Possible Virus?

Posted 4/10/2013 1:59 AM
#95357
User avatar

JZ Member

Date Joined Nov 2016
Total Posts: 7
I have a fairly new notebook and it just started running slowly. I am getting not responding errors and slow startup and shutdown. I don't know if I have a virus, malware or another problem. Thanks for any help! <br/> <br/> <br/>Logfile of HijackThis v1.99.1 <br/>Scan saved at 7:11:03 PM, on 4/9/2013 <br/>Platform: Unknown Windows (WinNT 6.01.3505 SP1) <br/>MSIE: Internet Explorer v10.0 (10.00.9200.16521) <br/> <br/>Running processes: <br/>C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe <br/>C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe <br/>C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe <br/>C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe <br/>C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe <br/>C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe <br/>C:\Program Files (x86)\IObit\Advanced SystemCare 5\DelayLoad.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\WinRAR\WinRAR.exe <br/>C:\Users\Jason\Desktop\Hijack\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll <br/>O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll <br/>O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll <br/>O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll <br/>O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll <br/>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll <br/>O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL <br/>O2 - BHO: Webroot Browser Helper Object - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll <br/>O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll <br/>O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll <br/>O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll <br/>O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) <br/>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O3 - Toolbar: Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey <br/>O4 - HKLM\..\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul <br/>O4 - HKCU\..\Run: [HTC Home] "C:\Users\Jason\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe" <br/>O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe <br/>O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart <br/>O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe <br/>O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe <br/>O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm <br/>O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm <br/>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 <br/>O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe <br/>O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>O9 - Extra button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll <br/>O9 - Extra 'Tools' menuitem: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll <br/>O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) <br/>O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll <br/>O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O11 - Options group: [INTERNATIONAL] International <br/>O13 - Gopher Prefix: <br/>O17 - HKLM\System\CCS\Services\Tcpip\..\{BC30E688-97CA-4EF1-8159-86E37F113AC6}: NameServer = 208.67.222.222,208.67.220.220 <br/>O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll <br/>O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll <br/>O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll <br/>O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe <br/>O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) <br/>O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe <br/>O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe <br/>O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing) <br/>O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing) <br/>O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe <br/>O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) <br/>O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll" /prefetch:1 (file missing) <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe <br/>O23 - Service: Tether - Unknown owner - C:\Program Files (x86)\Tether\TBService.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe <br/>O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe <br/>O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing) <br/>O23 - Service: WRSVC - Unknown owner - C:\Program Files\Webroot\WRSA.exe" -service (file missing) <br/> <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware (Trial) 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.04.09.10 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 10.0.9200.16521 <br/>Jason :: JASON-HP [administrator] <br/> <br/>Protection: Enabled <br/> <br/>4/9/2013 7:19:58 PM <br/>mbam-log-2013-04-09 (19-19-58).txt <br/> <br/>Scan type: Full scan (C:\|D:\|E:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 379489 <br/>Time elapsed: 1 hour(s), 14 minute(s), 38 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 2 <br/>C:\Users\Jason\Desktop\BigFish - Hidden Expedition Titanic - Hidden Object [h33t][Wendy99]\Hidden Expedition - Titanic.exe (Trojan.Qhosts) -> Quarantined and deleted successfully. <br/>C:\Users\Jason\Downloads\setup.zip (Rogue.FakeAV) -> Quarantined and deleted successfully. <br/> <br/>(end) <br/> <br/> <br/> <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 10.5.1 <br/>Run by Jason at 20:39:06 on 2013-04-09 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.2756 [GMT -4:00] <br/>. <br/>AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} <br/>SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} <br/>FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe <br/>C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\system32\atiesrxx.exe <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Program Files\IDT\WDM\STacSV64.exe <br/>C:\Windows\UnsignedThemesSvc.exe <br/>C:\Windows\system32\svchost.exe -k GPSvcGroup <br/>C:\Windows\system32\Hpservice.exe <br/>C:\Windows\system32\atieclxx.exe <br/>C:\Windows\System32\WUDFHost.exe <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Windows\system32\svchost.exe -k WbioSvcGroup <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files\IDT\WDM\AESTSr64.exe <br/>C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe <br/>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe <br/>C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe <br/>C:\Windows\System32\svchost.exe -k HPZ12 <br/>C:\Windows\System32\svchost.exe -k HPZ12 <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Program Files (x86)\Tether\TBService.exe <br/>C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe <br/>C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Users\Jason\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe <br/>C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe <br/>C:\Program Files\Rainmeter\Rainmeter.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\wbem\unsecapp.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe <br/>C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>C:\Windows\system32\svchost.exe -k HPService <br/>C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe <br/>C:\Windows\System32\svchost.exe -k secsvcs <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe <br/>C:\Users\Jason\Desktop\Hijack\HijackThis.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\System32\WUDFHost.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://yahoo.com/ <br/>uSearch Bar = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>uSearch Page = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>uSearchAssistant = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} <br/>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll <br/>BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll <br/>BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll <br/>BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll <br/>BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll <br/>BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll <br/>BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL <br/>BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll <br/>BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll <br/>TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll <br/>TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll <br/>TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll <br/>TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> <br/>TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll <br/>uRun: [HTC Home] "C:\Users\Jason\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe" <br/>uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe <br/>uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart <br/>mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey <br/>mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul <br/>mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript <br/>StartupFolder: C:\Users\Jason\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe <br/>uPolicies-Explorer: NoViewOnDrive = dword:0 <br/>uPolicies-Explorer: NoDrives = dword:0 <br/>uPolicies-Explorer: DisableLocalMachineRun = dword:0 <br/>uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 <br/>uPolicies-Explorer: DisableCurrentUserRun = dword:0 <br/>uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 <br/>uPolicies-Explorer: NoDriveTypeAutoRun = dword:0 <br/>uPolicies-Explorer: NoFile = dword:0 <br/>uPolicies-Explorer: HideClock = dword:0 <br/>uPolicies-Explorer: NoDevMgrUpdate = dword:0 <br/>uPolicies-Explorer: NoDFSTab = dword:0 <br/>uPolicies-Explorer: NoWindowsUpdate = dword:0 <br/>uPolicies-Explorer: NoEncryptOnMove = dword:0 <br/>uPolicies-Explorer: NoRunasInstallPrompt = dword:0 <br/>uPolicies-Explorer: NoResolveTrack = dword:0 <br/>uPolicies-Explorer: NoStartMenuSubFolders = dword:0 <br/>uPolicies-System: NoDispAppearancePage = dword:0 <br/>uPolicies-System: NoDispSettingsPage = dword:0 <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoViewOnDrive = dword:0 <br/>mPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-Explorer: DisableLocalMachineRun = dword:0 <br/>mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 <br/>mPolicies-Explorer: DisableCurrentUserRun = dword:0 <br/>mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 <br/>mPolicies-Explorer: NoDriveTypeAutoRun = dword:0 <br/>mPolicies-Explorer: NoFile = dword:0 <br/>mPolicies-Explorer: HideClock = dword:0 <br/>mPolicies-Explorer: NoDevMgrUpdate = dword:0 <br/>mPolicies-Explorer: NoDFSTab = dword:0 <br/>mPolicies-Explorer: NoWindowsUpdate = dword:0 <br/>mPolicies-Explorer: NoEncryptOnMove = dword:0 <br/>mPolicies-Explorer: NoRunasInstallPrompt = dword:0 <br/>mPolicies-Explorer: NoResolveTrack = dword:0 <br/>mPolicies-Explorer: NoStartMenuSubFolders = dword:0 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>mPolicies-System: NoDispAppearancePage = dword:0 <br/>mPolicies-System: NoDispSettingsPage = dword:0 <br/>mPolicies-Explorer: NoViewOnDrive = dword:0 <br/>mPolicies-Explorer: NoDrives = dword:0 <br/>mPolicies-Explorer: DisableLocalMachineRun = dword:0 <br/>mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0 <br/>mPolicies-Explorer: DisableCurrentUserRun = dword:0 <br/>mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0 <br/>mPolicies-Explorer: NoDriveTypeAutoRun = dword:0 <br/>mPolicies-Explorer: NoFile = dword:0 <br/>mPolicies-Explorer: HideClock = dword:0 <br/>mPolicies-Explorer: NoDevMgrUpdate = dword:0 <br/>mPolicies-Explorer: NoDFSTab = dword:0 <br/>mPolicies-Explorer: NoWindowsUpdate = dword:0 <br/>mPolicies-Explorer: NoEncryptOnMove = dword:0 <br/>mPolicies-Explorer: NoRunasInstallPrompt = dword:0 <br/>mPolicies-Explorer: NoResolveTrack = dword:0 <br/>mPolicies-Explorer: NoStartMenuSubFolders = dword:0 <br/>mPolicies-System: NoDispAppearancePage = dword:0 <br/>mPolicies-System: NoDispSettingsPage = dword:0 <br/>IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm <br/>IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm <br/>IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 <br/>IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll <br/>IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll <br/>IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 <br/>IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 <br/>. <br/>INFO: HKCU has more than 50 listed domains. <br/>If you wish to scan all of them, select the 'Force scan all domains' option. <br/>. <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>TCP: NameServer = 75.75.75.75 75.75.76.76 <br/>TCP: Interfaces\{090B41F4-C407-4BEB-A1F4-84564D5FA9AB} : DHCPNameServer = 172.168.31.32 <br/>TCP: Interfaces\{14057FDF-8980-4A88-BC58-4F19A95555B8} : DHCPNameServer = 75.75.75.75 75.75.76.76 <br/>TCP: Interfaces\{14057FDF-8980-4A88-BC58-4F19A95555B8}\375707562736861627765646 : DHCPNameServer = 167.206.245.130 167.206.245.129 192.168.1.1 <br/>TCP: Interfaces\{14057FDF-8980-4A88-BC58-4F19A95555B8}\84F4D454D293547383 : DHCPNameServer = 75.75.75.75 75.75.76.76 <br/>TCP: Interfaces\{14057FDF-8980-4A88-BC58-4F19A95555B8}\D61657275656E637 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{14057FDF-8980-4A88-BC58-4F19A95555B8}\E4544574541425 : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{BC30E688-97CA-4EF1-8159-86E37F113AC6} : NameServer = 208.67.222.222,208.67.220.220 <br/>Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll <br/>Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>SSODL: WebCheck - <orphaned> <br/>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome <br/>mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn <br/>x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll <br/>x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll <br/>x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll <br/>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll <br/>x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL <br/>x64-BHO: Webroot Browser Helper Object: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll <br/>x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll <br/>x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> <br/>x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll <br/>x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll <br/>x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll <br/>x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll <br/>x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <br/>x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll <br/>x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll <br/>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> <br/>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> <br/>x64-SSODL: WebCheck - <orphaned> <br/>x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll <br/>x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kpujn3x4.default\ <br/>FF - prefs.js: browser.search.selectedEngine - Web Search <br/>FF - prefs.js: browser.startup.homepage - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=hp <br/>FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q= <br/>FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL <br/>FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL <br/>FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll <br/>FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll <br/>FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll <br/>FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll <br/>FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll <br/>FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll <br/>FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll <br/>FF - plugin: C:\Windows\SysWOW64\npmproxy.dll <br/>. <br/>---- FIREFOX POLICIES ---- <br/>FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110806 <br/>FF - user.js: extensions.BabylonToolbar_i.babExt - <br/>FF - user.js: extensions.BabylonToolbar_i.srcExt - ss <br/>FF - user.js: extensions.BabylonToolbar_i.id - 521ba9c700000000000020107a2cdb8f <br/>FF - user.js: extensions.BabylonToolbar_i.hardId - 521ba9c700000000000020107a2cdb8f <br/>FF - user.js: extensions.BabylonToolbar_i.instlDay - 15421 <br/>FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 <br/>FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 <br/>FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:05:58 <br/>FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon <br/>FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar <br/>FF - user.js: extensions.BabylonToolbar_i.aflt - babsst <br/>FF - user.js: extensions.BabylonToolbar_i.smplGrp - none <br/>FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 <br/>FF - user.js: extensions.BabylonToolbar_i.instlRef - sst <br/>FF - user.js: extensions.autoDisableScopes - 14 <br/>FF - user.js: security.csp.enable - false <br/>. <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488] <br/>R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064] <br/>R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2012-10-24 111080] <br/>R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-22 969200] <br/>R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-22 359464] <br/>R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-3-7 497496] <br/>R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-9-20 89600] <br/>R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288] <br/>R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984] <br/>R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-22 25232] <br/>R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-22 71600] <br/>R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-22 44808] <br/>R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424] <br/>R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] <br/>R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] <br/>R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-8-10 197536] <br/>R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] <br/>R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872] <br/>R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-2-14 2413056] <br/>R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-9 418376] <br/>R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-7 701512] <br/>R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2012-6-18 3057528] <br/>R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2012-2-14 138760] <br/>R2 Tether;Tether;C:\Program Files (x86)\Tether\TBService.exe [2012-3-7 50416] <br/>R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168] <br/>R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568] <br/>R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-6-14 1151424] <br/>R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-6-14 248248] <br/>R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-6-14 1177536] <br/>R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896] <br/>R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-2-14 46136] <br/>R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144] <br/>R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] <br/>R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] <br/>R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-3-7 25928] <br/>R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-2-14 338536] <br/>R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-14 428136] <br/>R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-2-14 1145448] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] <br/>S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] <br/>S2 WRSVC;WRSVC;"C:\Program Files\Webroot\WRSA.exe" -service --> C:\Program Files\Webroot\WRSA.exe [?] <br/>S3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [2012-2-14 1151096] <br/>S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?] <br/>S3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1301000.01C\ccSetx64.sys [2012-2-14 167048] <br/>S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] <br/>S3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys [2012-2-14 488568] <br/>S3 qrkis;Tether Miniport;C:\Windows\System32\drivers\qrkis.sys [2012-3-7 50856] <br/>S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-22 19456] <br/>S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] <br/>S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] <br/>S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] <br/>S3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1301000.01C\SymDS64.sys [2012-2-14 451192] <br/>S3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1301000.01C\SymEFA64.sys [2012-2-14 1084536] <br/>S3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\Ironx64.sys [2012-2-14 189560] <br/>S3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1301000.01C\symnets.sys [2012-2-14 401016] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-22 57856] <br/>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-22 30208] <br/>S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-7 1255736] <br/>S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] <br/>S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] <br/>. <br/>=============== File Associations =============== <br/>. <br/>FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1 <br/>FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1 <br/>FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1 <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-04-09 23:18:47 -------- d-----w- C:\Users\Jason\AppData\Roaming\Malwarebytes <br/>2013-04-09 23:18:20 -------- d-----w- C:\Users\Jason\AppData\Local\Programs <br/>2013-04-09 17:02:46 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5DA4C321-A004-4C9D-8057-23ADC751FB25}\mpengine.dll <br/>2013-04-02 21:18:07 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-03-20 02:14:22 -------- d-----w- C:\ProgramData\InstallMate <br/>2013-03-13 14:24:08 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys <br/>2013-03-13 04:20:39 16486616 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys <br/>2013-04-02 21:18:07 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-03-13 04:20:48 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-03-13 04:20:48 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2013-03-12 05:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe <br/>2013-02-28 13:43:55 150160 ----a-w- C:\Windows\SysWow64\WRusr.dll <br/>2013-02-28 13:43:55 111080 ----a-w- C:\Windows\System32\drivers\WRkrn.sys <br/>2013-02-28 13:43:55 102280 ----a-w- C:\Windows\System32\WRusr.dll <br/>2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll <br/>2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll <br/>2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll <br/>2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll <br/>2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll <br/>2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll <br/>. <br/>============= FINISH: 20:40:04.53 =============== <br/> <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 3/7/2012 12:32:12 PM <br/>System Uptime: 4/9/2013 7:00:06 PM (1 hours ago) <br/>. <br/>Motherboard: Hewlett-Packard | | 1805 <br/>Processor: AMD A8-3520M APU with Radeon(tm) HD Graphics | Socket FS1 | 1600/100mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 570 GiB total, 415.001 GiB free. <br/>D: is FIXED (NTFS) - 22 GiB total, 2.324 GiB free. <br/>E: is FIXED (FAT32) - 4 GiB total, 1.078 GiB free. <br/>F: is CDROM () <br/>G: is Removable <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} <br/>Description: Photosmart D110 series <br/>Device ID: ROOT\MULTIFUNCTION\0000 <br/>Manufacturer: HP <br/>Name: Photosmart D110 series <br/>PNP Device ID: ROOT\MULTIFUNCTION\0000 <br/>Service: <br/>. <br/>Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} <br/>Description: Tether Ethernet Adapter <br/>Device ID: ROOT\ROOT&QRKIS\0000 <br/>Manufacturer: Tether <br/>Name: Tether Ethernet Adapter <br/>PNP Device ID: ROOT\ROOT&QRKIS\0000 <br/>Service: qrkis <br/>. <br/>Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} <br/>Description: Photosmart D110 series <br/>Device ID: ROOT\IMAGE\0000 <br/>Manufacturer: HP <br/>Name: Photosmart D110 series <br/>PNP Device ID: ROOT\IMAGE\0000 <br/>Service: StillCam <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP163: 3/18/2013 10:02:20 AM - Windows Update <br/>RP164: 3/22/2013 11:36:14 AM - Windows Update <br/>RP165: 3/26/2013 3:18:19 PM - Windows Update <br/>RP166: 4/2/2013 5:14:48 PM - Windows Update <br/>RP167: 4/5/2013 8:44:44 PM - Windows Update <br/>RP168: 4/9/2013 1:02:10 PM - Windows Update <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>64 Bit HP CIO Components Installer <br/>Adobe AIR <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Flash Player 11 Plugin <br/>Adobe Reader X (10.1.0) MUI <br/>Adobe Shockwave Player 11.6 <br/>Advanced SystemCare 5 <br/>AMD APP SDK Runtime <br/>AMD Catalyst Install Manager <br/>AMD Fuel <br/>AMD Steady Video Plug-In <br/>AMD System Monitor <br/>AMD VISION Engine Control Center <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>AuthenTec TrueAPI <br/>avast! Free Antivirus <br/>Bejeweled 3 <br/>BitComet 1.31 <br/>BlackBerry App World Browser Plugin <br/>BlackBerry Desktop Software 6.1 <br/>BlackBerry Device Software Updater <br/>BlackBerry USB and Modem Drivers 5.0.1 <br/>Blackhawk Striker 2 <br/>Blio <br/>Bonjour <br/>Catalyst Control Center - Branding <br/>Catalyst Control Center Graphics Previews Common <br/>Catalyst Control Center InstallProxy <br/>Catalyst Control Center Localization All <br/>ccc-utility64 <br/>CCC Help Chinese Standard <br/>CCC Help Chinese Traditional <br/>CCC Help Czech <br/>CCC Help Danish <br/>CCC Help Dutch <br/>CCC Help English <br/>CCC Help Finnish <br/>CCC Help French <br/>CCC Help German <br/>CCC Help Greek <br/>CCC Help Hungarian <br/>CCC Help Italian <br/>CCC Help Japanese <br/>CCC Help Korean <br/>CCC Help Norwegian <br/>CCC Help Polish <br/>CCC Help Portuguese <br/>CCC Help Russian <br/>CCC Help Spanish <br/>CCC Help Swedish <br/>CCC Help Thai <br/>CCC Help Turkish <br/>CCleaner <br/>Chuzzle Deluxe <br/>Cisco EAP-FAST Module <br/>Cisco LEAP Module <br/>Cisco PEAP Module <br/>Cradle of Rome 2 <br/>CyberLink YouCam <br/>D3DX10 <br/>Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition <br/>DFS 4.0.0.4 <br/>Dora's World Adventure <br/>Duplicate Cleaner Free 3.0.1 <br/>EPSON Printer Software <br/>EPSON Scan <br/>ESU for Microsoft Windows 7 SP1 <br/>Evernote v. 4.2.3 <br/>Farm Frenzy <br/>Farmscapes <br/>FastStone Capture 7.2 <br/>FastStone Image Viewer 4.7 <br/>FATE <br/>Fences <br/>Final Drive Fury <br/>Flash Cookie Cleaner <br/>FoxTab PDF Creator <br/>Free PDF to Word Doc Converter v1.1 <br/>Google Chrome <br/>Google Earth <br/>Google Update Helper <br/>Hewlett-Packard ACLM.NET v1.2.1.1 <br/>Hidden Expedition - Titanic 1.00 <br/>Hoyle Card Games <br/>HP 3D DriveGuard <br/>HP Application Assistant <br/>HP Auto <br/>HP Client Services <br/>HP CoolSense <br/>HP Customer Experience Enhancements <br/>HP Documentation <br/>HP DVB-T TV Tuner 8.0.64.43 <br/>HP Games <br/>HP Launch Box <br/>HP MovieStore <br/>HP On Screen Display <br/>HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 <br/>HP Power Manager <br/>HP Quick Launch <br/>HP QuickWeb <br/>HP Recovery Manager <br/>HP Security Assistant <br/>HP Setup <br/>HP Setup Manager <br/>HP SimplePass 2012 <br/>HP Software Framework <br/>HP Support Assistant <br/>HTC Home 2.4 <br/>IDT Audio <br/>iTunes <br/>Java Auto Updater <br/>Java(TM) 6 Update 31 <br/>Java(TM) 6 Update 31 (64-bit) <br/>Java(TM) 7 Update 5 <br/>Java(TM) SE Runtime Environment 6 <br/>JavaFX 2.1.1 <br/>Jewel Match 3 <br/>Jewel Quest Mysteries: The Seventh Gate Collector's Edition <br/>John Deere Drive Green <br/>Junk Mail filter update <br/>Kyocera Product Library <br/>LastPass (uninstall only) <br/>Letters from Nowhere 2 <br/>Logitech Harmony Remote Software 7 <br/>Luxor HD <br/>Mah Jong Medley <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>Mesh Runtime <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft .NET Framework 4 Extended <br/>Microsoft Application Error Reporting <br/>Microsoft Office 2010 Service Pack 1 (SP1) <br/>Microsoft Office Access MUI (English) 2010 <br/>Microsoft Office Access Setup Metadata MUI (English) 2010 <br/>Microsoft Office Excel MUI (English) 2010 <br/>Microsoft Office Home and Business 2010 <br/>Microsoft Office Office 64-bit Components 2010 <br/>Microsoft Office OneNote MUI (English) 2010 <br/>Microsoft Office Outlook MUI (English) 2010 <br/>Microsoft Office PowerPoint MUI (English) 2010 <br/>Microsoft Office Proof (English) 2010 <br/>Microsoft Office Proof (French) 2010 <br/>Microsoft Office Proof (Spanish) 2010 <br/>Microsoft Office Proofing (English) 2010 <br/>Microsoft Office Publisher MUI (English) 2010 <br/>Microsoft Office Shared 64-bit MUI (English) 2010 <br/>Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 <br/>Microsoft Office Shared MUI (English) 2010 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2010 <br/>Microsoft Office Single Image 2010 <br/>Microsoft Office Word MUI (English) 2010 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 <br/>Microsoft WSE 3.0 Runtime <br/>Mozilla Firefox 10.0.2 (x86 en-US) <br/>Mozilla Firefox 11.0 (x86 en-US) <br/>Mozilla Thunderbird 14.0 (x86 en-US) <br/>MSVCRT <br/>MSVCRT_amd64 <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>Network64 <br/>Norton Internet Security <br/>ObjectDock Free <br/>OpenOffice.org 3.4.1 <br/>opensource <br/>Optimum <br/>Optimum App for Laptop 1.62 <br/>PDFill PDF Editor with FREE Writer and FREE Tools <br/>Penguins! <br/>Plants vs. Zombies - Game of the Year <br/>PlayOn <br/>PlayReady PC Runtime x86 <br/>Poker Superstars III <br/>Polar Bowler <br/>Polar Golfer <br/>PS_AIO_07_D110_SW_Min <br/>Rainlendar2 (remove only) <br/>Rainmeter <br/>Realtek Ethernet Controller Driver <br/>Realtek PCIE Card Reader <br/>REALTEK Wireless LAN Driver <br/>Remote Control USB Driver <br/>RollerCoaster Tycoon 3: Platinum <br/>Scan <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) <br/>Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2487367) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2656351) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2736428) <br/>Security Update for Microsoft .NET Framework 4 Extended (KB2742595) <br/>Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition <br/>Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition <br/>Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2553091) <br/>Security Update for Microsoft Office 2010 (KB2553096) <br/>Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition <br/>Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition <br/>Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition <br/>Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition <br/>Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition <br/>Skype™ 5.10 <br/>SlimCleaner <br/>Speccy <br/>StreamTorrent 1.0 <br/>swMSM <br/>Synaptics TouchPad Driver <br/>Tether 1.4.3.7 <br/>The Treasures of Mystery Island: The Ghost Ship <br/>Theatre of the Absurd Collector's Edition <br/>Toolbox <br/>Torchlight <br/>TweetDeck <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) <br/>Update for Microsoft .NET Framework 4 Extended (KB2468871) <br/>Update for Microsoft .NET Framework 4 Extended (KB2533523) <br/>Update for Microsoft .NET Framework 4 Extended (KB2600217) <br/>Update for Microsoft Office 2010 (KB2553065) <br/>Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2566458) <br/>Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition <br/>Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition <br/>Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition <br/>Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition <br/>Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition <br/>Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition <br/>Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition <br/>Update Installer for WildTangent Games App <br/>UxStyle Core Beta <br/>Validity WBF DDK <br/>Virtual Villagers 4 - The Tree of Life <br/>VLC media player 2.0.5 <br/>WD SmartWare <br/>WildTangent Games App (HP Games) <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Language Selector <br/>Windows Live Mail <br/>Windows Live Mesh <br/>Windows Live Mesh ActiveX Control for Remote Connections <br/>Windows Live Messenger <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live Remote Client <br/>Windows Live Remote Client Resources <br/>Windows Live Remote Service <br/>Windows Live Remote Service Resources <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>WinRAR 4.11 (32-bit) <br/>Wisdom-soft ScreenHunter 6.0 Free <br/>XBMC <br/>Zuma's Revenge <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>4/9/2013 7:00:24 PM, Error: Service Control Manager [7000] - The WRSVC service failed to start due to the following error: The system cannot find the file specified. <br/>4/9/2013 3:25:28 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Tether service. <br/>4/8/2013 8:34:03 PM, Error: Service Control Manager [7001] - The WD Backup service depends on the WD Rules service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. <br/>4/8/2013 8:33:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WD Rules service to connect. <br/>4/8/2013 8:33:55 PM, Error: Service Control Manager [7000] - The WD Rules service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>4/8/2013 10:56:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MediaMall Server service to connect. <br/>. <br/>==== End Of File ===========================
Posted 4/10/2013 5:47 AM
#95358
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello JZ :smile: </div> <br/> <br/> <br/>I can´t see any infections in the logs, but you have 3 antivirus programs running, it´s not a good idea because they will conflict and slow down your computer. <br/> <br/>And you have several PUP (Potentially unwanted software) installed. <br/> <br/>For a start, then uninstall either - Avast or Norton Internet Security or Webroot. <br/> <br/> <br/>Also remove Advanced System Care 5 and BitComet 1.31 <br/> <br/> <br/> <br/>Please download Adwcleaner: <br/> <br/> <br/><span class="hps"> <br/> <br/> <br/><span lang="EN-GB" style="font-family: Tahoma; mso-ansi-language: EN-GB;"> <br/> <br/> http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner<o:p></o:p> <br/> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/> <br/><ul type="disc" style="margin-top: 0cm;"> <br/> <li class="MsoNormal" style="background: white; margin: 0cm 0cm 0pt; line-height: 13.5pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;">Double click on<span class="apple-converted-space"> AdwCleaner.exe to run the tool. <br/> <br/> ***Note: Windows <st1:place w:st="on">Vista</st1:place> and Windows 7 <br/> users: <br/> <br/> Right click in the adwCleaner.exe and select – Run as admin <o:p></o:p></li> <br/></ul> <br/> <br/> <br/><ul type="disc" style="margin-top: 0cm;"> <br/> <li class="MsoNormal" style="background: white; margin: 0cm 0cm 0pt; line-height: 13.5pt; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt;">Click<span class="apple-converted-space"> Delete. <o:p></o:p></li> <br/> <li class="MsoNormal" style="background: white; margin: 0cm 0cm 0pt; line-height: 13.5pt; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt;">Everything<span class="apple-converted-space"> that was found will be deleted. </li><li class="MsoNormal" style="background: white; margin: 0cm 0cm 0pt; line-height: 13.5pt; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt;"><span class="apple-converted-space"><o:p></o:p></li> <br/> <li class="MsoNormal" style="background: white; margin: 0cm 0cm 0pt; line-height: 13.5pt; mso-list: l1 level1 lfo2; tab-stops: list 36.0pt;"><span lang="EN-GB" style="font-family: Tahoma; mso-ansi-language: EN-GB;">Save any open files and approve the <br/> reboot. A text file will open after the restart. </li></ul><span class="apple-converted-space"> <br/><span class="apple-converted-space">Please post the log, along with a combofix log. <br/><span class="apple-converted-space"> <br/><span class="apple-converted-space"> <br/> <br/><span lang="EN-GB" style="font-family: Tahoma; mso-ansi-language: EN-GB;"> <br/> <br/><span class="apple-converted-space"><font face="Times New Roman"> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;">Please download Combofix from: http://download.bleepingcomputer.com/sUBs/ComboFix.exe <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><span style="mso-spacerun: yes;"> And save to the desktop.<o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p> </o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="font-family: Arial; font-size: 9pt; mso-ansi-language: EN-GB;">After the <br/>download is complete, perform the following tasks before using the ComboFix <br/>tool to scan your PC: <br/> <br/>Exit all windows that are currently open on your computer.<o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="font-family: Arial; font-size: 9pt; mso-ansi-language: EN-GB;">To prevent interference, <br/>temporarily disable your antivirus, antispyware, firewall and other security <br/>tools that may be running on your computer.<o:p></o:p> <br/> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/> <br/> <o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB;">Double-click on the combofix icon found on <br/>your desktop. <o:p></o:p> <br/> <br/> <br/> <br/> <o:p></o:p> <br/> <br/> <br/> <br/><b style="mso-bidi-font-weight: normal;"><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;">Please note, that once you start combofix <br/>you should not click anywhere on the combofix window as it can cause the <br/>program to stall. </b> <br/><b style="mso-bidi-font-weight: normal;"><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;">In fact, when combofix is running, do not touch your computer <br/>at all and just take a break as it may take a while for it to complete.<o:p></o:p></b> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;"> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><span style="mso-spacerun: yes;"> When finished, it will produce a logfile <br/>located at C:\combofix.txt.<span lang="EN-GB" style="font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"> <span lang="EN-GB" style="font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;"> <br/> <br/><span class="postbody"><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;">Post <br/>the contents of that log in your next reply <o:p></o:p> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p> </o:p> <br/> <br/> <br/> <br/><span lang="EN" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN; mso-bidi-font-size: 12.0pt;">The logs will be <br/>reasonably large so you may have to divide them into sections and make several <br/>posts to post them. <br/> <br/><br style="mso-special-character: line-break;"> <br/><!--[if !supportLineBreakNewLine]--><br style="mso-special-character: line-break;"> <br/><!--[endif]--><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p> <br/> <br/> <br/> <br/> <br/></font> <br/> <br/><ul type="disc" style="margin-top: 0cm;"> <br/></ul> <br/> <br/> <br/><o:p> </o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/11/2013 4:17 AM
#95367
User avatar

JZ Member

Date Joined Nov 2016
Total Posts: 7
Thank you very much for taking the time to look at my files it is greatly appreciated. <br/> <br/># AdwCleaner v2.200 - Logfile created 04/10/2013 at 23:28:20 <br/># Updated 02/04/2013 by Xplode <br/># Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) <br/># User : Jason - JASON-HP <br/># Boot Mode : Normal <br/># Running from : C:\Users\Jason\Downloads\adwcleaner (1).exe <br/># Option [Delete] <br/> <br/> <br/>***** [Services] ***** <br/> <br/> <br/>***** [Files / Folders] ***** <br/> <br/>File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml <br/>File Deleted : C:\user.js <br/>File Deleted : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kpujn3x4.default\searchplugins\Web Search.xml <br/>Folder Deleted : C:\ProgramData\Babylon <br/>Folder Deleted : C:\ProgramData\InstallMate <br/>Folder Deleted : C:\ProgramData\Tarma Installer <br/>Folder Deleted : C:\Users\Jason\AppData\Local\Babylon <br/>Folder Deleted : C:\Users\Jason\AppData\Local\PackageAware <br/>Folder Deleted : C:\Users\Jason\AppData\Roaming\Babylon <br/> <br/>***** [Registry] ***** <br/> <br/>Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider <br/>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} <br/>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} <br/>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} <br/>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} <br/>Key Deleted : HKLM\Software\Babylon <br/>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} <br/>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} <br/>Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL <br/>Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} <br/>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} <br/>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} <br/>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} <br/>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} <br/>Key Deleted : HKLM\SOFTWARE\Tarma Installer <br/>Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] <br/>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] <br/> <br/>***** [Internet Browsers] ***** <br/> <br/>-\\ Internet Explorer v10.0.9200.16521 <br/> <br/>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/>Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/>Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7f-3e28-431d-92f5-f5298815e876&searchtype=ds&q={searchTerms} --> hxxp://www.google.com <br/> <br/>-\\ Mozilla Firefox v10.0.2 (en-US) <br/> <br/>File : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kpujn3x4.default\prefs.js <br/> <br/>C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kpujn3x4.default\user.js ... Deleted ! <br/> <br/>Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); <br/>Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); <br/>Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); <br/>Deleted : user_pref("browser.search.selectedEngine", "Web Search"); <br/>Deleted : user_pref("browser.startup.homepage", "hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&u[...] <br/>Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110806"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "521ba9c700000000000020107a2cdb8f"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.id", "521ba9c700000000000020107a2cdb8f"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15421"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=110806&babsrc=NT_s[...] <br/>Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:05:58"); <br/>Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); <br/>Deleted : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=Download&dpid=Download&co=US&userid=18579b7[...] <br/> <br/>-\\ Google Chrome v26.0.1410.64 <br/> <br/>File : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Preferences <br/> <br/>[OK] File is clean. <br/> <br/>************************* <br/> <br/>AdwCleaner[S1].txt - [6827 octets] - [10/04/2013 23:28:20] <br/> <br/>########## EOF - C:\AdwCleaner[S1].txt - [6887 octets] ########## <br/> <br/> <br/> <br/> <br/>ComboFix 13-04-10.02 - Jason 04/10/2013 23:48:38.1.4 - x64 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.3746 [GMT -4:00] <br/>Running from: c:\users\Jason\Downloads\ComboFix.exe <br/>AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} <br/>FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} <br/>SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} <br/>SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>C:\Install.exe <br/>c:\users\Jason\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll <br/>c:\windows\wininit.ini <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2013-03-11 to 2013-04-11 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-04-11 03:57 . 2013-04-11 03:57 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-04-10 00:43 . 2013-04-10 00:43 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-04-09 23:18 . 2013-04-09 23:18 -------- d-----w- c:\users\Jason\AppData\Roaming\Malwarebytes <br/>2013-04-09 23:18 . 2013-04-09 23:18 -------- d-----w- c:\users\Jason\AppData\Local\Programs <br/>2013-04-09 17:02 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DA4C321-A004-4C9D-8057-23ADC751FB25}\mpengine.dll <br/>2013-04-02 21:18 . 2013-04-02 21:18 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll <br/>2013-03-13 14:24 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys <br/>2013-03-13 04:20 . 2013-03-13 04:20 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-04-10 00:43 . 2012-08-09 03:53 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll <br/>2013-04-10 00:43 . 2012-04-11 22:41 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll <br/>2013-04-04 18:50 . 2012-03-07 19:23 25928 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2013-03-18 15:43 . 2013-01-25 20:41 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll <br/>2013-03-18 15:11 . 2013-01-25 20:41 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll <br/>2013-03-18 15:11 . 2012-03-20 02:21 72013344 ----a-w- c:\windows\system32\MRT.exe <br/>2013-03-18 15:10 . 2013-01-25 20:40 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll <br/>2013-03-13 04:20 . 2012-08-16 04:43 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-03-13 04:20 . 2011-11-09 18:53 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-03-12 05:10 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe <br/>2013-02-28 13:43 . 2012-10-24 23:53 150160 ----a-w- c:\windows\SysWow64\WRusr.dll <br/>2013-02-28 13:43 . 2012-10-24 23:53 102280 ----a-w- c:\windows\system32\WRusr.dll <br/>2013-02-28 13:43 . 2012-10-24 23:53 111080 ----a-w- c:\windows\system32\drivers\WRkrn.sys <br/>2013-02-26 18:31 . 2013-01-25 20:40 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll <br/>2013-02-12 05:45 . 2013-03-13 14:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll <br/>2013-02-12 05:45 . 2013-03-13 14:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll <br/>2013-02-12 05:45 . 2013-03-13 14:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll <br/>2013-02-12 05:45 . 2013-03-13 14:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll <br/>2013-02-12 04:48 . 2013-03-13 14:24 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll <br/>2013-02-12 04:48 . 2013-03-13 14:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll <br/>2013-02-11 17:33 . 2013-02-11 17:33 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll <br/>2013-02-06 21:33 . 2013-02-06 21:33 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll <br/>2013-01-26 20:06 . 2013-01-26 20:06 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll <br/>2013-01-26 20:05 . 2013-01-26 20:05 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"HTC Home"="c:\users\Jason\AppData\Roaming\Stealth Software\HTC Home 2.4\HTCHome.exe" [2011-03-04 281088] <br/>"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2011-08-12 2433024] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904] <br/>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] <br/>. <br/>c:\users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-6 3768176] <br/>. <br/>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] <br/>"NoDevMgrUpdate"= 0 (0x0) <br/>"NoDFSTab"= 0 (0x0) <br/>"NoEncryptOnMove"= 0 (0x0) <br/>"NoResolveTrack"= 0 (0x0) <br/>"NoStartMenuSubFolders"= 0 (0x0) <br/>. <br/>[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] <br/>"NoDevMgrUpdate"= 0 (0x0) <br/>"NoDFSTab"= 0 (0x0) <br/>"NoEncryptOnMove"= 0 (0x0) <br/>"NoResolveTrack"= 0 (0x0) <br/>"NoStartMenuSubFolders"= 0 (0x0) <br/>. <br/>[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] <br/>"DisableLocalMachineRun"= 0 (0x0) <br/>"DisableLocalMachineRunOnce"= 0 (0x0) <br/>"DisableCurrentUserRun"= 0 (0x0) <br/>"DisableCurrentUserRunOnce"= 0 (0x0) <br/>"NoFile"= 0 (0x0) <br/>"HideClock"= 0 (0x0) <br/>"NoDevMgrUpdate"= 0 (0x0) <br/>"NoDFSTab"= 0 (0x0) <br/>"NoEncryptOnMove"= 0 (0x0) <br/>"NoResolveTrack"= 0 (0x0) <br/>"NoStartMenuSubFolders"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] <br/>BootExecute REG_MULTI_SZ <br/>. <br/>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] <br/>R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] <br/>R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] <br/>R2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [x] <br/>R3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [2011-08-19 1151096] <br/>R3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [2011-08-08 167048] <br/>R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] <br/>R3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [2011-07-20 488568] <br/>R3 qrkis;Tether Miniport;c:\windows\system32\DRIVERS\qrkis.sys [2010-11-17 50856] <br/>R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-22 19456] <br/>R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] <br/>R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] <br/>R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] <br/>R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [2011-07-25 451192] <br/>R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [2011-07-28 1084536] <br/>R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [2011-07-25 189560] <br/>R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [2011-07-25 401016] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-12-22 57856] <br/>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-12-22 30208] <br/>R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-08 1255736] <br/>R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] <br/>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] <br/>S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-16 79488] <br/>S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-16 40064] <br/>S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2013-02-28 111080] <br/>S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-09-21 89600] <br/>S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-29 204288] <br/>S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984] <br/>S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-08-26 260424] <br/>S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] <br/>S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536] <br/>S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-27 30520] <br/>S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-02-15 34872] <br/>S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-29 2413056] <br/>S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] <br/>S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] <br/>S2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe [2012-09-10 3057528] <br/>S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2011-08-10 138760] <br/>S2 Tether;Tether;c:\program files (x86)\Tether\TBService.exe [2011-09-29 50416] <br/>S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168] <br/>S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 30568] <br/>S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-06-14 1151424] <br/>S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-06-14 248248] <br/>S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-06-14 1177536] <br/>S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-07-16 96896] <br/>S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136] <br/>S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-07-16 214144] <br/>S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216] <br/>S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088] <br/>S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] <br/>S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-31 338536] <br/>S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136] <br/>S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448] <br/>. <br/>. <br/>--- Other Services/Drivers In Memory --- <br/>. <br/>*NewlyCreated* - WS2IFSL <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] <br/>2013-04-10 20:58 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 04:20] <br/>. <br/>2013-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-07 19:21] <br/>. <br/>2013-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-07 19:21] <br/>. <br/>2013-03-26 c:\windows\Tasks\HPCeeScheduleForJason.job <br/>- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43] <br/>. <br/>2013-04-11 c:\windows\Tasks\Windows Driver Foundation.job <br/>- c:\program files (x86)\Common Files\Windows Driver Foundation\WUDFHost.exe [2012-03-08 04:29] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] <br/>"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288] <br/>. <br/>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService <br/>FontCache <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uStart Page = hxxp://yahoo.com/ <br/>uLocal Page = c:\windows\system32\blank.htm <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>uInternet Settings,ProxyOverride = *.local <br/>uSearchAssistant = hxxp://www.google.com <br/>IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 <br/>IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 <br/>TCP: DhcpNameServer = 167.206.245.130 167.206.245.129 192.168.1.1 <br/>TCP: Interfaces\{BC30E688-97CA-4EF1-8159-86E37F113AC6}: NameServer = 208.67.222.222,208.67.220.220 <br/>FF - ProfilePath - c:\users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kpujn3x4.default\ <br/>. <br/>. <br/>------- File Associations ------- <br/>. <br/>inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 <br/>JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %* <br/>txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>Wow6432Node-HKLM-Run-<NO NAME> - (no file) <br/>Wow6432Node-HKLM-Run-WRSVC - c:\program files\Webroot\WRSA.exe <br/>HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start <br/>HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec <br/>AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe <br/>AddRemove-FoxTab PDF Creator - c:\program files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe <br/>. <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS] <br/>"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1" <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] <br/>@Denied: (2) (LocalSystem) <br/>"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8, <br/> 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de <br/>"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, <br/> 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 <br/>"{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}"=hex:51,66,7a,6c,4c,1d,38,12,0c,e0,e4, <br/> 3d,b8,cc,34,0e,c3,b9,18,39,ba,81,ae,74 <br/>"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39, <br/> 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c <br/>"{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}"=hex:51,66,7a,6c,4c,1d,38,12,c0,08,7b, <br/> 68,6e,2b,53,0b,f0,d2,a5,e5,25,9d,9d,3c <br/>"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40, <br/> 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18 <br/>"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, <br/> 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 <br/>"{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83, <br/> 81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f <br/>"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, <br/> 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 <br/>"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, <br/> b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb <br/>"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, <br/> df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd <br/>. <br/>[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] <br/>@Denied: (2) (LocalSystem) <br/>"Timestamp"=hex:ec,a6,b1,e3,11,2a,cd,01 <br/>. <br/>[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] <br/>@Denied: (2) (LocalSystem) <br/>"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, <br/> d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,f9,4f,d1,0b,12,fa,4f,a8,0f,ce,\ <br/>"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, <br/> d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,f9,4f,d1,0b,12,fa,4f,a8,0f,ce,\ <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Shockwave Flash Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] <br/>@="0" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="ShockwaveFlash.ShockwaveFlash.11" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="ShockwaveFlash.ShockwaveFlash" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Macromedia Flash Factory Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="FlashFactory.FlashFactory.1" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="FlashFactory.FlashFactory" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] <br/>@="?????????????????? v1" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] <br/>@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] <br/>@="?????????????????? v2" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] <br/>@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] <br/>@Denied: (A) (Everyone) <br/>"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] <br/>@Denied: (A) (Everyone) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] <br/>"Key"="ActionsPane3" <br/>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" <br/>. <br/>[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] <br/>@Denied: (A) (Users) <br/>@Denied: (A) (Everyone) <br/>@Allowed: (B 1 2 3 4 5) (S-1-5-20) <br/>"BlindDial"=dword:00000000 <br/>. <br/>[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>------------------------ Other Running Processes ------------------------ <br/>. <br/>c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe <br/>c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe <br/>. <br/>************************************************************************** <br/>. <br/>Completion time: 2013-04-11 00:04:14 - machine was rebooted <br/>ComboFix-quarantined-files.txt 2013-04-11 04:04 <br/>. <br/>Pre-Run: 444,669,497,344 bytes free <br/>Post-Run: 444,137,103,360 bytes free <br/>. <br/>- - End Of File - - 3067D870B3D6B87E2AE353A167DAE61F
Posted 4/11/2013 4:51 AM
#95368
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks clean to me :smile: </div> <br/> <br/> <br/> <br/> <br/>Please tell how things are running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/17/2013 9:06 PM
#95446
User avatar

JZ Member

Date Joined Nov 2016
Total Posts: 7
seems to be o.k. Thank you except I just crack my lcd.. ugh.. .hope its a fairly easy fix any knowledge on this topic?
Posted 4/18/2013 10:42 AM
#95451
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Your lcd ! <br/> <br/> <br/>Is it the monitor, and crack how ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 4/18/2013 2:24 PM
#95455
User avatar

JZ Member

Date Joined Nov 2016
Total Posts: 7
Yes the lcd!! I picked it my laptop up by the corner of the lcd... not good! I saw a video on how to replace it on youtube and it looked fairly easy. You have helped me with my pc issues many times over the years and I want to sincerely thank you! I will pass on your site to all friends and family... Be well..
Posted 4/19/2013 12:46 PM
#95462
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
You're right, it was not good, and thank you recommend to us and it was a pleasure to help :smile: </div> <br/> <br/> <br/> <br/>I lock the thread to prevent others from posting their logs............

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, December 11, 2016, 1:14 AM (GMT +1)
There are a total of 61,164 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 4 reply posts.

Who's online

This forum has 37,970 registered members. Please welcome our newest member, MJD.
There are currently no users on-line.