br/>DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258736889390 <br/>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203810104234 <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab <br/>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>TCP: NameServer = 209.165.131.12 209.165.131.13 <br/>TCP: Interfaces\{5447CDC2-38A5-41C5-A00D-0F5F2850F4D5} : DHCPNameServer = 209.165.131.12 209.165.131.13 <br/>Notify: igfxcui - igfxdev.dll <br/>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - c:\documents and settings\bill\application data\mozilla\firefox\profiles\7azgygjr.default\ <br/>FF - prefs.js: browser.startup.homepage - google.com <br/>FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll <br/>FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll <br/>FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll <br/>FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll <br/>FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll <br/>FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll <br/>FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll <br/>FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll <br/>FF - ExtSQL: 2013-11-07 15:28; firefox@mybuzzsearch.com; c:\documents and settings\bill\application data\mozilla\firefox\profiles\7azgygjr.default\extensions\firefox@mybuzzsearch.com.xpi <br/>FF - ExtSQL: !HIDDEN! 2009-09-01 21:21; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension <br/>. <br/>---- FIREFOX POLICIES ---- <br/>FF - user.js: extensions.delta.tlbrSrchUrl - <br/>FF - user.js: extensions.delta.id - b870103c0000000000000013e828b869 <br/>FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} <br/>FF - user.js: extensions.delta.instlDay - 15843 <br/>FF - user.js: extensions.delta.vrsn - 1.8.21.0 <br/>FF - user.js: extensions.delta.vrsni - 1.8.21.0 <br/>FF - user.js: extensions.delta.vrsnTs - 1.8.21.016:26:13 <br/>FF - user.js: extensions.delta.prtnrId - delta <br/>FF - user.js: extensions.delta.prdct - delta <br/>FF - user.js: extensions.delta.aflt - babsst <br/>FF - user.js: extensions.delta.smplGrp - none <br/>FF - user.js: extensions.delta.tlbrId - base <br/>FF - user.js: extensions.delta.instlRef - sst <br/>FF - user.js: extensions.delta.dfltLng - en <br/>FF - user.js: extensions.delta.excTlbr - false <br/>FF - user.js: extensions.delta.ffxUnstlRst - true <br/>FF - user.js: extensions.delta.admin - false <br/>FF - user.js: extensions.delta_i.babTrack - affID=121284&tt=gc_ <br/>FF - user.js: extensions.delta_i.babExt - <br/>FF - user.js: extensions.delta_i.srcExt - ss <br/>FF - user.js: extensions.delta.autoRvrt - false <br/>FF - user.js: extensions.delta.rvrt - false <br/>FF - user.js: extensions.delta.newTab - false <br/>FF - user.js: extensions.mysearchdial.hmpg - true <br/>FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=dnldstr&cd=2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1034430740&ir= <br/>FF - user.js: extensions.mysearchdial.dfltSrch - true <br/>FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial <br/>FF - user.js: extensions.mysearchdial.dnsErr - true <br/>FF - user.js: extensions.mysearchdial_i.newTab - false <br/>FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=dnldstr&cd=2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1034430740&ir= <br/>FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=dnldstr&cd=2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1034430740&ir=&q= <br/>FF - user.js: extensions.mysearchdial.id - 0013E828B869103C <br/>FF - user.js: extensions.mysearchdial.instlDay - 16033 <br/>FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0 <br/>FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0 <br/>FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.016:42:7 <br/>FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial <br/>FF - user.js: extensions.mysearchdial.prdct - mysearchdial <br/>FF - user.js: extensions.mysearchdial.aflt - dnldstr <br/>FF - user.js: extensions.mysearchdial_i.smplGrp - none <br/>FF - user.js: extensions.mysearchdial.tlbrId - base <br/>FF - user.js: extensions.mysearchdial.instlRef - <br/>FF - user.js: extensions.mysearchdial.dfltLng - <br/>FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} <br/>FF - user.js: extensions.mysearchdial.excTlbr - false <br/>FF - user.js: extensions.mysearchdial_i.hmpg - true <br/>FF - user.js: extensions.mysearchdial.cr - 1034430740 <br/>FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R <br/>FF - user.js: extensions.irmysearch.aflt - dnldstr <br/>FF - user.js: extensions.irmysearch.instlRef - <br/>FF - user.js: extensions.irmysearch.cr - 1034430740 <br/>FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutDtDtCtA0EzztBzz0BzzyCzytCtDtA0CtN0D0Tzu0SyCzyyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 214696] <br/>R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\drivers\SWIPsec.sys [2009-9-11 87064] <br/>R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-2-28 14336] <br/>R2 DbsRpcService;AMOS Mail Database;c:\program files\amosconnect\dbssvc.exe [2008-7-8 131072] <br/>R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-11-27 418376] <br/>R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408] <br/>R2 MSSQL$POWERLOGIC;SQL Server (POWERLOGIC);c:\mssql2005\mssql.2\mssql\binn\sqlservr.exe -spowerlogic --> c:\mssql2005\mssql.2\mssql\binn\sqlservr.exe -sPOWERLOGIC [?] <br/>R2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\sonicwall\sonicwall global vpn client\SWGVCSvc.exe [2009-3-5 227352] <br/>R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-11-27 22856] <br/>R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2008-2-22 30976] <br/>R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-2-22 808448] <br/>S0 arpdhlwr;arpdhlwr;c:\windows\system32\drivers\ipjelt.sys --> c:\windows\system32\drivers\ipjelt.sys [?] <br/>S0 htjiulw;htjiulw;c:\windows\system32\drivers\mymahqdc.sys --> c:\windows\system32\drivers\mymahqdc.sys [?] <br/>S0 nbfpei;nbfpei;c:\windows\system32\drivers\ztixfiy.sys --> c:\windows\system32\drivers\ztixfiy.sys [?] <br/>S0 qvegjwj;qvegjwj;c:\windows\system32\drivers\lpwwezl.sys --> c:\windows\system32\drivers\lpwwezl.sys [?] <br/>S0 qyxlpla;qyxlpla;c:\windows\system32\drivers\dsvpbt.sys --> c:\windows\system32\drivers\dsvpbt.sys [?] <br/>S0 tcbx;tcbx;c:\windows\system32\drivers\wxutka.sys --> c:\windows\system32\drivers\wxutka.sys [?] <br/>S1 cliysnuu;cliysnuu;\??\c:\windows\system32\drivers\cliysnuu.sys --> c:\windows\system32\drivers\cliysnuu.sys [?] <br/>S1 ecsfnyry;ecsfnyry;\??\c:\windows\system32\drivers\ecsfnyry.sys --> c:\windows\system32\drivers\ecsfnyry.sys [?] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-11-27 701512] <br/>S2 PCLinkBridge;USB-USB Network Bridge;c:\windows\system32\drivers\pro2000.sys --> c:\windows\system32\drivers\pro2000.sys [?] <br/>S2 PowerLogic Network Server;PowerLogic Network Server;c:\powerlogic\pmcu\bin\plnsrvr.exe --> c:\powerlogic\pmcu\bin\PLNSrvr.exe [?] <br/>S2 Seagate Dashboard Services;Seagate Dashboard Services;c:\program files\seagate\seagate dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2012-6-7 14528] <br/>S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?] <br/>S3 NIC2000;USB-USB Network Bridge Adapter;c:\windows\system32\drivers\nic2000.sys --> c:\windows\system32\drivers\NIC2000.sys [?] <br/>S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2008-2-22 73472] <br/>S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2008-2-22 43904] <br/>S3 rcvpn;SonicWALL VPN Adapter;c:\windows\system32\drivers\rcvpn.sys --> c:\windows\system32\drivers\rcvpn.sys [?] <br/>S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] <br/>S3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\drivers\SWVNIC.sys [2009-3-4 21016] <br/>S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-11-28 16:43:27 -------- d-----w- c:\program files\Defraggler <br/>2013-11-28 16:42:17 -------- d-----w- c:\program files\CCleaner <br/>2013-11-28 12:41:05 7772552 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cbf3a408-4f5a-4710-9ee8-27559a3a5815}\mpengine.dll <br/>2013-11-28 08:41:48 7772552 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll <br/>2013-11-28 03:33:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2013-11-28 03:33:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware <br/>2013-11-25 00:46:47 -------- d-----w- c:\documents and settings\all users\application data\Caphyon <br/>2013-11-25 00:46:31 -------- d-----w- c:\documents and settings\bill\local settings\application data\Deep_Sea_Electronics_PLC <br/>2013-11-25 00:46:02 203584 ----a-w- c:\windows\system32\drivers\windrvr6.sys <br/>2013-11-25 00:45:58 -------- d-----w- c:\program files\common files\DSE USB Driver <br/>2013-11-25 00:45:54 -------- d-----w- c:\program files\common files\DSE FTDI Driver <br/>2013-11-25 00:45:52 -------- d-----w- c:\program files\Deep Sea Electronics plc <br/>2013-11-25 00:45:51 -------- d-----w- c:\documents and settings\all users\application data\Deep Sea Electronics plc <br/>2013-11-25 00:42:07 -------- d-----w- c:\program files\Mysearchdial <br/>2013-11-24 16:12:32 -------- d-----w- c:\documents and settings\bill\application data\Deep Sea Electronics plc <br/>2013-11-13 05:31:40 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint <br/>2013-11-13 05:27:14 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys <br/>2013-11-13 05:27:14 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys <br/>2013-11-11 05:55:33 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys <br/>2013-11-11 05:55:33 46848 -c----w- c:\windows\system32\dllcache\irbus.sys <br/>2013-11-11 05:55:33 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys <br/>2013-11-11 05:52:49 5376 -c----w- c:\windows\system32\dllcache\usbd.sys <br/>2013-11-11 05:52:49 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys <br/>2013-11-11 05:52:49 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys <br/>2013-11-11 05:52:49 144128 -c----w- c:\windows\system32\dllcache\usbport.sys <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe <br/>2013-11-13 05:26:00 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2013-11-13 05:25:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2013-10-17 22:46:44 143360 ----a-w- c:\windows\system32\wdapi1011.dll <br/>2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll <br/>2013-10-13 07:25:08 43520 ------w- c:\windows\system32\licmgr10.dll <br/>2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl <br/>2013-10-13 07:24:17 18944 ----a-w- c:\windows\system32\corpol.dll <br/>2013-10-13 06:57:59 385024 ------w- c:\windows\system32\html.iec <br/>2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll <br/>2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll <br/>2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll <br/>2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll <br/>2013-09-27 17:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys <br/>2009-07-12 05:00:45 12080 -c--a-w- c:\program files\common files\wyjesek.bat <br/>. <br/>============= FINISH: 9:00:12.79 =============== <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows XP Professional <br/>Boot Device: \Device\HarddiskVolume2 <br/>Install Date: 11/12/2009 11:03:15 PM <br/>System Uptime: 11/28/2013 8:05:54 AM (1 hours ago) <br/>. <br/>Motherboard: Sony Corporation | | VAIO <br/>Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | N/A | 1995/200mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 142 GiB total, 83.058 GiB free. <br/>D: is CDROM () <br/>E: is Removable <br/>F: is Removable <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: <br/>Description: Modem Device on High Definition Audio Bus <br/>Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_104D1700&REV_1000\4&B4EC5A3&0&0102 <br/>Manufacturer: <br/>Name: Modem Device on High Definition Audio Bus <br/>PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_2C06&SUBSYS_104D1700&REV_1000\4&B4EC5A3&0&0102 <br/>Service: <br/>. <br/>Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} <br/>Description: SonicWALL Virtual NIC <br/>Device ID: ROOT\SWVNIC\0000 <br/>Manufacturer: SonicWALL <br/>Name: SonicWALL Virtual NIC <br/>PNP Device ID: ROOT\SWVNIC\0000 <br/>Service: SWVNIC <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP216: 09/28/2013 6:49:56 PM - System Checkpoint <br/>RP217: 10/02/2013 10:14:20 PM - Software Distribution Service 3.0 <br/>RP218: 10/02/2013 10:24:28 PM - Software Distribution Service 3.0 <br/>RP219: 10/06/2013 6:29:44 PM - Software Distribution Service 3.0 <br/>RP220: 10/07/2013 8:02:34 PM - Software Distribution Service 3.0 <br/>RP221: 10/12/2013 10:32:04 AM - Software Distribution Service 3.0 <br/>RP222: 10/19/2013 7:24:54 PM - System Checkpoint <br/>RP223: 11/09/2013 5:33:28 PM - System Checkpoint <br/>RP224: 11/10/2013 6:11:19 PM - Restore Operation <br/>RP225: 11/10/2013 9:18:29 PM - Restore Operation <br/>RP226: 11/10/2013 9:24:16 PM - Restore Operation <br/>RP227: 11/10/2013 9:53:08 PM - Software Distribution Service 3.0 <br/>RP228: 11/12/2013 6:13:37 PM - Software Distribution Service 3.0 <br/>RP229: 11/12/2013 9:33:26 PM - Software Distribution Service 3.0 <br/>RP230: 11/23/2013 1:28:25 PM - Software Distribution Service 3.0 <br/>RP231: 11/24/2013 7:59:47 AM - Software Distribution Service 3.0 <br/>RP232: 11/24/2013 8:21:00 AM - Software Distribution Service 3.0 <br/>RP233: 11/24/2013 1:57:45 PM - Software Distribution Service 3.0 <br/>RP234: 11/24/2013 4:45:50 PM - Installed DSE Configuration Suite <br/>RP235: 11/24/2013 5:02:34 PM - Removed COBRA Runtime 89 <br/>RP236: 11/25/2013 4:00:29 PM - Software Distribution Service 3.0 <br/>RP237: 11/26/2013 7:25:53 AM - Software Distribution Service 3.0 <br/>RP238: 11/26/2013 7:41:35 PM - Software Distribution Service 3.0 <br/>RP239: 11/27/2013 8:45:26 PM - Software Distribution Service 3.0 <br/>RP240: 11/28/2013 12:41:45 AM - Software Distribution Service 3.0 <br/>RP241: 11/28/2013 4:41:01 AM - Software Distribution Service 3.0 <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>32 Bit HP CIO Components Installer <br/>Adobe Acrobat 8 Standard <br/>Adobe Acrobat 4.0 <br/>Adobe Acrobat 8.1.3 Standard <br/>Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) <br/>Adobe AIR <br/>Adobe Community Help <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Flash Player 11 Plugin <br/>Adobe Media Player <br/>Adobe Photoshop CS5 <br/>Adobe Photoshop Lightroom 3.6 <br/>Akamai NetSession Interface <br/>Akamai NetSession Interface Service <br/>AmosConnect <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>ATI - Software Uninstall Utility <br/>Bluetooth Stack for Windows by Toshiba <br/>Bonjour <br/>Bonjour Print Services <br/>CCleaner <br/>Defraggler <br/>DocProc <br/>DocProcQFolder <br/>Dropbox <br/>DSE Configuration Suite <br/>Hi-Speed USB-USB Network Cable <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) <br/>HPDiagnosticAlert <br/>Intel(R) Graphics Media Accelerator Driver <br/>Intel(R) PROSet/Wireless Software <br/>iTunes <br/>Java Auto Updater <br/>Java(TM) 6 Update 29 <br/>JAWS Display Application <br/>JAWS Graphical Application <br/>LiveUpdate Notice (Symantec Corporation) <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>MaxView <br/>mCore <br/>mDriver <br/>Microsoft .NET Framework 1.1 <br/>Microsoft .NET Framework 1.1 Security Update (KB2698023) <br/>Microsoft .NET Framework 1.1 Security Update (KB2833941) <br/>Microsoft .NET Framework 1.1 Security Update (KB979906) <br/>Microsoft .NET Framework 2.0 Service Pack 2 <br/>Microsoft .NET Framework 3.0 Service Pack 2 <br/>Microsoft .NET Framework 3.5 SP1 <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft .NET Framework 4 Extended <br/>Microsoft Access 2000 SR-1 Runtime <br/>Microsoft Application Error Reporting <br/>Microsoft Compression Client Pack 1.0 for Windows XP <br/>Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 <br/>Microsoft Office 2007 Primary Interop Assemblies <br/>Microsoft Office 2007 Service Pack 3 (SP3) <br/>Microsoft Office Excel MUI (English) 2007 <br/>Microsoft Office File Validation Add-In <br/>Microsoft Office Outlook MUI (English) 2007 <br/>Microsoft Office PowerPoint MUI (English) 2007 <br/>Microsoft Office Proof (English) 2007 <br/>Microsoft Office Proof (French) 2007 <br/>Microsoft Office Proof (Spanish) 2007 <br/>Microsoft Office Proofing (English) 2007 <br/>Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>Microsoft Office Shared MUI (English) 2007 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>Microsoft Office Standard 2007 <br/>Microsoft Office Word MUI (English) 2007 <br/>Microsoft Security Client <br/>Microsoft Security Essentials <br/>Microsoft Silverlight <br/>Microsoft Software Update for Web Folders (English) 12 <br/>Microsoft SQL Server 2005 <br/>Microsoft SQL Server 2005 (POWERLOGIC) <br/>Microsoft SQL Server 2005 Express Edition (ACT7) <br/>Microsoft SQL Server 2005 Tools <br/>Microsoft SQL Server Desktop Engine <br/>Microsoft SQL Server Management Studio Express <br/>Microsoft SQL Server Native Client <br/>Microsoft SQL Server Setup Support Files (English) <br/>Microsoft SQL Server VSS Writer <br/>Microsoft User-Mode Driver Framework Feature Pack 1.0 <br/>Microsoft Visio Professional 2002 [English] <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>Microsoft WinUsb 2.0 <br/>Microsoft_VC80_ATL_x86 <br/>Microsoft_VC80_CRT_x86 <br/>Microsoft_VC80_MFC_x86 <br/>Microsoft_VC80_MFCLOC_x86 <br/>Microsoft_VC90_ATL_x86 <br/>Microsoft_VC90_CRT_x86 <br/>Microsoft_VC90_MFC_x86 <br/>mMHouse <br/>MobileMe Control Panel <br/>Mozilla Firefox 20.0.1 (x86 en-US) <br/>Mozilla Maintenance Service <br/>mPfMgr <br/>mProSafe <br/>MSIcon <br/>MSVCSetup <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>MSXML 6.0 Parser (KB933579) <br/>mWlsSafe <br/>MxControlCenter version 2.5 <br/>Nikon Message Center <br/>Nobeltec Visual Navigation Suite <br/>OCR Software by I.R.I.S. 10.0 <br/>OGA Notifier 2.0.0048.0 <br/>PDF Settings CS5 <br/>PicoSoft 3.0 <br/>PMCU 2.1.1 <br/>QuickTime <br/>Realtek AC'97 Audio <br/>Realtek High Definition Audio Driver <br/>Redistributable_MM <br/>Safari <br/>Seagate Dashboard 2.0 <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2487367) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) <br/>Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition <br/>Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition <br/>Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition <br/>Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition <br/>Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition <br/>Security Update for Windows Internet Explorer 8 (KB2510531) <br/>Security Update for Windows Internet Explorer 8 (KB2544521) <br/>Security Update for Windows Internet Explorer 8 (KB2618444) <br/>Security Update for Windows Internet Explorer 8 (KB2647516) <br/>Security Update for Windows Internet Explorer 8 (KB2675157) <br/>Security Update for Windows Internet Explorer 8 (KB2699988) <br/>Security Update for Windows Internet Explorer 8 (KB2722913) <br/>Security Update for Windows Internet Explorer 8 (KB2744842) <br/>Security Update for Windows Internet Explorer 8 (KB2761465) <br/>Security Update for Windows Internet Explorer 8 (KB2792100) <br/>Security Update for Windows Internet Explorer 8 (KB2797052) <br/>Security Update for Windows Internet Explorer 8 (KB2799329) <br/>Security Update for Windows Internet Explorer 8 (KB2809289) <br/>Security Update for Windows Internet Explorer 8 (KB2817183) <br/>Security Update for Windows Internet Explorer 8 (KB2829530) <br/>Security Update for Windows Internet Explorer 8 (KB2846071) <br/>Security Update for Windows Internet Explorer 8 (KB2847204) <br/>Security Update for Windows Internet Explorer 8 (KB2870699) <br/>Security Update for Windows Internet Explorer 8 (KB2879017) <br/>Security Update for Windows Internet Explorer 8 (KB2888505) <br/>Security Update for Windows Internet Explorer 8 (KB982381) <br/>Security Update for Windows XP (KB2847311) <br/>Security Update for Windows XP (KB2862152) <br/>Security Update for Windows XP (KB2862330) <br/>Security Update for Windows XP (KB2862335) <br/>Security Update for Windows XP (KB2868038) <br/>Security Update for Windows XP (KB2868626) <br/>Security Update for Windows XP (KB2876331) <br/>Security Update for Windows XP (KB2883150) <br/>Security Update for Windows XP (KB2900986) <br/>Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) <br/>Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) <br/>SigmaTel USB-IR Adapter <br/>Size-It <br/>Smiley Bar for Facebook <br/>SonicWALL Global VPN Client <br/>SonyImgF <br/>Synaptics Pointing Device Driver <br/>Update for 2007 Microsoft Office System (KB967642) <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707) <br/>Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition <br/>Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition <br/>Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition <br/>Visual C++ 2008 x86 Runtime - (v9.0.30729) <br/>Visual C++ 2008 x86 Runtime - v9.0.30729.01 <br/>VLC media player 2.0.6 <br/>WebFldrs XP <br/>Windows Driver Package - CXT (winachsf) Modem (12/26/2006 7.62.00.00) <br/>Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) <br/>Windows Internet Explorer 8 <br/>Windows jZip Toolbar <br/>Windows Media Format 11 runtime <br/>Windows Media Player 11 <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>11/28/2013 8:42:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403 <br/>11/26/2013 9:20:33 PM, error: Service Control Manager [7000] - The PowerLogic Network Server service failed to start due to the following error: The system cannot find the path specified. <br/>11/26/2013 7:30:21 PM, error: Dhcp [1002] - The IP address lease 192.168.1.151 for the Network Card with network address 0013E828B869 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). <br/>11/26/2013 7:25:43 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0. <br/>11/25/2013 5:05:51 PM, error: PlugPlayManager [12] - The device 'PIONEER DVD-RW DVR-K17' (IDE\CdRomPIONEER_DVD-RW__DVR-K17_________________1.00____\5&20cd67d&0&0.0.0) disappeared from the system without first being prepared for removal. <br/>11/24/2013 4:23:28 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PowerLogic Network Server service to connect. <br/>11/24/2013 4:23:28 PM, error: Service Control Manager [7000] - The USB-USB Network Bridge service failed to start due to the following error: The system cannot find the file specified. <br/>11/24/2013 4:23:28 PM, error: Service Control Manager [7000] - The PowerLogic Network Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>11/23/2013 12:55:05 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Update BuzzSearch service to connect. <br/>11/23/2013 12:55:05 PM, error: Service Control Manager [7000] - The Update BuzzSearch service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>11/23/2013 1:30:30 PM, error: Service Control Manager [7034] - The Updater Service service terminated unexpectedly. It has done this 1 time(s). <br/>11/23/2013 1:30:30 PM, error: Service Control Manager [7034] - The BitGuard service terminated unexpectedly. It has done this 1 time(s). <br/>. <br/>==== End Of File =========================== <br/> <br/> <br/>Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 9:06:08 AM, on 11/28/2013 <br/>Platform: Windows XP SP3 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v8.00 (8.00.6001.18702) <br/> <br/>FIREFOX: 20.0.1 (en-US) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>c:\Program Files\Microsoft Security Client\MsMpEng.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\WINDOWS\system32\rundll32.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\AmosConnect\dbssvc.exe <br/>C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe <br/>C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe <br/>C:\MSSQL2005\MSSQL.2\MSSQL\Binn\sqlservr.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe <br/>C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe <br/>C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe <br/>C:\WINDOWS\system32\hkcmd.exe <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\WINDOWS\system32\igfxsrvc.exe <br/>C:\Program Files\QuickTime\QTTask.exe <br/>C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe <br/>C:\Program Files\iTunes\iTunesHelper.exe <br/>C:\Program Files\Microsoft Security Client\msseces.exe <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Documents and Settings\Bill\Local Settings\Application Data\Akamai\netsession_win.exe <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe <br/>C:\Documents and Settings\Bill\Local Settings\Application Data\Akamai\netsession_win.exe <br/>C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe <br/>C:\Documents and Settings\Bill\Application Data\Dropbox\bin\Dropbox.exe <br/>C:\WINDOWS\system32\wbem\wmiapsrv.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>C:\Program Files\Mozilla Firefox\firefox.exe <br/>C:\Program Files\Mozilla Firefox\plugin-container.exe <br/>C:\WINDOWS\system32\NOTEPAD.EXE <br/>C:\WINDOWS\system32\NOTEPAD.EXE <br/>C:\WINDOWS\system32\msiexec.exe <br/>C:\Program Files\Java\jre7\bin\jqs.exe <br/>C:\Documents and Settings\Bill\My Documents\Downloads\HijackThis.exe <br/> <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;*.local;<local> <br/>R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) <br/>O2 - BHO: jZip Toolbar - {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - C:\PROGRA~1\WI83E4~1\Datamngr\ToolBar\jzipdtx.dll (file missing) <br/>O2 - BHO: UrlHelper Class - {41C4AA37-1DDD-4345-B8DC-734E4B38414D} - C:\PROGRA~1\WI83E4~1\Datamngr\IEBHO.dll (file missing) <br/>O2 - BHO: Smiley Bar for Facebook - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll <br/>O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <br/>O3 - Toolbar: jZip Toolbar - {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - C:\PROGRA~1\WI83E4~1\Datamngr\ToolBar\jzipdtx.dll (file missing) <br/>O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe <br/>O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" <br/>O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe <br/>O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" <br/>O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE <br/>O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" <br/>O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [DBAgent] "C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVDNkQtS1JORjQtOUhSWEotQUtUSzMtTFI2UFEtTkpTQUg"&"inst=NzctMTQ0NDU4MTU5Ny1GUDkrNi1CQVI5RysxLVRCOSsyLUZMKzktWDIwMTArMi1RSVgxKzQtRjEwTTEwRCsyLUNJQTEwKzItU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtRERUKzAtTFNEKzItREQxMCsxLVNUMTBBUFArMS1QMTBNMTJDKzEtVEIrMS1QMTBUQisyLVNUMTBGQVBQKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1430 <br/>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Bill\Local Settings\Application Data\Akamai\netsession_win.exe" <br/>O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background <br/>O4 - HKCU\..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe <br/>O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') <br/>O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') <br/>O4 - S-1-5-18 Startup: Dropbox.lnk = C:\Documents and Settings\Bill\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM') <br/>O4 - .DEFAULT Startup: Dropbox.lnk = C:\Documents and Settings\Bill\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user') <br/>O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Bill\Application Data\Dropbox\bin\Dropbox.exe <br/>O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe <br/>O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL <br/>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258736889390 <br/>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203810104234 <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll <br/>O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing) <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: AMOS Mail Database (DbsRpcService) - Stratos Global - C:\Program Files\AmosConnect\dbssvc.exe <br/>O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe <br/>O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe <br/>O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe <br/>O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: PowerLogic Network Server - Unknown owner - C:\POWERLOGIC\PMCU\Bin\PLNSrvr.exe (file missing) <br/>O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe <br/>O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe <br/>O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe <br/>O23 - Service: SonicWALL Global VPN Client Service (SWGVCSvc) - SonicWALL, Inc. - C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe <br/>O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe <br/>O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe <br/> <br/>-- <br/>End of file - 13391 bytes
Posted 11/29/2013 5:30 PM
#96254
User avatar

Robert Mateescu Advanced member

Date Joined Nov 2016
Total Posts: 427
Hi Derrack, <br/> <br/>Can you provide me with some information about your issue? <br/>According to the Malwarebytes log, a lot of files have been removed so the original problem may have been solved. <br/> <br/>Thanks.
Robert Mateescu
Senior Support Technician EN
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Contact our Support team directly via Live Chat for immediate assistance: http://www.bullguard.com/support.aspx!
Posted 11/29/2013 8:48 PM
#96258
User avatar

Derrack Valued member

Date Joined Nov 2016
Total Posts: 19
Sure thing. This computer was chock full of search bars and gimmick spyware removal programs. So of course it was running horribly, I removed everything I could find and just wanted to make sure there wasn't any other gimmick leach programs on it that I missed.
Posted 11/30/2013 10:12 AM
#96263
User avatar

Kosmonova Member

Date Joined Nov 2016
Total Posts: 3
hello derrack! you might find these three tools usefull , they are capable to delete any form of spyware , adware and other forms of junk from your pc , just to make sure there are no remnants left : <br/> <br/>adwcleaner : <br/> <br/>http://www.bleepingcomputer.com/download/adwcleaner/ <br/> <br/> <br/>junkware removal tool : <br/> <br/>http://www.bleepingcomputer.com/download/junkware-removal-tool/ <br/> <br/>roguekiller by tigzy : <br/> <br/>http://www.bleepingcomputer.com/download/roguekiller/ <br/> <br/>enjoy!!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 4:16 AM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,969 registered members. Please welcome our newest member, Heisenberg.
There are currently no users on-line.