It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

General slow performance after AV expired

Posted 1/17/2014 11:39 AM
#96472
User avatar

GazNicki Valued member

Date Joined Nov 2016
Total Posts: 16
A friend brought his laptop to me after he experienced slow running on it. It seems his Anti Virus expired. <br/> <br/>I have done the usual install CCleaner, prevented the garbage from loading at startup, and run the required pre-post software. Here are reports: <br/> <br/>MBAM Log <br/>[code]Malwarebytes Anti-Malware 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2014.01.17.03 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 11.0.9600.16476 <br/>Andrew :: ANDREW-HP [administrator] <br/> <br/>17/01/2014 09:49:36 <br/>mbam-log-2014-01-17 (09-49-36).txt <br/> <br/>Scan type: Full scan (C:\|D:\|Q:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 424133 <br/>Time elapsed: 1 hour(s), 12 minute(s), 26 second(s) <br/> <br/>Memory Processes Detected: 1 <br/>C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> 2712 -> Delete on reboot. <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 65 <br/>HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\wajam.WajamBHO.1 (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\wajam.WajamBHO (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully. <br/>HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCR\DynConIE.DynConIEObject.1 (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCR\DynConIE.DynConIEObject (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCR\wajam.WajamDownloader.1 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCR\wajam.WajamDownloader (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKCR\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKCR\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Websteroids (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>HKCR\AppID\priam_bho.DLL (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. <br/>HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. <br/>HKCU\SOFTWARE\WAJAM (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Classes\AppID\DynConIE.DLL (PUP.Optional.DynConIE.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\WAJAM (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/> <br/>Registry Values Detected: 8 <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Data: VShareTB -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Data: Searchqu Toolbar -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Data: -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.Optional.VShareRedir) -> Data: -> Quarantined and deleted successfully. <br/>HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 1763663281055727615 -> Quarantined and deleted successfully. <br/>HKCU\Software\Wajam|affiliate_id (PUP.Optional.Wajam.A) -> Data: 6334 -> Quarantined and deleted successfully. <br/>HKLM\SOFTWARE\Wajam|red (PUP.Optional.Wajam.A) -> Data: 4 -> Quarantined and deleted successfully. <br/>HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 1763663281055727615 -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Detected: 3 <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Bad: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) Good: () -> Quarantined and repaired successfully. <br/>HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE160D607-241D-4AA0-A43A-101B093FBFF2&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully. <br/> <br/>Folders Detected: 36 <br/>C:\ProgramData\Websteroids (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\chrome (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\chrome\content (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\IE (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Delete on reboot. <br/>C:\Program Files (x86)\Wajam\IE (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Delete on reboot. <br/>C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully. <br/>C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully. <br/>C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/> <br/>Files Detected: 159 <br/>C:\Users\Andrew\AppData\Local\cbgrluhq\kexevxqh.exe (Trojan.Downloader.ED) -> No action taken. <br/>C:\Windows\pss\kexevxqh.exe.Startup (Trojan.Downloader.ED) -> No action taken. <br/>C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\IE\priam_bho.dll (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\IE\common.dll (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (PUP.Optional.VShareRedir) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Updater\update.exe (PUP.Optional.Wajam) -> Quarantined and deleted successfully. <br/>C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\app.dat (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Uninstall.exe (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Websteroids.ico (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\common.crx (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\announce.js (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\background.html (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\common.js (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\contentscript.js (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\icon.png (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\icon128.png (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\icon16.png (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\icon48.png (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\iframecontentscript.js (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Chrome\unzip\manifest.json (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\chrome.manifest (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\install.rdf (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\chrome\content\main.js (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\ProgramData\Websteroids\Firefox\chrome\content\overlay.xul (PUP.Optional.Websteroids.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> Delete on reboot. <br/>C:\Program Files (x86)\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\IE\favicon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\amazon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\argos.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\ask.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\bestbuy.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\bing.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\ebay.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\etsy.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\facebook.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\favicon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\google.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\homedepot.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\ikea.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\imdb.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\lowes.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\mercado.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\mysearchweb.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\myshopping.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\searchresult.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\sears.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\setting.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\settings.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\shopping.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\target.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\tesco.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\tripadvisor.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\twitter.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\wajam.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\walmart.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\wiki.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\yahoo.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Program Files (x86)\Wajam\Logos\zalando.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Bing.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/>C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. <br/> <br/>(end) <br/>[/code] <br/> <br/>HIJACK THIS LOG <br/>[code]Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 11:31:38, on 17/01/2014 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v11.0 (11.00.9600.16428) <br/> <br/> <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe <br/>C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Users\Andrew\Desktop\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: (no name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file) <br/>R3 - URLSearchHook: (no name) - {a24f3f59-1021-4e02-856c-99d9b4a03d83} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2SrcAs.dll <br/>R3 - URLSearchHook: TV Center Toolbar - {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>F2 - REG:system.ini: UserInit=userinit.exe, <br/>O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O2 - BHO: Toolbar BHO - {285028f8-201e-4f8f-827b-7381fc181c3e} - C:\PROGRA~2\SOCCER~2\bar\1.bin\j2bar.dll <br/>O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll <br/>O2 - BHO: TV Center Toolbar - {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>O2 - BHO: Search Assistant BHO - {73b8e1fd-331f-4c17-8613-8a3034d3b0ca} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2SrcAs.dll <br/>O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) <br/>O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing) <br/>O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll <br/>O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll <br/>O3 - Toolbar: SoccerInferno - {c5a318c1-d1d9-41f0-85fe-41cc9fb25e75} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2bar.dll <br/>O3 - Toolbar: TV Center Toolbar - {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) <br/>O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe <br/>O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe <br/>O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe <br/>O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: SoccerInfernoService - COMPANYVERS_NAME - C:\PROGRA~2\SOCCER~2\bar\1.bin\j2barsvc.exe <br/>O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/>O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/> <br/>-- <br/>End of file - 11771 bytes <br/>[/code]
Posted 1/17/2014 11:40 AM
#96473
User avatar

GazNicki Valued member

Date Joined Nov 2016
Total Posts: 16
DDS LOG <br/>[code]DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 11.0.9600.16428 <br/>Run by Andrew at 11:18:25 on 2014-01-17 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3999.2414 [GMT 0:00] <br/>. <br/>AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} <br/>SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe <br/>C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe <br/>C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe <br/>C:\Windows\SysWOW64\ezSharedSvcHost.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Windows\system32\taskeng.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe <br/>C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe <br/>C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe <br/>C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE <br/>C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe <br/>C:\PROGRA~2\SOCCER~2\bar\1.bin\j2barsvc.exe <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe <br/>C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe <br/>C:\Windows\system32\sppsvc.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>C:\Windows\System32\svchost.exe -k secsvcs <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Windows\servicing\TrustedInstaller.exe <br/>C:\Windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://www.google.com <br/>uURLSearchHooks: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - <orphaned> <br/>uURLSearchHooks: <No Name>: {a24f3f59-1021-4e02-856c-99d9b4a03d83} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2SrcAs.dll <br/>uURLSearchHooks: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>mURLSearchHooks: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>mWinlogon: Userinit = userinit.exe, <br/>BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll <br/>BHO: Toolbar BHO: {285028f8-201e-4f8f-827b-7381fc181c3e} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2bar.dll <br/>BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll <br/>BHO: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>BHO: Search Assistant BHO: {73b8e1fd-331f-4c17-8613-8a3034d3b0ca} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2SrcAs.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll <br/>BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll <br/>BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll <br/>TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll <br/>TB: SoccerInferno: {c5a318c1-d1d9-41f0-85fe-41cc9fb25e75} - C:\Program Files (x86)\SoccerInferno\bar\1.bin\j2bar.dll <br/>TB: TV Center Toolbar: {350e72a9-e6db-4967-9572-dd8e27d3e1be} - C:\Program Files (x86)\TV_Center\tbTV_C.dll <br/>TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - <br/>TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:157 <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoActiveDesktopChanges = dword:1 <br/>mPolicies-Explorer: EnableShellExecuteHooks = dword:1 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>mPolicies-System: HideFastUserSwitching = dword:0 <br/>IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>TCP: NameServer = 192.168.50.3 <br/>TCP: Interfaces\{FC76DC93-2C97-4D8F-87AA-41D78FAAF8C8} : DHCPNameServer = 192.168.50.3 <br/>TCP: Interfaces\{FC76DC93-2C97-4D8F-87AA-41D78FAAF8C8}\2656C6B696E6E2437336 : DHCPNameServer = 192.168.2.1 <br/>TCP: Interfaces\{FC76DC93-2C97-4D8F-87AA-41D78FAAF8C8}\6416C6C626162727F6770275966496021353 : DHCPNameServer = 192.168.249.1 192.168.249.1 <br/>TCP: Interfaces\{FC76DC93-2C97-4D8F-87AA-41D78FAAF8C8}\841627473702341627166716E602051627B6 : DHCPNameServer = 192.168.231.1 <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll <br/>SSODL: WebCheck - <orphaned> <br/>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll <br/>mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" <br/>x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll <br/>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>x64-BHO: UrlHelper Class: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll <br/>x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe <br/>x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe <br/>x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe <br/>x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe <br/>x64-Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe <br/>x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>x64-DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab <br/>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> <br/>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> <br/>x64-Notify: igfxcui - igfxdev.dll <br/>x64-SSODL: WebCheck - <orphaned> <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-6 65776] <br/>R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-6 205320] <br/>R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-3 1032416] <br/>R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-3-3 409832] <br/>R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-8-17 98208] <br/>R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-3-3 38984] <br/>R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-3-3 84328] <br/>R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-15 50344] <br/>R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-10-22 181760] <br/>R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2011-10-22 55296] <br/>R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] <br/>R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] <br/>R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] <br/>R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992] <br/>R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] <br/>R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680] <br/>R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] <br/>R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056] <br/>R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] <br/>R2 SoccerInfernoService;SoccerInfernoService;C:\PROGRA~2\SOCCER~2\bar\1.bin\j2barsvc.exe [2011-8-7 42504] <br/>R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2011-10-22 291352] <br/>R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-8-28 92632] <br/>R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-8-2 32880] <br/>R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-17 347680] <br/>R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-8-17 1093152] <br/>R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] <br/>R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] <br/>R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] <br/>R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] <br/>R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] <br/>S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] <br/>S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560] <br/>S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-24 102240] <br/>S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-13 48488] <br/>S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] <br/>S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2014-1-15 37344] <br/>S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] <br/>S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2012-3-13 13352] <br/>S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-17 111616] <br/>S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] <br/>S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\System32\drivers\s1018bus.sys [2009-3-25 113704] <br/>S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\System32\drivers\s1018mdfl.sys [2009-3-25 19496] <br/>S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\System32\drivers\s1018mdm.sys [2009-3-25 153128] <br/>S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s1018mgmt.sys [2009-3-25 133160] <br/>S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);C:\Windows\System32\drivers\s1018nd5.sys [2009-3-25 34856] <br/>S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;C:\Windows\System32\drivers\s1018obex.sys [2009-3-25 128552] <br/>S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);C:\Windows\System32\drivers\s1018unic.sys [2009-3-25 146472] <br/>S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-1-30 155824] <br/>S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] <br/>S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] <br/>S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] <br/>S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-24 203104] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-10 59392] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-28 1255736] <br/>S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120] <br/>S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2014-01-17 09:47:58 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes <br/>2014-01-17 09:47:47 -------- d-----w- C:\ProgramData\Malwarebytes <br/>2014-01-17 09:47:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys <br/>2014-01-17 09:47:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2014-01-17 09:47:32 -------- d-----w- C:\Users\Andrew\AppData\Local\Programs <br/>2014-01-17 09:18:03 -------- d-----w- C:\Windows\pss <br/>2014-01-17 08:57:35 -------- d-----w- C:\Program Files\CCleaner <br/>2014-01-17 08:45:19 -------- d-----w- C:\Users\Andrew\AppData\Local\{8548B45C-D218-43F6-8A61-AE90A3DFBA77} <br/>2014-01-16 18:27:37 -------- d-----w- C:\Users\Andrew\AppData\Local\{996CD413-D4BC-4235-A946-B96A3AC3C9DC} <br/>2014-01-16 18:04:51 -------- d-----w- C:\Users\Andrew\AppData\Local\{BE0D915C-A136-4366-B993-104ADA14D6D1} <br/>2014-01-15 20:57:05 -------- d-----w- C:\ProgramData\InternetUpdater <br/>2014-01-15 20:49:15 -------- d-----w- C:\Users\Andrew\AppData\Local\SearchProtect <br/>2014-01-15 20:49:00 -------- d-----w- C:\ProgramData\Updater <br/>2014-01-15 20:49:00 -------- d-----w- C:\ProgramData\RHelpers <br/>2014-01-15 20:47:54 -------- d-----w- C:\Program Files (x86)\sweetpacks bundle uninstaller <br/>2014-01-15 19:24:09 -------- d-----w- C:\Users\Andrew\AppData\Local\cbgrluhq <br/>2014-01-15 19:14:12 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8D55B43-50BD-4160-BE71-5E93D12550DC}\mpengine.dll <br/>2014-01-15 19:09:37 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys <br/>2014-01-15 19:09:37 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys <br/>2014-01-15 19:09:37 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys <br/>2014-01-15 19:09:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys <br/>2014-01-15 19:09:37 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys <br/>2014-01-15 19:09:37 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys <br/>2014-01-15 19:09:37 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys <br/>2014-01-15 19:09:34 3156480 ----a-w- C:\Windows\System32\win32k.sys <br/>2014-01-15 19:09:33 376768 ----a-w- C:\Windows\System32\drivers\netio.sys <br/>2014-01-15 19:01:31 37344 ----a-w- C:\Windows\SysWow64\FsUsbExDisk.Sys <br/>2014-01-15 19:01:31 233472 ----a-w- C:\Windows\SysWow64\FsUsbExService.Exe <br/>2014-01-15 19:01:31 110592 ----a-w- C:\Windows\SysWow64\FsUsbExDevice.Dll <br/>2014-01-15 18:55:48 -------- d-----w- C:\Users\Andrew\AppData\Local\{EAE36347-F4DD-4AAD-B682-90132182C391} <br/>2014-01-14 18:12:46 -------- d-----w- C:\Users\Andrew\AppData\Local\{89CA1A10-B2BA-4402-A3D0-05744440E484} <br/>2014-01-11 13:59:23 -------- d-----w- C:\Users\Andrew\AppData\Local\{EE3BA7DF-EFC7-4D5F-BFAC-1DB91C498F29} <br/>2014-01-11 13:57:59 -------- d-----w- C:\Users\Andrew\AppData\Local\{2A306CB6-1469-4F36-92B9-AD0DD67C96BC} <br/>2014-01-07 20:03:04 -------- d-----w- C:\Users\Andrew\AppData\Local\{F4A41EAE-3AAF-4D32-B3B6-481A9CD3140D} <br/>2014-01-05 16:12:20 -------- d-----w- C:\Users\Andrew\AppData\Local\{BF066E3D-C0BF-42A5-8E30-1A3BEEA66EE9} <br/>2014-01-04 09:55:14 -------- d-----w- C:\Users\Andrew\AppData\Local\{400225C7-73FC-4F4C-834D-B8426BC1E660} <br/>2014-01-01 17:31:45 -------- d-----w- C:\Users\Andrew\AppData\Local\{98E3F311-C8B6-4763-AB8F-D968F707C0F7} <br/>2013-12-26 13:04:37 -------- d-----w- C:\Users\Andrew\AppData\Local\{2146DB55-0554-408B-BFCF-198EEF95F114} <br/>2013-12-22 11:58:00 -------- d-----w- C:\Users\Andrew\AppData\Local\{AF45B20C-37FA-43DC-93D1-1D802F3C75DA} <br/>2013-12-21 06:04:22 225656 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll <br/>2013-12-19 20:39:02 -------- d-----w- C:\Users\Andrew\AppData\Local\{D35295A3-4E33-4A8A-B6A7-4C65EDD3A14D} <br/>2013-12-19 20:37:51 -------- d-----w- C:\Users\Andrew\AppData\Local\{5BCAF0AD-B739-4E2B-98CC-0BF8C7B2374D} <br/>2013-12-18 18:13:45 -------- d-----w- C:\Users\Andrew\AppData\Local\{6740680F-0868-4039-B2AA-FFD1EBD9D997} <br/>2013-12-18 17:44:37 -------- d-----w- C:\Users\Andrew\AppData\Local\{4D9C16A7-6A7B-454A-804A-20D1971CE75E} <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-12-17 17:21:52 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-12-17 17:21:52 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2013-12-03 17:57:27 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys <br/>2013-12-03 17:57:27 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys <br/>2013-12-03 17:57:27 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys <br/>2013-12-03 17:57:26 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys <br/>2013-12-03 17:57:26 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys <br/>2013-12-03 17:57:26 43152 ----a-w- C:\Windows\avastSS.scr <br/>2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll <br/>2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll <br/>2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll <br/>2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe <br/>2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe <br/>2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll <br/>2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll <br/>2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll <br/>2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl <br/>2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl <br/>2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll <br/>2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll <br/>2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll <br/>2013-11-19 03:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe <br/>2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll <br/>2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll <br/>2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll <br/>2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll <br/>. <br/>============= FINISH: 11:19:40.27 =============== <br/>[/code] <br/> <br/>ATTACH <br/>[code]. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 27/12/2010 17:15:55 <br/>System Uptime: 17/01/2014 11:12:14 (0 hours ago) <br/>. <br/>Motherboard: Hewlett-Packard | | 1605 <br/>Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | CPU | 2300/800mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 450 GiB total, 372.453 GiB free. <br/>D: is FIXED (NTFS) - 15 GiB total, 2.202 GiB free. <br/>E: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP330: 01/12/2013 17:26:41 - Windows Update <br/>RP331: 03/12/2013 17:55:21 - avast! antivirus system restore point <br/>RP332: 17/12/2013 17:30:43 - Windows Update <br/>RP333: 17/12/2013 21:41:20 - Windows Update <br/>RP334: 22/12/2013 12:03:59 - Windows Update <br/>RP335: 26/12/2013 13:10:22 - Windows Update <br/>RP336: 01/01/2014 12:37:47 - Windows Update <br/>RP337: 04/01/2014 10:29:16 - Installed "ViewNX 2" <br/>RP338: 07/01/2014 20:09:53 - Windows Update <br/>RP339: 11/01/2014 14:03:44 - Windows Update <br/>RP340: 15/01/2014 18:58:39 - Sony PC Companion <br/>RP341: 15/01/2014 19:02:41 - Windows Update <br/>RP342: 15/01/2014 19:25:50 - Windows Update <br/>RP343: 15/01/2014 20:49:44 - avast! antivirus system restore point <br/>RP344: 16/01/2014 18:19:45 - Restore Operation <br/>RP345: 16/01/2014 18:25:15 - avast! antivirus system restore point <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Acrobat.com <br/>Adobe AIR <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Reader XI (11.0.06) <br/>Adobe Shockwave Player 11.5 <br/>Agatha Christie - Death on the Nile <br/>Apple Application Support <br/>Apple Software Update <br/>avast! Free Antivirus <br/>Bejeweled 2 Deluxe <br/>Bejeweled Deluxe 1.87 <br/>Belkin Setup and Router Monitor <br/>Belkin USB Print and Storage Center <br/>Bing Bar <br/>Blackhawk Striker 2 <br/>CCleaner <br/>Chuzzle Deluxe <br/>Cisco EAP-FAST Module <br/>Cisco LEAP Module <br/>Cisco PEAP Module <br/>Coupon Printer for Windows <br/>CyberLink DVD Suite <br/>CyberLink PowerDVD 9 <br/>CyberLink YouCam <br/>D3DX10 <br/>Dora's Carnival Adventure <br/>Energy Star Digital Logo <br/>Escape Rosecliff Island <br/>ESU for Microsoft Windows 7 <br/>FATE <br/>FileParade bundle uninstaller <br/>Final Drive Nitro <br/>FinePixViewer Resource <br/>FinePixViewer Ver.5.5 <br/>FinePixViewer YTUPL <br/>Fishdom <br/>Google Earth <br/>Google Update Helper <br/>Hewlett-Packard ACLM.NET v1.1.2.0 <br/>Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) <br/>HP Advisor <br/>HP Customer Experience Enhancements <br/>HP Documentation <br/>HP Games <br/>HP Photo Creations <br/>HP Photosmart Plus B210 series Basic Device Software <br/>HP Photosmart Plus B210 series Help <br/>HP Photosmart Plus B210 series Product Improvement Study <br/>HP Power Manager <br/>HP Quick Launch <br/>HP Setup <br/>HP Software Framework <br/>HP Support Assistant <br/>HP Update <br/>HP Wireless Assistant <br/>iLivid <br/>Intel(R) Control Center <br/>Intel(R) Graphics Media Accelerator Driver <br/>Intel(R) Rapid Storage Technology <br/>Internet TV for Windows Media Center <br/>Java(TM) 6 Update 39 <br/>Java(TM) 6 Update 39 (64-bit) <br/>Jewel Quest - Heritage <br/>Junk Mail filter update <br/>LabelPrint <br/>LightScribe System Software <br/>Magic Desktop <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>Media Go <br/>Media Go Video Playback Engine 1.84.111.07020 <br/>Mesh Runtime <br/>Messenger Companion <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft Access 2002 Runtime <br/>Microsoft Application Error Reporting <br/>Microsoft Default Manager <br/>Microsoft Office 2010 <br/>Microsoft Office Click-to-Run 2010 <br/>Microsoft Office Starter 2010 - English <br/>Microsoft PowerPoint Viewer <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2005 Redistributable - KB2467175 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>MSVCRT <br/>MSVCRT_amd64 <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>Nikon Message Center 2 <br/>Nikon Movie Editor <br/>Norton Online Backup <br/>Penguins! <br/>Photo Explosion <br/>PhotoNow! <br/>Picture Control Utility x64 <br/>Plants vs. Zombies <br/>PlayStation(R)Network Downloader <br/>PlayStation(R)Store <br/>Poker Superstars III <br/>Polar Bowler <br/>Polar Golfer <br/>Power2Go <br/>PowerDirector <br/>QuickTime <br/>RealDownloader <br/>RealNetworks - Microsoft Visual C++ 2008 Runtime <br/>RealNetworks - Microsoft Visual C++ 2010 Runtime <br/>RealPlayer <br/>Realtek Ethernet Controller Driver For Windows 7 <br/>Realtek High Definition Audio Driver <br/>REALTEK Wireless LAN Software <br/>RealUpgrade 1.1 <br/>Recovery Manager <br/>RtVOsd <br/>Samsung Kies <br/>SAMSUNG USB Driver for Mobile Phones <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) <br/>Skype™ 5.10 <br/>SoccerInferno <br/>Sony Ericsson Update Engine <br/>Sony PC Companion 2.10.188 <br/>Synaptics Pointing Device Driver <br/>TomTom HOME <br/>TomTom HOME Visual Studio Merge Modules <br/>TV_Center Toolbar <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2473228) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) <br/>Update Installer for WildTangent Games App <br/>Updater <br/>Veetle TV <br/>Video Mover <br/>ViewNX 2 <br/>Virtual Villagers - The Secret City <br/>WildTangent Games App <br/>WildTangent Games App (HP Games) <br/>Windows iLivid Toolbar <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live Family Safety <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Language Selector <br/>Windows Live Mail <br/>Windows Live Mesh <br/>Windows Live Mesh ActiveX Control for Remote Connections <br/>Windows Live Messenger <br/>Windows Live Messenger Companion Core <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live Remote Client <br/>Windows Live Remote Client Resources <br/>Windows Live Remote Service <br/>Windows Live Remote Service Resources <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live Sync <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>Windows Media Center Add-in for Silverlight <br/>Xvid Video Codec <br/>Yahoo! Software Update <br/>Yahoo! Toolbar <br/>Zuma Deluxe <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>17/01/2014 09:41:48, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. <br/>17/01/2014 09:40:04, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. <br/>17/01/2014 09:36:32, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. <br/>17/01/2014 09:36:32, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. <br/>17/01/2014 09:32:50, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. <br/>. <br/>==== End Of File =========================== <br/>[/code]
Posted 1/17/2014 4:07 PM
#96474
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hi GazNicki :smile: <br/> <br/> <br/> <br/> <br/>Please download <br/>Farbar Recovery Scan Tool <br/>and save it to your Desktop. <br/> <br/> <br/>[color=green]Note: You need to run the version compatible with your system. <br/>If you are not sure which version applies to your system download both of them and try to run them. <br/>Only one of them will run on your system, that will be the right version.[/color] <br/> <br/> <br/>[LIST] <br/>Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. <br/>Press Scan button. <br/>It will produce a log called FRST.txt in the same directory the tool is run from. <br/>Please copy and paste log back here. <br/>The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. <br/>[/LIST]

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 3, 2016, 12:47 PM (GMT +1)
There are a total of 61,158 posts in 13,448 threads.
In the last 3 days there were 2 new threads and 2 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, Tipz2k16.
There are currently no users on-line.