Might have adware, can't stop pop ups.

Posted 9/24/2013 8:13 AM
#96016
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 4:08:36 AM, on 9/24/2013 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v10.0 (10.00.9200.16686) <br/> <br/>FIREFOX: 16.0.2 (en-US) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe <br/>C:\Program Files (x86)\AIM\aim.exe <br/>C:\Program Files (x86)\Steam\Steam.exe <br/>C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>C:\Windows\SysWOW64\cmd.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Internet Explorer\IELowutil.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Users\Bates\Downloads\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) <br/>F2 - REG:system.ini: UserInit=userinit.exe, <br/>O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll <br/>O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL <br/>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll <br/>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe <br/>O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>O4 - HKLM\..\Run: [autoauto] c.bat <br/>O4 - HKLM\..\Run: [ToolbarTray] C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe <br/>O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US <br/>O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent <br/>O4 - HKCU\..\Run: [CloudSystemBooster] C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe hide=true <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL <br/>O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Unknown owner - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe <br/>O23 - Service: Anvi Slim Toolbar Guard Service (astsvr) - Anvisoft - C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe <br/>O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe <br/>O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe <br/>O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) <br/>O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe <br/>O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 12697 bytes <br/> <br/> <br/> <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.17.2 <br/>Run by Bates at 3:39:24 on 2013-09-24 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.2241 [GMT -4:00] <br/>. <br/>AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} <br/>FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\nvvsvc.exe <br/>C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k GPSvcGroup <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe <br/>C:\Windows\system32\nvvsvc.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe <br/>C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe <br/>C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt <br/>c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe <br/>C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe <br/>C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe <br/>C:\Windows\System32\svchost.exe -k HPZ12 <br/>C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe <br/>C:\Windows\System32\svchost.exe -k HPZ12 <br/>c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe <br/>c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files (x86)\AIM\aim.exe <br/>C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <br/>C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe <br/>C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>C:\Windows\System32\svchost.exe -k LocalServicePeerNet <br/>C:\Windows\SysWOW64\cmd.exe <br/>C:\Windows\system32\svchost.exe -k SDRSVC <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\notepad.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe <br/>C:\Windows\SysWOW64\NOTEPAD.EXE <br/>C:\Windows\SysWOW64\NOTEPAD.EXE <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://www.google.com <br/>uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned> <br/>mWinlogon: Userinit = userinit.exe, <br/>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll <br/>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll <br/>BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\ipsbho.dll <br/>BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll <br/>EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll <br/>EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll <br/>uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe <br/>uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US <br/>uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent <br/>uRun: [CloudSystemBooster] C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe hide=true <br/>mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe <br/>mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>mRun: [autoauto] c.bat <br/>mRun: [ToolbarTray] C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoActiveDesktopChanges = dword:1 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 <br/>IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll <br/>IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} <br/>IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>. <br/>INFO: HKCU has more than 50 listed domains. <br/>If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>. <br/>INFO: HKLM has more than 50 listed domains. <br/> If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab <br/>DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1 <br/>TCP: Interfaces\{D289AED4-13EC-4326-A327-709053869B8C} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 <br/>Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>SSODL: WebCheck - <orphaned> <br/>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>. <br/>INFO: x64-HKLM has more than 50 listed domains. <br/> If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> <br/>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> <br/>x64-SSODL: WebCheck - <orphaned> <br/>Hosts: 127.0.0.1 www.spywareinfo.com <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Bates\AppData\Roaming\Mozilla\Firefox\Profiles\p29b2bpp.default-1345623107303\ <br/>FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll <br/>FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll <br/>FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll <br/>FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll <br/>FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll <br/>FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll <br/>FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll <br/>FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - plugin: C:\Users\Bates\AppData\Roaming\Mozilla\plugins\npicaN.dll <br/>FF - plugin: C:\Windows\System32\TVUAx\npTVUAx.dll <br/>FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll <br/>FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll <br/>FF - plugin: C:\Windows\SysWOW64\npmproxy.dll <br/>FF - ExtSQL: 2013-09-22 20:32; ugnraew@jqhljqmpngx.net; C:\Program Files (x86)\Mozilla Firefox\extensions\ugnraew@jqhljqmpngx.net <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\SymDS64.sys [2013-6-20 493656] <br/>R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\SymEFA64.sys [2013-6-20 1139800] <br/>R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [2013-9-3 1525336] <br/>R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccSetx64.sys [2013-6-20 169048] <br/>R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130923.001\IDSviA64.sys [2013-9-23 520280] <br/>R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\Ironx64.sys [2013-6-20 224416] <br/>R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-20 433752] <br/>R2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2012-12-14 318312] <br/>R2 astsvr;Anvi Slim Toolbar Guard Service;C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [2013-8-26 119032] <br/>R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [2013-6-20 144368] <br/>R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-4 1153368] <br/>R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] <br/>R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-8-28 140376] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] <br/>S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-4 48488] <br/>S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] <br/>S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-18 19456] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-18 57856] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-26 1255736] <br/>S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-09-24 01:41:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-09-24 01:34:23 -------- d-----w- C:\Program Files\CCleaner <br/>2013-09-24 01:23:06 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-09-24 01:23:06 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2013-09-23 23:51:42 -------- d-----w- C:\Users\Bates\AppData\Roaming\Nico Mak Computing <br/>2013-09-23 04:01:46 -------- d-----w- C:\Users\Bates\AppData\Local\Anvisoft <br/>2013-09-23 04:01:46 -------- d-----w- C:\Program Files (x86)\Anvisoft <br/>2013-09-23 02:12:32 -------- d-----w- C:\AdwCleaner <br/>2013-09-23 00:31:58 -------- d-----w- C:\Users\Bates\AppData\Local\WordLayers <br/>2013-09-23 00:30:56 -------- d-----w- C:\a <br/>2013-09-20 02:00:11 3723656 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe <br/>2013-09-12 01:55:25 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys <br/>2013-09-05 10:06:15 -------- d-----w- C:\Users\Bates\AppData\Roaming\com.doubleperfect.ggpo <br/>2013-08-28 09:23:56 -------- d-----w- C:\Users\Bates\AppData\Local\DDMSettings <br/>2013-08-28 09:21:16 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared <br/>2013-08-28 05:59:02 -------- d-----w- C:\Users\Bates\AppData\Roaming\uTorrent <br/>2013-08-28 05:50:49 -------- d-----w- C:\Users\Bates\AppData\Local\Programs <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll <br/>2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll <br/>2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll <br/>2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll <br/>2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll <br/>2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll <br/>2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe <br/>2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe <br/>2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys <br/>2013-08-07 22:54:02 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll <br/>2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe <br/>2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll <br/>2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll <br/>2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll <br/>2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll <br/>2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll <br/>2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll <br/>2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll <br/>2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe <br/>2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe <br/>2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll <br/>2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll <br/>2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll <br/>2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe <br/>2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe <br/>2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe <br/>2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll <br/>2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe <br/>2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe <br/>2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll <br/>2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll <br/>2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll <br/>2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll <br/>2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL <br/>2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL <br/>2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll <br/>2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll <br/>2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll <br/>2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll <br/>2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll <br/>2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll <br/>2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll <br/>2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll <br/>2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll <br/>2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll <br/>2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll <br/>2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll <br/>2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys <br/>2013-07-02 07:04:25 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll <br/>. <br/>============= FINISH: 3:40:46.47 =============== <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 1/22/2010 8:31:34 AM <br/>System Uptime: 9/23/2013 12:54:42 PM (15 hours ago) <br/>. <br/>Motherboard: PEGATRON CORPORATION | | VIOLET6 <br/>Processor: AMD Athlon(tm) II X4 620 Processor | CPU 1 | 2600/200mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 921 GiB total, 733.559 GiB free. <br/>D: is FIXED (NTFS) - 11 GiB total, 0.26 GiB free. <br/>E: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP524: 9/13/2013 3:00:18 AM - Windows Update <br/>RP525: 9/15/2013 7:00:06 PM - Windows Backup <br/>RP526: 9/22/2013 8:39:07 PM - Removed uPlayer <br/>RP527: 9/22/2013 9:46:25 PM - Removed uPlayer <br/>RP528: 9/22/2013 9:50:00 PM - Configured PowerDirector <br/>RP529: 9/22/2013 9:57:02 PM - Configured PowerDirector <br/>RP530: 9/23/2013 12:09:42 AM - Cloud System Booster <br/>RP531: 9/23/2013 12:12:19 AM - Anvi Uninstaller v1.0.1 <br/>RP532: 9/23/2013 12:12:35 AM - Anvi Uninstaller v1.0.1 <br/>. <br/>==== Installed Programs ====================== <br/>. <br/> Update for Microsoft Office 2007 (KB2508958) <br/>4500_Help <br/>64 Bit HP CIO Components Installer <br/>Acrobat.com <br/>ActiveCheck component for HP Active Support Library <br/>Adobe AIR <br/>Adobe Flash Player 11 Plugin <br/>Adobe Reader XI (11.0.03) <br/>AIM 7 <br/>Apple Application Support <br/>Apple Software Update <br/>bpd_scan <br/>BPDSoftware <br/>BPDSoftware_Ini <br/>BufferChm <br/>CCleaner <br/>CDBurnerXP <br/>Citrix XenApp Web Plugin <br/>CleanUp! <br/>Cloud System Booster <br/>Compatibility Pack for the 2007 Office system <br/>Crystal Reports Basic for Visual Studio 2008 <br/>Crystal Reports Basic Runtime for Visual Studio 2008 (x64) <br/>Crystal Reports for Visual Studio <br/>CyberLink DVD Suite Deluxe <br/>D3DX10 <br/>Destinations <br/>DeviceDiscovery <br/>DirectX for Managed Code Update (Summer 2004) <br/>DivX Setup <br/>DocMgr <br/>DocProc <br/>DVD Menu Pack for HP MediaSmart Video <br/>Facebook Video Calling 1.2.0.287 <br/>Fax <br/>File Type Assistant <br/>FrostWire 5.6.3 <br/>Google Chrome <br/>GPBaseService2 <br/>Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182) <br/>Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2813041) <br/>Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091) <br/>Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2565057) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182) <br/>Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2813041) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) <br/>Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) <br/>HP Advisor <br/>HP Customer Experience Enhancements <br/>HP Customer Participation Program 13.0 <br/>HP Document Manager 2.0 <br/>HP Imaging Device Functions 13.0 <br/>HP MediaSmart Demo <br/>HP MediaSmart DVD <br/>HP MediaSmart SmartMenu <br/>HP MediaSmart/TouchSmart Netflix <br/>HP Odometer <br/>HP Photosmart Essential 3.5 <br/>HP Product Detection <br/>HP Remote Solution <br/>HP Setup <br/>HP Smart Web Printing 4.60 <br/>HP Solution Center 13.0 <br/>HP Support Assistant <br/>HP Support Information <br/>HP Update <br/>HPAsset component for HP Active Support Library <br/>HPPhotoSmartDiscLabelContent1 <br/>HPPhotosmartEssential <br/>HPProductAssistant <br/>J4500 <br/>Java 7 Update 17 <br/>Java Auto Updater <br/>Java(TM) 6 Update 26 <br/>JavaFX 2.1.0 <br/>JMC Mud client <br/>Junk Mail filter update <br/>LabelPrint <br/>League of Legends <br/>LightScribe System Software <br/>Magic 2014 <br/>Magic: The Gathering - Duels of the Planeswalkers 2013 <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>MarketResearch <br/>Mesh Runtime <br/>Messenger Companion <br/>Microsoft .NET Compact Framework 2.0 SP2 <br/>Microsoft .NET Compact Framework 3.5 <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft .NET Framework 4 Extended <br/>Microsoft .NET Framework 4 Multi-Targeting Pack <br/>Microsoft Application Error Reporting <br/>Microsoft ASP.NET MVC 2 <br/>Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools <br/>Microsoft Device Emulator (64 bit) version 3.0 - ENU <br/>Microsoft Document Explorer 2008 <br/>Microsoft Help Viewer 1.1 <br/>Microsoft Live Search Toolbar <br/>Microsoft Office 2007 Service Pack 3 (SP3) <br/>Microsoft Office Access MUI (English) 2007 <br/>Microsoft Office Access Setup Metadata MUI (English) 2007 <br/>Microsoft Office Excel MUI (English) 2007 <br/>Microsoft Office File Validation Add-In <br/>Microsoft Office Groove MUI (English) 2007 <br/>Microsoft Office Groove Setup Metadata MUI (English) 2007 <br/>Microsoft Office Home and Student 60 day trial <br/>Microsoft Office InfoPath MUI (English) 2007 <br/>Microsoft Office Office 64-bit Components 2007 <br/>Microsoft Office OneNote MUI (English) 2007 <br/>Microsoft Office Outlook Connector <br/>Microsoft Office Outlook MUI (English) 2007 <br/>Microsoft Office PowerPoint MUI (English) 2007 <br/>Microsoft Office PowerPoint Viewer 2007 (English) <br/>Microsoft Office Proof (English) 2007 <br/>Microsoft Office Proof (French) 2007 <br/>Microsoft Office Proof (Spanish) 2007 <br/>Microsoft Office Proofing (English) 2007 <br/>Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) <br/>Microsoft Office Publisher MUI (English) 2007 <br/>Microsoft Office Shared 64-bit MUI (English) 2007 <br/>Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 <br/>Microsoft Office Shared MUI (English) 2007 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2007 <br/>Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) <br/>Microsoft Office Ultimate 2007 <br/>Microsoft Office Visual Web Developer 2007 <br/>Microsoft Office Visual Web Developer MUI (English) 2007 <br/>Microsoft Office Word MUI (English) 2007 <br/>Microsoft Silverlight <br/>Microsoft Silverlight 3 SDK <br/>Microsoft Silverlight 4 SDK <br/>Microsoft SQL Server 2005 <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) <br/>Microsoft SQL Server 2005 Tools Express Edition <br/>Microsoft SQL Server 2008 R2 Data-Tier Application Framework <br/>Microsoft SQL Server 2008 R2 Data-Tier Application Project <br/>Microsoft SQL Server 2008 R2 Management Objects <br/>Microsoft SQL Server 2008 R2 Management Objects (x64) <br/>Microsoft SQL Server 2008 R2 Transact-SQL Language Service <br/>Microsoft SQL Server Compact 3.5 Design Tools ENU <br/>Microsoft SQL Server Compact 3.5 for Devices ENU <br/>Microsoft SQL Server Compact 3.5 SP2 ENU <br/>Microsoft SQL Server Compact 3.5 SP2 x64 ENU <br/>Microsoft SQL Server Database Publishing Wizard 1.2 <br/>Microsoft SQL Server Database Publishing Wizard 1.4 <br/>Microsoft SQL Server Native Client <br/>Microsoft SQL Server Setup Support Files (English) <br/>Microsoft SQL Server System CLR Types <br/>Microsoft SQL Server System CLR Types (x64) <br/>Microsoft SQL Server VSS Writer <br/>Microsoft Sync Framework Runtime v1.0 SP1 (x64) <br/>Microsoft Sync Framework SDK v1.0 SP1 <br/>Microsoft Sync Framework Services v1.0 SP1 (x64) <br/>Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) <br/>Microsoft Team Foundation Server 2010 Object Model - ENU <br/>Microsoft Visual Basic Power Packs 3.0 <br/>Microsoft Visual C++ Compilers 2010 Standard - enu - x64 <br/>Microsoft Visual C++ Compilers 2010 Standard - enu - x86 <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2005 Redistributable (x64) <br/>Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 <br/>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 <br/>Microsoft Visual F# 2.0 Runtime <br/>Microsoft Visual Studio 2005 Tools for Office Runtime <br/>Microsoft Visual Studio 2008 Professional Edition - ENU <br/>Microsoft Visual Studio 2008 Remote Debugger - ENU <br/>Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools <br/>Microsoft Visual Studio 2010 Office Developer Tools (x64) <br/>Microsoft Visual Studio 2010 Professional - ENU <br/>Microsoft Visual Studio 2010 Service Pack 1 <br/>Microsoft Visual Studio 2010 SharePoint Developer Tools <br/>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) <br/>Microsoft Visual Studio Macro Tools <br/>Microsoft Visual Studio Web Authoring Component <br/>Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools <br/>Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries <br/>Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense <br/>Microsoft Windows SDK for Visual Studio 2008 Tools <br/>Microsoft Windows SDK for Visual Studio 2008 Win32 Tools <br/>Microsoft Works <br/>Microsoft XNA Framework Redistributable 3.1 <br/>Movie Theme Pack for HP MediaSmart Video <br/>Mozilla Firefox 16.0.2 (x86 en-US) <br/>Mozilla Maintenance Service <br/>MSVCRT <br/>MSVCRT_amd64 <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>Nero StartSmart <br/>neroxml <br/>Norton 360 <br/>Norton Online Backup <br/>NVIDIA 3D Vision Controller Driver 314.22 <br/>NVIDIA 3D Vision Driver 314.22 <br/>NVIDIA Control Panel 314.22 <br/>NVIDIA Drivers <br/>NVIDIA Graphics Driver 314.22 <br/>NVIDIA Install Application <br/>NVIDIA PhysX <br/>NVIDIA PhysX System Software 9.12.1031 <br/>NVIDIA Stereoscopic 3D Driver <br/>NVIDIA Update 1.12.12 <br/>NVIDIA Update Components <br/>OCR Software by I.R.I.S. 13.0 <br/>Officejet J4500 Series <br/>Pando Media Booster <br/>PictureMover <br/>PlayReady PC Runtime amd64 <br/>ProductContext <br/>PVSonyDll <br/>QuickTime <br/>Realtek High Definition Audio Driver <br/>Recovery Manager <br/>Scan <br/>Security Update for 2007 Microsoft Office System (KB2288621) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2416472) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2487367) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2742595) <br/>Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition <br/>Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition <br/>Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition <br/>Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition <br/>Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition <br/>Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition <br/>Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition <br/>Security Update for Microsoft Office system 2007 (KB974234) <br/>Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition <br/>Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410) <br/>Security Update for Microsoft Visual Studio Macro Tools (KB2669970) <br/>Slim Toolbar 1.1 <br/>SmartWebPrinting <br/>SolutionCenter <br/>Spybot - Search & Destroy <br/>StarCraft II <br/>Status <br/>Steam <br/>Toolbox <br/>TrayApp <br/>Update for 2007 Microsoft Office System (KB967642) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2836939) <br/>Update for Microsoft .NET Framework 4 Extended (KB2468871) <br/>Update for Microsoft .NET Framework 4 Extended (KB2533523) <br/>Update for Microsoft .NET Framework 4 Extended (KB2600217) <br/>Update for Microsoft .NET Framework 4 Extended (KB2836939) <br/>Update for Microsoft Office 2007 Help for Common Features (KB963673) <br/>Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition <br/>Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition <br/>Update for Microsoft Office 2007 System (KB2539530) <br/>Update for Microsoft Office Access 2007 Help (KB963663) <br/>Update for Microsoft Office Excel 2007 Help (KB963678) <br/>Update for Microsoft Office Infopath 2007 Help (KB963662) <br/>Update for Microsoft Office OneNote 2007 Help (KB963670) <br/>Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition <br/>Update for Microsoft Office Outlook 2007 Help (KB963677) <br/>Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition <br/>Update for Microsoft Office Powerpoint 2007 Help (KB963669) <br/>Update for Microsoft Office Publisher 2007 Help (KB963667) <br/>Update for Microsoft Office Script Editor Help (KB963671) <br/>Update for Microsoft Office Word 2007 Help (KB963665) <br/>Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) <br/>VC Runtimes MSI <br/>VC80CRTRedist - 8.0.50727.6195 <br/>Visual Studio .NET Prerequisites - English <br/>Visual Studio 2005 Tools for Office Second Edition Runtime <br/>Visual Studio 2010 Prerequisites - English <br/>Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU <br/>Visual Studio Tools for the Office system 3.0 Runtime <br/>WCF RIA Services V1.0 SP1 <br/>Web Deployment Tool <br/>WebReg <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live Family Safety <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Language Selector <br/>Windows Live Mail <br/>Windows Live Mesh <br/>Windows Live Mesh ActiveX Control for Remote Connections <br/>Windows Live Messenger <br/>Windows Live Messenger Companion Core <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live Remote Client <br/>Windows Live Remote Client Resources <br/>Windows Live Remote Service <br/>Windows Live Remote Service Resources <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live Sync <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>Windows Mobile 5.0 SDK R2 for Pocket PC <br/>Windows Mobile 5.0 SDK R2 for Smartphone <br/>WinPcap 4.1.2 <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>9/23/2013 12:59:52 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). <br/>9/23/2013 12:59:52 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. <br/>9/22/2013 8:35:34 PM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. <br/>9/22/2013 10:24:23 PM, Error: Service Control Manager [7031] - The Update bomlabio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. <br/>. <br/>==== End Of File =========================== <br/> <br/> <br/>Malwarebytes Anti-Malware 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.09.23.13 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 10.0.9200.16686 <br/>Bates :: BATES-PC [administrator] <br/> <br/>9/23/2013 9:44:43 PM <br/>mbam-log-2013-09-23 (21-44-43).txt <br/> <br/>Scan type: Full scan (C:\|D:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 617972 <br/>Time elapsed: 5 hour(s), 42 minute(s), 34 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 10 <br/>HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken. <br/>HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> No action taken. <br/>HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> No action taken. <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 44 <br/>C:\AdwCleaner\Quarantine\C\Program Files (x86)\internethelper3.1\InternetHelper3.1ToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Conduit\CT3289663\InternetHelper3.1AutoUpdateHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\chLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\ctbe.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\ieLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\spch.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\spff.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3289663\stub.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\chLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\ctbe.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\ieLogic.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\spch.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\spff.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Local\Temp\CT3310511\stub.exe.vir (PUP.Optional.Conduit.A) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir (PUP.Optional.DefaultTab) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir (PUP.Optional.DefaultTab) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir (PUP.Optional.DefaultTab) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir (PUP.Optional.DefaultTab) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir (PUP.Optional.DefaultTab) -> No action taken. <br/>C:\AdwCleaner\Quarantine\C\Users\Bates\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir (PUP.Optional.DefaultTab.A) -> No action taken. <br/>C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Program Files (x86)\FrostWire 5\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\.frostwire5\updates\frostwire-5.6.4.windows.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.3.windows.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\AIM_Install (1).exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\AIM_Install (2).exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\AIM_Install.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\AresSetup.exe (PUP.Optional.Installcore) -> No action taken. <br/>C:\Users\Bates\Downloads\BlubsterSetup.exe (PUP.Dealio.TB) -> No action taken. <br/>C:\Users\Bates\Downloads\finaltorrent.exe (PUP.Optional.InstallIQ.A) -> No action taken. <br/>C:\Users\Bates\Downloads\finaltorrent_731.exe (PUP.Optional.InstallIQ) -> No action taken. <br/>C:\Users\Bates\Downloads\FPP_Setup (1).exe (PUP.Optional.AirInstaller) -> No action taken. <br/>C:\Users\Bates\Downloads\FPP_Setup.exe (PUP.Optional.AirInstaller) -> No action taken. <br/>C:\Users\Bates\Downloads\frostwire-4.21.1.windows.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\frostwire-5.0.7.windows.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\frostwire-5.3.8.windows.exe (PUP.Optional.OpenCandy) -> No action taken. <br/>C:\Users\Bates\Downloads\livevdo-plugin-v10.exe (PUP.Optional.SweetPacks.A) -> No action taken. <br/>C:\Users\Bates\Downloads\Unconfirmed 53027.crdownload (PUP.Optional.iBryte) -> No action taken. <br/>C:\Users\Bates\Downloads\Updater_Setup.exe (PUP.Optional.iBryte) -> No action taken. <br/>C:\Users\Bates\Downloads\video_hd.zip (Malware.Packer.EPXGen) -> Quarantined and deleted successfully. <br/> <br/>(end)
Posted 9/24/2013 9:44 PM
#96027
User avatar

Advanced member

Your Malwarebytes scan shows that you did not remove the infections that were found. <br/> <br/>Also, let us know what happens to your computer (the changes that are affecting your day to day work), so we know what advice to give you and where to look for issues.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 9/25/2013 3:37 AM
#96029
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
Every time I go to a new site i'm getting either a small pop up on the bottom of my screen or a whole different window pops up if i'm not paying attention it will just continue to do that until I have a whole bunch of pop ups.
Posted 9/26/2013 9:41 AM
#96032
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
I have also ran Malwarebytes again once regular and once on safe mode and removed the infections and am still getting the same problem. Every time I try to go to a new window, or refresh a page, either a banner will pop up at the bottom of my screen or another window will open with ads on it. I noticed the other evening while playing league of legends I was getting a two second delay atleast and it was running slowly which it usually never does.
Posted 9/26/2013 12:49 PM
#96033
User avatar

Advanced member

Download ComboFix from the link below: <br/> <br/>http://download.bleepingcomputer.com/sUBs/ComboFix.exe <br/> <br/>Double click Combofix.exe and follow the instructions in the prompts that will appear. <br/>Post back the log.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 9/26/2013 10:34 PM
#96034
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
ComboFix 13-09-26.03 - Bates 09/26/2013 18:22:31.1.4 - x64 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.2633 [GMT -4:00] <br/>Running from: c:\users\Bates\Downloads\ComboFix.exe <br/>AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} <br/>FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} <br/>SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/> * Created a new restore point <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>C:\install.exe <br/>c:\windows\SysWow64\c.bat <br/>c:\windows\SysWow64\html <br/>c:\windows\SysWow64\html\calendar.html <br/>c:\windows\SysWow64\html\calendarbottom.html <br/>c:\windows\SysWow64\html\calendartop.html <br/>c:\windows\SysWow64\html\crystalexportdialog.htm <br/>c:\windows\SysWow64\html\crystalprinthost.html <br/>c:\windows\SysWow64\images <br/>c:\windows\SysWow64\images\toolbar\calendar.gif <br/>c:\windows\SysWow64\images\toolbar\crlogo.gif <br/>c:\windows\SysWow64\images\toolbar\export.gif <br/>c:\windows\SysWow64\images\toolbar\export_over.gif <br/>c:\windows\SysWow64\images\toolbar\exportd.gif <br/>c:\windows\SysWow64\images\toolbar\First.gif <br/>c:\windows\SysWow64\images\toolbar\first_over.gif <br/>c:\windows\SysWow64\images\toolbar\Firstd.gif <br/>c:\windows\SysWow64\images\toolbar\gotopage.gif <br/>c:\windows\SysWow64\images\toolbar\gotopage_over.gif <br/>c:\windows\SysWow64\images\toolbar\gotopaged.gif <br/>c:\windows\SysWow64\images\toolbar\grouptree.gif <br/>c:\windows\SysWow64\images\toolbar\grouptree_over.gif <br/>c:\windows\SysWow64\images\toolbar\grouptreed.gif <br/>c:\windows\SysWow64\images\toolbar\grouptreepressed.gif <br/>c:\windows\SysWow64\images\toolbar\Last.gif <br/>c:\windows\SysWow64\images\toolbar\last_over.gif <br/>c:\windows\SysWow64\images\toolbar\Lastd.gif <br/>c:\windows\SysWow64\images\toolbar\Next.gif <br/>c:\windows\SysWow64\images\toolbar\next_over.gif <br/>c:\windows\SysWow64\images\toolbar\Nextd.gif <br/>c:\windows\SysWow64\images\toolbar\Prev.gif <br/>c:\windows\SysWow64\images\toolbar\prev_over.gif <br/>c:\windows\SysWow64\images\toolbar\Prevd.gif <br/>c:\windows\SysWow64\images\toolbar\print.gif <br/>c:\windows\SysWow64\images\toolbar\print_over.gif <br/>c:\windows\SysWow64\images\toolbar\printd.gif <br/>c:\windows\SysWow64\images\toolbar\Refresh.gif <br/>c:\windows\SysWow64\images\toolbar\refresh_over.gif <br/>c:\windows\SysWow64\images\toolbar\refreshd.gif <br/>c:\windows\SysWow64\images\toolbar\Search.gif <br/>c:\windows\SysWow64\images\toolbar\search_over.gif <br/>c:\windows\SysWow64\images\toolbar\searchd.gif <br/>c:\windows\SysWow64\images\toolbar\up.gif <br/>c:\windows\SysWow64\images\toolbar\up_over.gif <br/>c:\windows\SysWow64\images\toolbar\upd.gif <br/>c:\windows\SysWow64\images\tree\begindots.gif <br/>c:\windows\SysWow64\images\tree\beginminus.gif <br/>c:\windows\SysWow64\images\tree\beginplus.gif <br/>c:\windows\SysWow64\images\tree\blank.gif <br/>c:\windows\SysWow64\images\tree\blankdots.gif <br/>c:\windows\SysWow64\images\tree\dots.gif <br/>c:\windows\SysWow64\images\tree\lastdots.gif <br/>c:\windows\SysWow64\images\tree\lastminus.gif <br/>c:\windows\SysWow64\images\tree\lastplus.gif <br/>c:\windows\SysWow64\images\tree\Magnify.gif <br/>c:\windows\SysWow64\images\tree\minus.gif <br/>c:\windows\SysWow64\images\tree\minusbox.gif <br/>c:\windows\SysWow64\images\tree\plus.gif <br/>c:\windows\SysWow64\images\tree\plusbox.gif <br/>c:\windows\SysWow64\images\tree\singleminus.gif <br/>c:\windows\SysWow64\images\tree\singleplus.gif <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2013-08-26 to 2013-09-26 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-09-26 22:30 . 2013-09-26 22:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp <br/>2013-09-26 22:30 . 2013-09-26 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-09-24 07:49 . 2013-09-24 07:49 -------- d-----w- c:\users\Bates\AppData\Roaming\Oracle <br/>2013-09-24 07:48 . 2013-09-24 07:48 -------- d-----w- c:\programdata\Oracle <br/>2013-09-24 07:48 . 2013-09-24 07:48 -------- d-----w- c:\program files (x86)\Common Files\Java <br/>2013-09-24 07:47 . 2013-09-24 07:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-09-24 01:41 . 2013-09-24 01:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware <br/>2013-09-24 01:34 . 2013-09-24 01:34 -------- d-----w- c:\program files\CCleaner <br/>2013-09-24 01:23 . 2013-09-24 01:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-09-24 01:23 . 2013-09-24 01:23 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-09-23 23:51 . 2013-09-24 01:02 -------- d-----w- c:\users\Bates\AppData\Roaming\Nico Mak Computing <br/>2013-09-23 04:09 . 2013-09-23 04:09 -------- d-----w- c:\users\Public\Anvisoft <br/>2013-09-23 04:01 . 2013-09-23 04:09 -------- d-----w- c:\program files (x86)\Anvisoft <br/>2013-09-23 04:01 . 2013-09-23 04:01 -------- d-----w- c:\users\Bates\AppData\Local\Anvisoft <br/>2013-09-23 02:12 . 2013-09-23 02:13 -------- d-----w- C:\AdwCleaner <br/>2013-09-23 00:31 . 2013-09-23 03:54 -------- d-----w- c:\users\Bates\AppData\Local\WordLayers <br/>2013-09-23 00:30 . 2013-09-25 12:07 -------- d-----w- C:\a <br/>2013-09-20 02:00 . 2013-09-20 02:00 3723656 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe <br/>2013-09-12 07:12 . 2013-08-10 05:20 855552 ----a-w- c:\windows\system32\jscript.dll <br/>2013-09-12 01:55 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys <br/>2013-09-05 10:06 . 2013-09-05 10:09 -------- d-----w- c:\users\Bates\AppData\Roaming\com.doubleperfect.ggpo <br/>2013-09-05 10:05 . 2013-09-24 01:24 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR <br/>2013-08-28 09:23 . 2013-08-28 09:23 -------- d-----w- c:\users\Bates\AppData\Local\DDMSettings <br/>2013-08-28 09:21 . 2013-08-28 09:21 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared <br/>2013-08-28 05:59 . 2013-09-23 23:49 -------- d-----w- c:\users\Bates\AppData\Roaming\uTorrent <br/>2013-08-28 05:50 . 2013-08-28 05:50 -------- d-----w- c:\users\Bates\AppData\Local\Programs <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-09-24 07:47 . 2012-05-19 09:30 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll <br/>2013-09-24 07:47 . 2010-08-06 16:15 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll <br/>2013-09-12 07:10 . 2010-01-22 14:27 79143768 ----a-w- c:\windows\system32\MRT.exe <br/>2013-08-07 22:54 . 2013-08-07 22:54 94208 ----a-w- c:\windows\SysWow64\dpl100.dll <br/>2013-08-02 01:48 . 2013-09-12 01:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll <br/>2013-07-25 09:25 . 2013-08-15 03:00 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL <br/>2013-07-25 08:57 . 2013-08-15 03:00 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL <br/>2013-07-19 01:58 . 2013-08-15 03:00 2048 ----a-w- c:\windows\system32\tzres.dll <br/>2013-07-19 01:41 . 2013-08-15 03:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll <br/>2013-07-09 05:52 . 2013-08-15 03:00 224256 ----a-w- c:\windows\system32\wintrust.dll <br/>2013-07-09 05:51 . 2013-08-15 03:00 1217024 ----a-w- c:\windows\system32\rpcrt4.dll <br/>2013-07-09 05:46 . 2013-08-15 03:00 1472512 ----a-w- c:\windows\system32\crypt32.dll <br/>2013-07-09 05:46 . 2013-08-15 03:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll <br/>2013-07-09 05:46 . 2013-08-15 03:00 139776 ----a-w- c:\windows\system32\cryptnet.dll <br/>2013-07-09 04:52 . 2013-08-15 03:00 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll <br/>2013-07-09 04:52 . 2013-08-15 03:00 175104 ----a-w- c:\windows\SysWow64\wintrust.dll <br/>2013-07-09 04:46 . 2013-08-15 03:00 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll <br/>2013-07-09 04:46 . 2013-08-15 03:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll <br/>2013-07-09 04:46 . 2013-08-15 03:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll <br/>2013-07-06 06:03 . 2013-08-15 03:00 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys <br/>2013-07-02 07:06 . 2013-07-02 07:06 97280 ----a-w- c:\windows\system32\mshtmled.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 81408 ----a-w- c:\windows\system32\icardie.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 77312 ----a-w- c:\windows\system32\tdc.ocx <br/>2013-07-02 07:06 . 2013-07-02 07:06 762368 ----a-w- c:\windows\system32\ieapfltr.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 62976 ----a-w- c:\windows\system32\pngfilt.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 61952 ----a-w- c:\windows\SysWow64\tdc.ocx <br/>2013-07-02 07:06 . 2013-07-02 07:06 599552 ----a-w- c:\windows\system32\vbscript.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 523264 ----a-w- c:\windows\SysWow64\vbscript.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 52224 ----a-w- c:\windows\system32\msfeedsbs.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 51200 ----a-w- c:\windows\system32\imgutil.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 48640 ----a-w- c:\windows\system32\mshtmler.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 452096 ----a-w- c:\windows\system32\dxtmsft.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 441856 ----a-w- c:\windows\system32\html.iec <br/>2013-07-02 07:06 . 2013-07-02 07:06 38400 ----a-w- c:\windows\SysWow64\imgutil.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 361984 ----a-w- c:\windows\SysWow64\html.iec <br/>2013-07-02 07:06 . 2013-07-02 07:06 281600 ----a-w- c:\windows\system32\dxtrans.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 27648 ----a-w- c:\windows\system32\licmgr10.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 270848 ----a-w- c:\windows\system32\iedkcs32.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 247296 ----a-w- c:\windows\system32\webcheck.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 235008 ----a-w- c:\windows\system32\url.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 226304 ----a-w- c:\windows\system32\elshyph.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 216064 ----a-w- c:\windows\system32\msls31.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 197120 ----a-w- c:\windows\system32\msrating.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 185344 ----a-w- c:\windows\SysWow64\elshyph.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 173568 ----a-w- c:\windows\system32\ieUnatt.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 167424 ----a-w- c:\windows\system32\iexpress.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 158720 ----a-w- c:\windows\SysWow64\msls31.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 1509376 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2013-07-02 07:06 . 2013-07-02 07:06 150528 ----a-w- c:\windows\SysWow64\iexpress.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 149504 ----a-w- c:\windows\system32\occache.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 144896 ----a-w- c:\windows\system32\wextract.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl <br/>2013-07-02 07:06 . 2013-07-02 07:06 1400416 ----a-w- c:\windows\system32\ieapfltr.dat <br/>2013-07-02 07:06 . 2013-07-02 07:06 138752 ----a-w- c:\windows\SysWow64\wextract.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 13824 ----a-w- c:\windows\system32\mshta.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 136192 ----a-w- c:\windows\system32\iepeers.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 135680 ----a-w- c:\windows\system32\IEAdvpack.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 12800 ----a-w- c:\windows\SysWow64\mshta.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 12800 ----a-w- c:\windows\system32\msfeedssync.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll <br/>2013-07-02 07:06 . 2013-07-02 07:06 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe <br/>2013-07-02 07:06 . 2013-07-02 07:06 102912 ----a-w- c:\windows\system32\inseng.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 648192 ----a-w- c:\windows\system32\d3d10level9.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 465920 ----a-w- c:\windows\system32\WMPhoto.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3928064 ----a-w- c:\windows\system32\d2d1.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 363008 ----a-w- c:\windows\system32\dxgi.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 333312 ----a-w- c:\windows\system32\d3d10_1core.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 296960 ----a-w- c:\windows\system32\d3d10core.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 293376 ----a-w- c:\windows\SysWow64\dxgi.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll <br/>2013-07-02 07:04 . 2013-07-02 07:04 2565120 ----a-w- c:\windows\system32\d3d10warp.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] <br/>"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-07 3093624] <br/>"Aim"="c:\program files (x86)\AIM\aim.exe" [2011-05-03 4321112] <br/>"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-09-21 1814440] <br/>"CloudSystemBooster"="c:\program files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" [2013-09-05 2798312] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] <br/>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280] <br/>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] <br/>"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] <br/>"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560] <br/>"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952] <br/>"ToolbarTray"="c:\program files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe" [2013-08-26 809208] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] <br/>"LoadAppInit_DLLs"=1 (0x1) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] <br/>"aux"=wdmaud.drv <br/>. <br/>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] <br/>R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] <br/>R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\0308000.029\SYMNDISV.SYS [x] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] <br/>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] <br/>S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x] <br/>S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x] <br/>S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130924.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [x] <br/>S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x] <br/>S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130925.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130925.001\IDSvia64.sys [x] <br/>S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x] <br/>S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x] <br/>S2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;c:\program files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe;c:\program files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [x] <br/>S2 astsvr;Anvi Slim Toolbar Guard Service;c:\program files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe;c:\program files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe [x] <br/>S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x] <br/>S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] <br/>S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x] <br/>S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] <br/>S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] <br/>hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] <br/>2013-09-23 04:17 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-09-26 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-24 01:23] <br/>. <br/>2013-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:51] <br/>. <br/>2013-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:51] <br/>. <br/>2013-09-24 c:\windows\Tasks\HPCeeScheduleForBates.job <br/>- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uStart Page = about:blank <br/>uLocal Page = c:\windows\system32\blank.htm <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 <br/>TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1 <br/>FF - ProfilePath - c:\users\Bates\AppData\Roaming\Mozilla\Firefox\Profiles\p29b2bpp.default-1345623107303\ <br/>FF - ExtSQL: 2013-09-22 20:32; ugnraew@jqhljqmpngx.net; c:\program files (x86)\Mozilla Firefox\extensions\ugnraew@jqhljqmpngx.net <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) <br/>Toolbar-10 - (no file) <br/>Wow6432Node-HKLM-Run-autoauto - c.bat <br/>HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start <br/>Toolbar-10 - (no file) <br/>AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe <br/>. <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] <br/>"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] <br/>@Denied: (A) (Everyone) <br/>"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}] <br/>@Denied: (A) (Everyone) <br/>"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane] <br/>@Denied: (A) (Everyone) <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0] <br/>"Key"="ActionsPane" <br/>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] <br/>@Denied: (A) (Everyone) <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] <br/>"Key"="ActionsPane3" <br/>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>Completion time: 2013-09-26 18:33:49 <br/>ComboFix-quarantined-files.txt 2013-09-26 22:33 <br/>. <br/>Pre-Run: 787,174,182,912 bytes free <br/>Post-Run: 786,628,120,576 bytes free <br/>. <br/>- - End Of File - - AA8E7DB0A6166262000FDA48E7A6A13E <br/>45ADE6E8D07BC41F3ABD132AC43F561D
Posted 9/29/2013 1:09 AM
#96036
User avatar

Advanced member

Run Services Repair by ESET from here http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe <br/> <br/>Then reinstall your Norton 360 and make sure the Firewall is working again. Run a scan with it and repair all it finds. <br/> <br/>Then post a new Hijackthis log.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 10/1/2013 3:04 AM
#96040
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
Logfile of Trend Micro HijackThis v2.0.5 <br/>Scan saved at 11:04:34 PM, on 9/30/2013 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v10.0 (10.00.9200.16686) <br/> <br/>FIREFOX: 18.0.1 (en-US) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe <br/>C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe <br/>C:\Program Files (x86)\AIM\aim.exe <br/>C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe <br/>C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe <br/>C:\Users\Bates\Downloads\HijackThis.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll <br/>O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL <br/>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll <br/>O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll <br/>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe <br/>O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>O4 - HKLM\..\Run: [ToolbarTray] C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolbarTray.exe <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe <br/>O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US <br/>O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent <br/>O4 - HKCU\..\Run: [CloudSystemBooster] C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe hide=true <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll <br/>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL <br/>O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab <br/>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Unknown owner - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe <br/>O23 - Service: Anvi Slim Toolbar Guard Service (astsvr) - Anvisoft - C:\Program Files (x86)\Anvisoft\Slim Toolbar\ToolBarService.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe <br/>O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe <br/>O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe <br/>O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) <br/>O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe <br/>O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 12250 bytes
Posted 10/1/2013 10:21 PM
#96041
User avatar

Advanced member

You have Spybot Teatimer on and Norton360. Choose a security suite and stick to it. <br/> <br/>You may want to consider uninstalling Anvi Slim Toolbar and see if you have any more issues. <br/> <br/>How are things running now?
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 10/1/2013 11:43 PM
#96042
User avatar

Groq Member

Date Joined Nov 2016
Total Posts: 6
Much better, the pop ups are currently gone and machine seems to be running smoother. Thank you so much for your time and effort it is greatly appreciated.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 11:41 AM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.