Jump to content

ikejohn79

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Posts posted by ikejohn79

    Malwarebytes is installed but will not open even with Chameleon

    in Resolved Malware Removal Logs

    Posted

    Thanks for your help!!

    ComboFix 12-07-07.03 - Cindy 07/07/2012 7:27.1.4 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2407 [GMT -7:00]

    Running from: c:\users\Cindy\Downloads\ComboFix.exe

    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\program files (x86)\CouponAlert_2pEI

    c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEIPlug.dll

    c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEZSETP.dll

    c:\program files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISb.dll

    c:\program files (x86)\I Want This

    c:\program files (x86)\I Want This\appAPIinternalWrapper.js

    c:\program files (x86)\I Want This\fb.js

    c:\program files (x86)\I Want This\I Want This.dll

    c:\program files (x86)\I Want This\I Want This.exe

    c:\program files (x86)\I Want This\I Want This.ico

    c:\program files (x86)\I Want This\I Want ThisGui.exe

    c:\program files (x86)\I Want This\jquery.js

    c:\program files (x86)\I Want This\json.js

    c:\program files (x86)\I Want This\Uninstall.exe

    c:\program files (x86)\Search Toolbar

    c:\program files (x86)\Search Toolbar\SearchToolbar.dll

    c:\program files (x86)\TelevisionFanaticEI

    c:\users\Cindy\AppData\Local\I Want This

    c:\users\Cindy\AppData\Local\I Want This\Chrome\I Want This.crx

    c:\users\Cindy\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

    c:\users\Cindy\AppData\Roaming\result.db

    c:\users\Cindy\Norton_Removal_Tool.exe

    c:\users\Trevor\AppData\Local\{05919438-749f-84f0-1361-19d593641c66}

    c:\users\Trevor\AppData\Local\{05919438-749f-84f0-1361-19d593641c66}\@

    c:\users\Trevor\AppData\Local\{05919438-749f-84f0-1361-19d593641c66}\n

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}\@

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}\n

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}\U\00000001.@

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}\U\80000000.@

    c:\windows\Installer\{05919438-749f-84f0-1361-19d593641c66}\U\800000cb.@

    c:\windows\security\Database\tmp.edb

    c:\windows\SysWow64\msnphoto.scr

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-06-07 to 2012-07-07 )))))))))))))))))))))))))))))))

    .

    .

    2012-07-07 14:34 . 2012-07-07 14:34 -------- d-----w- c:\users\Trevor\AppData\Local\temp

    2012-07-07 14:34 . 2012-07-07 14:34 -------- d-----w- c:\users\Default\AppData\Local\temp

    2012-07-07 03:45 . 2012-07-07 03:45 -------- d-----w- c:\program files (x86)\Trend Micro

    2012-07-07 02:54 . 2012-07-07 02:57 33096 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

    2012-07-06 18:07 . 2012-07-06 18:08 -------- d-----w- c:\programdata\AVG Secure Search

    2012-07-06 18:07 . 2012-07-06 18:08 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

    2012-07-06 18:07 . 2012-07-06 18:07 -------- d-----w- c:\windows\SysWow64\drivers\AVG

    2012-07-06 18:06 . 2012-07-06 18:08 -------- d-----w- c:\programdata\AVG2012

    2012-07-06 18:03 . 2012-07-06 18:04 -------- d-----w- c:\programdata\MFAData

    2012-07-06 18:03 . 2012-07-06 18:03 -------- d--h--w- c:\programdata\Common Files

    2012-07-06 17:50 . 2012-07-06 17:50 -------- d-----w- c:\program files (x86)\Common Files\Java

    2012-07-06 17:50 . 2012-07-06 17:50 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

    2012-07-06 17:47 . 2012-07-06 17:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

    2012-07-06 17:47 . 2012-07-06 17:47 -------- d-----w- c:\programdata\Malwarebytes

    2012-07-06 17:47 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-07-06 17:10 . 2012-07-06 18:12 -------- d-----w- c:\users\Cindy\AppData\Local\360Amigo

    2012-07-06 17:10 . 2012-07-06 17:10 -------- d-----w- c:\program files\360Amigo

    2012-07-03 22:41 . 2012-07-03 22:41 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

    2012-07-03 21:18 . 2012-07-03 21:18 -------- d-----w- c:\programdata\Recovery

    2012-07-03 21:09 . 2012-07-03 21:13 -------- d-----w- c:\users\Trevor\AppData\Roaming\NCH Software

    2012-06-25 23:55 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

    2012-06-25 23:55 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

    2012-06-25 23:55 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

    2012-06-25 23:55 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

    2012-06-25 23:54 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

    2012-06-25 23:54 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

    2012-06-25 23:54 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

    2012-06-25 23:54 . 2012-06-02 22:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

    2012-06-25 23:54 . 2012-06-02 22:15 36864 ----a-w- c:\windows\system32\wuapp.exe

    2012-06-22 20:11 . 2012-06-22 20:11 -------- d-----w- c:\windows\en

    2012-06-22 20:09 . 2012-06-22 20:09 -------- d-----w- c:\program files\Windows Live

    2012-06-21 15:31 . 2012-06-21 15:31 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e99431c81cd4fc201\DSETUP.dll

    2012-06-21 15:31 . 2012-06-21 15:31 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e99431c81cd4fc201\DXSETUP.exe

    2012-06-21 15:31 . 2012-06-21 15:31 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\e99431c81cd4fc201\dsetup32.dll

    2012-06-18 23:12 . 2012-06-18 23:12 -------- d-----w- c:\program files (x86)\Conduit

    2012-06-18 23:11 . 2012-07-07 14:17 -------- d-----w- c:\users\Cindy\AppData\Local\Conduit

    2012-06-18 23:10 . 2012-06-18 23:10 -------- d-----w- c:\users\Cindy\AppData\Local\CRE

    2012-06-15 14:17 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb

    2012-06-13 01:27 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

    2012-06-13 01:27 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

    2012-06-13 01:27 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

    2012-06-13 01:24 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll

    2012-06-13 01:24 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

    2012-06-13 01:24 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

    2012-06-13 01:24 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

    2012-06-13 01:22 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys

    2012-06-13 01:22 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2012-06-13 01:22 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll

    2012-06-13 01:22 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll

    2012-06-13 01:22 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll

    2012-06-13 01:22 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll

    2012-06-13 01:22 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll

    2012-06-13 01:22 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

    2012-06-13 01:22 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll

    2012-06-13 01:22 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

    2012-06-07 21:43 . 2012-06-07 21:43 -------- d-sh--w- c:\windows\system32\%APPDATA%

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2012-07-06 17:50 . 2010-12-09 14:45 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll

    2012-06-23 03:50 . 2012-04-04 02:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2012-06-23 03:50 . 2011-05-17 14:52 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-05-05 19:07 . 2012-04-14 15:09 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0538CF1C-8419-4800-ADBB-0C00C799FDA2}]

    2012-06-25 14:01 88416 ----a-w- c:\users\Cindy\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]

    "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2008-10-20 210208]

    "InstallIQUpdater"="c:\program files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-10-11 1179648]

    "GenieoUpdaterService"="c:\users\Cindy\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" [2012-06-25 280928]

    "GenieoSystemTray"="c:\users\Cindy\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe" [2012-06-25 564064]

    "360Amigo"="c:\program files\360Amigo\360Amigo.exe" [2012-07-06 5156128]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]

    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]

    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-08 421160]

    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 0 (0x0)

    "ConsentPromptBehaviorUser"= 0 (0x0)

    "EnableLUA"= 0 (0x0)

    "EnableUIADesktopToggle"= 0 (0x0)

    "PromptOnSecureDesktop"= 0 (0x0)

    .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

    "DisableRegedit"= 0 (0x0)

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

    .

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

    Notification Packages REG_MULTI_SZ DPPassFilter scecli

    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    .

    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [x]

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 136176]

    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 257224]

    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 136176]

    R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-07-07 33096]

    R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2011-01-21 7680512]

    R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

    R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-19 4608]

    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-01-11 232992]

    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-23 333928]

    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-20 50688]

    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-23 1255736]

    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

    S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [2010-01-30 20056]

    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

    S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/08/19 02:52];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-01-27 22:48 146928]

    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

    S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-01-04 89600]

    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-22 202752]

    S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-01-16 127984]

    S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-02-08 338168]

    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]

    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]

    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-07-06 227384]

    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]

    S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]

    S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]

    S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-01-06 2184496]

    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-22 6233088]

    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-22 161280]

    S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]

    S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-01-22 8034368]

    S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-07-27 8593920]

    .

    .

    --- Other Services/Drivers In Memory ---

    .

    *NewlyCreated* - WS2IFSL

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

    2010-01-22 18:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 03:50]

    .

    2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 20:15]

    .

    2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-22 20:15]

    .

    2012-07-07 c:\windows\Tasks\HPCeeScheduleForCINDY-PC$.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

    .

    2012-06-21 c:\windows\Tasks\HPCeeScheduleForCindy.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

    .

    2012-06-23 c:\windows\Tasks\HPCeeScheduleForTrevor.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

    .

    .

    --------- X64 Entries -----------

    .

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-22 166424]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-22 390680]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-22 410136]

    "HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]

    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]

    "HPToneControl"="c:\program files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [2009-08-20 107832]

    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-28 172032]

    "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2009-12-16 8192]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-04 487424]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "LoadAppInit_DLLs"=0x0

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948

    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm

    uInternet Settings,ProxyOverride = *.local

    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000

    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

    .

    - - - - ORPHANS REMOVED - - - -

    .

    WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)

    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

    AddRemove-Doxillion - c:\program files (x86)\NCH Software\Doxillion\uninst.exe

    AddRemove-I Want This - c:\program files (x86)\I Want This\Uninstall.exe

    .

    .

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

    "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

    @Denied: (2) (LocalSystem)

    "{9D425283-D487-4337-BAB6-AB8354A81457}"=hex:51,66,7a,6c,4c,1d,38,12,ed,51,51,

    99,b5,9a,59,06,c5,a0,e8,c3,51,f6,50,43

    "{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}"=hex:51,66,7a,6c,4c,1d,38,12,56,9f,34,

    9c,79,90,a1,0e,ec,df,cd,82,65,37,92,e0

    "{5BED3930-2E9E-76D8-BACC-80DF2188D455}"=hex:51,66,7a,6c,4c,1d,38,12,5e,3a,fe,

    5f,ac,60,b6,33,c5,da,c3,9f,24,d6,90,41

    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,

    d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54

    "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

    eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

    "{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

    06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

    "{0538CF1C-8419-4800-ADBB-0C00C799FDA2}"=hex:51,66,7a,6c,4c,1d,38,12,72,cc,2b,

    01,2b,ca,6e,0d,d2,ad,4f,40,c2,c7,b9,b6

    "{11111111-1111-1111-1111-110011221158}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,

    15,23,5f,7f,54,6e,07,52,40,14,7c,55,4c

    "{1631550F-191D-4826-B069-D9439253D926}"=hex:51,66,7a,6c,4c,1d,38,12,61,56,22,

    12,2f,57,48,0d,cf,7f,9a,03,97,0d,9d,32

    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

    "{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A}"=hex:51,66,7a,6c,4c,1d,38,12,4e,0e,85,

    66,3f,23,da,5f,34,e7,d6,f0,b0,e6,3c,2e

    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

    72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

    "{B6EF6C45-5E8D-4C3B-B580-A5073261A381}"=hex:51,66,7a,6c,4c,1d,38,12,2b,6f,fc,

    b2,bf,10,55,09,ca,96,e6,47,37,3f,e7,95

    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

    "{E8DAAA30-6CAA-4B58-9603-8E54238219E2}"=hex:51,66,7a,6c,4c,1d,38,12,5e,a9,c9,

    ec,98,22,36,0e,e9,15,cd,14,26,dc,5d,f6

    "{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,

    f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc

    "{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

    f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

    @Denied: (2) (LocalSystem)

    "Timestamp"=hex:a3,15,1c,bb,16,45,cd,01

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Shockwave Flash Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

    @="0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

    @="ShockwaveFlash.ShockwaveFlash.11"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="ShockwaveFlash.ShockwaveFlash"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Macromedia Flash Factory Object"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

    @="FlashFactory.FlashFactory.1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="FlashFactory.FlashFactory"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker4"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    ------------------------ Other Running Processes ------------------------

    .

    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    c:\program files (x86)\Bonjour\mDNSResponder.exe

    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

    c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    c:\program files (x86)\DigitalPersona\Bin\DPAgent.exe

    .

    **************************************************************************

    .

    Completion time: 2012-07-07 07:47:38 - machine was rebooted

    ComboFix-quarantined-files.txt 2012-07-07 14:47

    .

    Pre-Run: 402,971,475,968 bytes free

    Post-Run: 403,542,683,648 bytes free

    .

    - - End Of File - - BF51A3B6A54A83B928E3E2E2AF1638EF

    Malwarebytes is installed but will not open even with Chameleon

    in Malwarebytes for Windows Support Forum

    Posted

    I have installed Malwarebytes and tried all 12 Chameleon tests and none of them worked. I downloaded HiJackThis and thought it would be the best place to start with this problem. Please help me or direct me to another forum that will. Thank you very much!

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 8:45:44 PM, on 7/6/2012

    Platform: Unknown Windows (WinNT 6.01.3505 SP1)

    MSIE: Internet Explorer v9.00 (9.00.8112.16446)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe

    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

    C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

    C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

    C:\Users\Cindy\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe

    C:\Program Files\360Amigo\360Amigo.exe

    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Windows\SysWOW64\rundll32.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Windows\SysWOW64\rundll32.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Users\Cindy\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe

    C:\Program Files (x86)\Java\jre6\bin\javaw.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2801948

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: My Personal Homepage - {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Cindy\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll

    O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - (no file)

    O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

    O2 - BHO: TTB000000 - {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - (no file)

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll

    O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

    O3 - Toolbar: CouponBar - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - (no file)

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

    O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler

    O4 - HKCU\..\Run: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun

    O4 - HKCU\..\Run: [GenieoUpdaterService] "C:\Users\Cindy\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5

    O4 - HKCU\..\Run: [GenieoSystemTray] "C:\Users\Cindy\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"

    O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - (no file)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O13 - Gopher Prefix:

    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (file missing)

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

    O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

    O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

    O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 14562 bytes

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.