Jump to content

jaiz

Honorary Members
  • Posts

    134
  • Joined

  • Last visited

Everything posted by jaiz

  1. .DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 1.6.0_33 Run by Jeremy at 2:26:18 on 2013-06-27 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6057.3213 [GMT -4:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uProxyOverride = <local> uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [AdobeBridge] <no file> mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 208.59.247.45 208.59.247.46 TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210 TCP: Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4} : DHCPNameServer = 208.59.247.45 208.59.247.46 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-05-12 06:27; {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} FF - ExtSQL: 2013-05-29 15:34; {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} FF - ExtSQL: 2013-06-20 19:58; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-20 55856] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-3 283200] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-4-29 169752] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-20 539240] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632] R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\System32\drivers\CM10664.sys [2009-9-30 1307648] R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;"C:\Program Files (x86)\Skype\Updater\Updater.exe" --> C:\Program Files (x86)\Skype\Updater\Updater.exe [?] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-8-21 29288] S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-6-9 31800] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-3 1255736] S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] S4 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624] S4 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?] S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-6-8 3574624] S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] S4 wlcrasvc;Windows Live Mesh remote connections service;"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" --> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [?] . =============== File Associations =============== . FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-06-27 01:32:47 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E095F88-CF4F-4A43-92DD-69C55B4BBA76}\mpengine.dll 2013-06-26 01:32:03 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB4403D8-2EFD-4757-8C17-A5344D551C5A}\mpengine.dll 2013-06-26 01:32:03 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-06-21 10:08:41 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E418CD3D-261E-4128-AC4B-BCA91AF07D5B}\gapaengine.dll 2013-06-20 19:33:57 -------- d-----w- C:\Program Files (x86)\Tube Increaser 2013-06-20 19:27:29 -------- d-----w- C:\ProgramData\StarApp 2013-06-20 19:25:37 -------- d-----w- C:\ProgramData\InstallMate 2013-06-18 14:58:44 -------- d-----w- C:\ProgramData\Sincell 2013-06-15 11:17:31 -------- d-----w- C:\Users\Jeremy\TruePianos Settings 2013-06-15 11:16:20 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Overloud 2013-06-15 11:15:16 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Cakewalk 2013-06-14 09:54:33 -------- d-----w- C:\Cakewalk Projects 2013-06-14 09:49:11 487424 ----a-w- C:\Windows\SysWow64\msvcp70.dll 2013-06-14 09:49:11 344064 ----a-w- C:\Windows\SysWow64\msvcr70.dll 2013-06-14 09:29:19 -------- d-----w- C:\Cakewalk Content 2013-06-14 09:27:40 -------- d-----w- C:\Program Files (x86)\Cakewalk 2013-06-14 09:26:31 -------- d-----w- C:\ProgramData\Overloud 2013-06-14 09:26:31 -------- d-----w- C:\ProgramData\Cakewalk 2013-06-14 09:26:31 -------- d-----w- C:\Program Files\Cakewalk 2013-06-12 16:44:31 -------- d-----w- C:\Program Files (x86)\Share YouTube Videos 2013-06-12 04:46:20 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-10 00:13:24 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software 2013-06-10 00:13:24 -------- d-----w- C:\Program Files (x86)\Common Files\Propellerhead Software 2013-06-10 00:13:23 -------- d-----w- C:\Program Files\VSTPlugIns 2013-06-10 00:13:22 7744 ----a-w- C:\Windows\SysWow64\HookDll.dll 2013-06-10 00:13:16 -------- d-----w- C:\Program Files (x86)\Waves 2013-06-09 23:21:33 -------- d-----w- C:\Program Files (x86)\Common Files\VST3 2013-06-09 23:21:32 -------- d-----w- C:\Program Files (x86)\VstPlugins 2013-06-09 23:21:29 -------- d-----w- C:\Program Files\Common Files\VST3 2013-06-09 23:18:30 308528 ----a-w- C:\Windows\SysWow64\setup.ocx 2013-06-09 09:03:07 -------- d-----w- C:\ProgramData\VS Revo Group 2013-06-09 09:03:06 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2013-06-09 09:03:05 -------- d-----w- C:\Program Files\VS Revo Group 2013-06-09 07:57:58 -------- d-----w- C:\Users\Jeremy\AppData\Local\VS Revo Group 2013-06-08 12:11:52 -------- d-----w- C:\Program Files (x86)\TeamViewer 2013-06-08 11:55:12 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\OfficeRecovery 2013-06-07 08:50:02 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign 2013-06-06 20:10:59 1431552 ----a-w- C:\Windows\SysWow64\ReWire.dll 2013-06-05 09:19:04 401462 ----a-w- C:\Windows\SysWow64\temp.003 2013-06-05 09:19:04 266293 ----a-w- C:\Windows\SysWow64\temp.002 2013-06-05 08:38:01 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Waves Audio 2013-06-05 08:29:22 2181120 ----a-w- C:\Windows\System32\ReWire.dll 2013-06-04 12:30:02 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-06-04 11:47:44 -------- d-----w- C:\ProgramData\Ashampoo 2013-06-04 10:47:34 -------- d-----w- C:\Program Files (x86)\Max Uninstaller 2013-06-03 11:46:27 -------- d-----w- C:\Program Files\Perfect Uninstaller 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll 2013-05-30 19:51:02 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll 2013-05-29 19:34:16 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\BitComet 2013-05-29 19:34:15 -------- d-----w- C:\Program Files (x86)\BitComet . ==================== Find3M ==================== . 2013-06-15 11:14:53 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-15 11:14:53 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-03 13:13:06 16 ----a-w- C:\Windows\SysWow64\msvcsv60.dll 2013-04-03 13:13:06 16 ----a-w- C:\Users\Jeremy\AppData\Roaming\msregsvv.dll 2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll . ============= FINISH: 2:26:52.82 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/2/2012 9:17:09 PM System Uptime: 6/24/2013 9:20:47 PM (53 hours ago) . Motherboard: Dell Inc. | | 0GDG8Y Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 352.113 GiB free. D: is FIXED (NTFS) - 932 GiB total, 209.543 GiB free. E: is FIXED (NTFS) - 932 GiB total, 60.814 GiB free. F: is FIXED (NTFS) - 2795 GiB total, 1191.757 GiB free. G: is Removable O: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP338: 6/26/2013 9:32:06 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) AAMS Auto Audio Mastering System V2.5 Adobe AIR Adobe Audition 1.5 Adobe Audition 3.0 Adobe Audition 3.0 Vista Compatibility Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS5.1 Adobe Premiere Elements 10 Adobe Premiere Elements 10 Content Adobe Premiere Elements 10 Content 1 Adobe Premiere Elements 10 Content 2 Adobe Premiere Elements 10 Content 3 Adobe Premiere Elements 10 HD Content 1 Adobe Premiere Elements 10 HD Content 2 Adobe Premiere Elements 10 HD Content 3 Adobe Reader X (10.1.7) AIM for Windows AIPL WarmTone DX v2.2 Antares Autotune VST v5.09 Antares Microphone Modeler - ZONE Apple Application Support Apple Software Update ASIO4ALL Audacity 2.0.3 BitComet 1.36 Blaine's Alias Title Blaine's Bloom/Negative Effects Blaine's Cartoonify Effects Blaine's Color Fade Effects Blaine's Contrast Effects Blaine's Custom Dreamy Look Title Blaine's Custom Speed Effects Blaine's Film Looks Effects Blaine's Letterbox Effects Blaine's Pixelate Effects Blaine's TV Signal Effects CameraHelperMsi Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide Canon Utilities CameraWindow DC 8 Canon Utilities ImageBrowser EX Canon Utilities PhotoStitch CDBurnerXP ClickFix Lite for Adobe Audition version 3.04 (remove only) Conexant HD Audio ContaCam D3DX10 DAEMON Tools Lite Dell Edoc Viewer Dropbox Elements 10 Organizer erLT EULAlyzer 2.2 Facebook Video Calling 1.2.0.159 FastStone Capture 6.8 FileZilla Client 3.7.0.2 foobar2000 v1.1.10 Free MIDI to MP3 Converter 1.0 FreeUndelete 2.1.36867.1 GEAR driver installer for AMD64 and Intel EM64T GetDataBack for NTFS Google Chrome Google Update Helper HandBrake 0.9.5 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B HP Smart Web Printing 4.51 HP Solution Center 13.0 Intel® Processor Graphics Intel® SDK for OpenCL - CPU Only Runtime Package IrfanView (remove only) Java Auto Updater Java 6 Update 27 (64-bit) Java 6 Update 33 JDownloader 0.9 Junk Mail filter update K-Lite Codec Pack 8.2.0 (Standard) Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS VideoEffects LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 MixMeister Studio 7.2.2 Movie Maker 6.0 for Windows 7 (64-bit) Moyea FLV to Video Converter Pro version 1.29.2.11 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Network64 OCR Software by I.R.I.S. 13.0 OLYMPUS Master 2 PDF Settings CS5 PlayReady PC Runtime x86 PRE10STI64Installer QuickTime Rapture 1.2.2 Revo Uninstaller Pro 3.0.5 Sandboxie 3.76 (64-bit) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Share YouTube Videos version 1 Simple Search-Replace Skype™ 6.1 SmartSound Common Data SmartSound Premiere Elements 10 x64 Plugin SmartSound Sonicfire Pro 5 SONAR X2 Producer x64 SpywareBlaster 5.0 SUPERAntiSpyware TeamViewer 8 Tube Increaser version 5.0.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.6 Waves Complete V9r1 Waves Mercury Bundle Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series x64 Edition WinRAR 4.20 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 6/26/2013 12:35:08 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 6/24/2013 9:20:55 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. . ==== End Of File =========================== mbam-log-2013-06-27 (01-36-53).txt
  2. Ok just uninstalled it. Is there anything else I have to do?
  3. # AdwCleaner v2.301 - Logfile created 05/22/2013 at 14:27:26 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jeremy - JEREMY-PC # Boot Mode : Normal # Running from : C:\Users\Jeremy\Desktop\Removal Tools\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\prefs.js [OK] File is clean. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13134 octets] - [16/05/2013 03:24:35] AdwCleaner[R2].txt - [13577 octets] - [16/05/2013 21:37:35] AdwCleaner[s1].txt - [13916 octets] - [16/05/2013 21:38:17] AdwCleaner[s2].txt - [1013 octets] - [22/05/2013 14:27:26] ########## EOF - C:\AdwCleaner[s2].txt - [1073 octets] ##########
  4. I haven't had any problems. Is there any other measures I have to take? I assumed it was gonna be suggested that I change passwords for stuff.
  5. No malware was detected so the save option was disabled in detected threats.
  6. # AdwCleaner v2.301 - Logfile created 05/16/2013 at 21:38:17 # Updated 16/05/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jeremy - JEREMY-PC # Boot Mode : Normal # Running from : C:\Users\Jeremy\Desktop\Removal Tools\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Common Files\Speedbit Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Deleted : C:\ProgramData\Speedbit Folder Deleted : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Folder Deleted : C:\Users\Jeremy\AppData\Local\Temp\BabylonToolbar Folder Deleted : C:\Users\Jeremy\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Deleted : C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com ***** [Registry] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\SpeedBit Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Deleted : HKLM\Software\InfoAtoms Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Deleted : HKLM\SOFTWARE\Tarma Installer ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\prefs.js Deleted : user_pref("extensions.alexa.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\[...] Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...] Deleted : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] -\\ Google Chrome v26.0.1410.64 File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13134 octets] - [16/05/2013 03:24:35] AdwCleaner[R2].txt - [13577 octets] - [16/05/2013 21:37:35] AdwCleaner[s1].txt - [13879 octets] - [16/05/2013 21:38:17] ########## EOF - C:\AdwCleaner[s1].txt - [13940 octets] ########## C:\Users\Jeremy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\145IG1WQ\yontoosetup[1].exe multiple threats C:\Users\Jeremy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L2DIOJCN\yontoosetup[1].exe multiple threats C:\Users\Jeremy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LU05BZID\wsconduit__166[1].exe a variant of Win32/Amonetize.B application C:\Users\Jeremy\AppData\Local\Temp\1A0B.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\2108.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\2150.tmp a variant of Win32/ELEX.C application C:\Users\Jeremy\AppData\Local\Temp\2s5WdEIf.exe.part Win32/InstalleRex.J application C:\Users\Jeremy\AppData\Local\Temp\57F9.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\57FA.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\57FB.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\57FC.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\57FD.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\57FE.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\5B28.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\6AA.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\88cY+mqf.exe.part a variant of Win32/InstallCore.D application C:\Users\Jeremy\AppData\Local\Temp\9105.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\9E47.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\A899.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\AGwIaFxk.exe.part a variant of Win32/ExpressFiles.B application C:\Users\Jeremy\AppData\Local\Temp\BBF6.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\BC17.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\BC18.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\BC19.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\BC1A.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\BC1B.tmp a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\ehT5qi9l.exe.part Win32/Adware.1ClickDownload.C application C:\Users\Jeremy\AppData\Local\Temp\FN_m2Jof.exe.part a variant of Win32/Somoto.A application C:\Users\Jeremy\AppData\Local\Temp\h+uQG5IC.exe.part Win32/DomaIQ.E application C:\Users\Jeremy\AppData\Local\Temp\Hm0P+O0F.exe.part Win32/DownloadAdmin.G application C:\Users\Jeremy\AppData\Local\Temp\iwU79kX4.exe.part Win32/DomaIQ.E application C:\Users\Jeremy\AppData\Local\Temp\m9yXBlSb.exe.part Win32/InstalleRex.J application C:\Users\Jeremy\AppData\Local\Temp\MyBabylonTB.exe a variant of Win32/Toolbar.Babylon.A application C:\Users\Jeremy\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe probably a variant of Win32/SweetIM.C application C:\Users\Jeremy\AppData\Local\Temp\tmp5BC0.tmp Win32/OpenCandy application C:\Users\Jeremy\AppData\Local\Temp\uninstall576437297.exe a variant of Win32/YourFileDownloader.B application C:\Users\Jeremy\AppData\Local\Temp\V6nDQoxU.exe.part a variant of Win32/SoftonicDownloader.E application C:\Users\Jeremy\AppData\Local\Temp\VYuxO82k.exe.part a variant of Win32/Toolbar.Babylon.A application C:\Users\Jeremy\AppData\Local\Temp\wJ2hmJ9L.exe.part a variant of Win32/YourFileDownloader.B application C:\Users\Jeremy\AppData\Local\Temp\Xij3Xwgj.exe.part probably a variant of Win32/InstallIQ application C:\Users\Jeremy\AppData\Local\Temp\ZIHPtgWv.exe.part Win32/InstalleRex.J application C:\Users\Jeremy\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.0.3717.exe Win32/OpenCandy application C:\Users\Jeremy\AppData\Local\Temp\DIQM\winrar_157\DomaIQ.exe Win32/DomaIQ.E application C:\Users\Jeremy\AppData\Local\Temp\DIQM\winrar_157\DomaIQ10.exe Win32/DomaIQ.E application C:\Users\Jeremy\AppData\Local\Temp\DIQM\winrar_157\exes.zip Win32/DomaIQ.E application C:\Users\Jeremy\AppData\Local\Temp\DIQM\winrar_157\setup__120.exe a variant of Win32/Amonetize.D application C:\Users\Jeremy\AppData\Local\Temp\is-DKE0S.tmp\OCSetupHlp.dll Win32/OpenCandy application C:\Users\Jeremy\AppData\Local\Temp\is-EHNM2.tmp\OCSetupHlp.dll Win32/OpenCandy application C:\Users\Jeremy\AppData\Local\Temp\mwi2013084715\setup.exe a variant of Win32/Adware.MediaFinder.G application C:\Users\Jeremy\AppData\Local\Temp\mwi2013084715\setup__1115.exe a variant of Win32/Amonetize.D application C:\Users\Jeremy\AppData\Local\Temp\mwi2013084715\setup__1407.exe Win32/Amonetize.A.Gen application C:\Users\Jeremy\AppData\Local\Temp\mwi2013084715\setup__932.exe a variant of Win32/Amonetize.D application C:\Users\Jeremy\AppData\Local\Temp\nszDE05.tmp\OCSetupHlp.dll Win32/OpenCandy application C:\Users\Jeremy\AppData\Local\Temp\_ir_sf_temp_0\flvinstaller.exe a variant of Win32/InstallIQ application C:\Users\Jeremy\AppData\Local\Temp\_ir_sf_temp_1\flvinstaller.exe a variant of Win32/InstallIQ application D:\$RECYCLE.BIN\S-1-5-21-4055183432-471262313-3685020261-1000\$RPJJQ00.rar multiple threats D:\- Jeremy\- Downloads\Attract Woman Now\Bonus Article 2 Sex On The Edge.htm JS/Tivso.Gen trojan D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 11 How To Create Sexual Chemistry.htm JS/Tivso.Gen trojan D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 4 What Not To Do In The Company Of Women.htm JS/Tivso.Gen trojan D:\- Jeremy\- Downloads\Attract Woman Now\Chapter 6 How To Seduce Women.htm JS/Tivso.Gen trojan D:\- Jeremy\- Programs\- Audio\Adobe Audition 3.0\adobe audition 3.zip a variant of Win32/Keygen.AF application D:\- Jeremy\- Programs\- Audio\Adobe Audition 3.0\Adobe Audition v3 Keygen.EXE a variant of Win32/Keygen.AF application D:\- Jeremy\- Programs\- Audio\AnalogX\vremover.exe Win32/OpenCandy application D:\- Jeremy\- Programs\- Audio\Winamp\winamp563_full_emusic-7plus_en-us.exe Win32/OpenCandy application D:\- Jeremy\- Programs\- Website Tools\cure.php HTML/Iframe.B.Gen virus D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe multiple threats D:\- Jeremy\- Programs\- Website Tools\- Sites\wwedivaspictures.com\pics\cure.php HTML/Iframe.B.Gen virus D:\- Jeremy\- Programs\- Website Tools\- Sites\wwedivaspictures.com\retired pages\pics1\cure.php HTML/Iframe.B.Gen virus D:\- Jeremy\- Programs\Midi to MP3 Converter\cbsidlm-tr1_13-Free_MIDI_to_MP3_Converter-BP-75211970.exe Win32/DownloadAdmin.G application D:\- Jeremy\- Programs\Winrar\winrar.exe Win32/DomaIQ.E application
  7. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Jeremy on Thu 05/16/2013 at 0:48:52.94 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\menuext\download with &media finder Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\ieplugin.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ieplugin.iewebhook.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\iminent_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3072253 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\clsoft ltd" Successfully deleted: [Folder] "C:\ProgramData\installmate" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\Users\Jeremy\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\Jeremy\AppData\Roaming\goforfiles" Successfully deleted: [Folder] "C:\Users\Jeremy\AppData\Roaming\media finder" Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\local\coupon companion plugin" Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\local\jollywallet" Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\local\swvupdater" Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\jollywallet" Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{031E4343-1BD8-47B5-85F3-FD81A39AFBA3} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{10A21B28-EEF7-46AB-A8DC-B6E17EA91075} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{144D4EDC-0905-4F10-9CF4-1C09603B2DE1} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{148E8215-C31D-46B8-8AAC-0ECF3A02E8DC} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{17F73932-EE47-4CA2-979B-B219271A16E2} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{2B65A8A6-B803-4F24-B9F0-9B1C62F9AEEB} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{68E27F14-AF36-4754-8B31-CC27C799A5A9} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{C5F97466-32AB-4569-9B2E-068C1457F0CF} Successfully deleted: [Empty Folder] C:\Users\Jeremy\appdata\local\{F8EAFAE6-9518-4516-84D2-016B134FB837} ~~~ FireFox Successfully deleted: [File] C:\Users\Jeremy\AppData\Roaming\mozilla\firefox\profiles\blj3egdu.default\user.js Successfully deleted: [Folder] C:\Users\Jeremy\AppData\Roaming\mozilla\firefox\profiles\blj3egdu.default\jetpack Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} Successfully deleted the following from C:\Users\Jeremy\AppData\Roaming\mozilla\firefox\profiles\blj3egdu.default\prefs.js user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); user_pref("browser.search.order.1", "Search the web (Babylon)"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110016&tt=060612_8_"); user_pref("extensions.BabylonToolbar_i.hardId", "e28eba2200000000000064273760afde"); user_pref("extensions.BabylonToolbar_i.id", "e28eba2200000000000064273760afde"); user_pref("extensions.BabylonToolbar_i.instlDay", "15511"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110016&tt=060612_8_&babsrc=NT_ss&mntrId=e28eba2200000000000064273760afde"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.176:34:54"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.alexa.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\" : {\n user_pref("extensions.alexa.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\n <replacements>\n <replacement>\n <key><![CDATA[__REGION__PLACEHO user_pref("extensions.crossrider.bic", "13cc5a8e7dd8f1e076544622e1915c92"); user_pref("extensions.defaulttab.active.affiliate", 4005); user_pref("extensions.defaulttab.active.overridechromesearch", false); user_pref("extensions.defaulttab.active.overridekeywordsearch", false); user_pref("extensions.defaulttab.browserID", "9701CF1882B4896D920757FC90321585"); user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2\", \"set_default_search\": \"Search Here|Search He user_pref("extensions.defaulttab.firstrun", false); user_pref("extensions.defaulttab.installedVersion", "1.4.4"); user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11"); user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11"); user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home. user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_product_name", "Updater By SweetPacks"); Emptied folder: C:\Users\Jeremy\AppData\Roaming\mozilla\firefox\profiles\blj3egdu.default\minidumps [114 files] ~~~ Chrome Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 05/16/2013 at 0:52:07.67 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.05.16.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Jeremy :: JEREMY-PC [administrator] 5/16/2013 3:05:55 AM mbam-log-2013-05-16 (03-05-55).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 234222 Time elapsed: 12 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) # AdwCleaner v2.300 - Logfile created 05/16/2013 at 03:24:35 # Updated 28/04/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jeremy - JEREMY-PC # Boot Mode : Normal # Running from : C:\Users\Jeremy\Desktop\Removal Tools\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\Common Files\Speedbit Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Found : C:\ProgramData\Speedbit Folder Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Folder Found : C:\Users\Jeremy\AppData\Local\Temp\BabylonToolbar Folder Found : C:\Users\Jeremy\AppData\Local\Temp\boost_interprocess Folder Found : C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Found : C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\SpeedBit Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61} Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Found : HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2} Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} Key Found : HKLM\SOFTWARE\Tarma Installer ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Registry is clean. -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\prefs.js Found : user_pref("extensions.alexa.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\[...] Found : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...] Found : user_pref("{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] -\\ Google Chrome v26.0.1410.64 File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13097 octets] - [16/05/2013 03:24:35] ########## EOF - C:\AdwCleaner[R1].txt - [13158 octets] ########## RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jeremy [Admin rights] Mode : Scan -- Date : 05/16/2013 03:33:51 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 13 ¤¤¤ [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer (107.6.133.8,23.23.180.210) -> FOUND [HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net 127.0.0.1 link-assistant.com 127.0.0.1 www.link-assistant.com ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD103UJ ATA Device +++++ --- User --- [MBR] bcc1727eb4d27fb881a41e96255b5396 [bSP] beac72b8fa020a816c05c3802bf54d68 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: ST3500413AS ATA Device +++++ --- User --- [MBR] 960ee0263e7e86714a4c1b9dca087975 [bSP] 1a5f2db44097e7f4dc4ae1dda7b13ac3 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15166 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31141888 | Size: 461733 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive2: Hitachi HDT721010SLA360 USB Device +++++ --- User --- [MBR] fb6d4d6cac98078e792dd36a5bef8afe [bSP] db4753ad11c4e1c11c05d6019087945e : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_05162013_02d0333.txt >> RKreport[1]_S_05162013_02d0333.txt
  8. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 1.6.0_33 Run by Jeremy at 8:29:37 on 2013-05-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6057.3153 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Sandboxie\SandboxieRpcSs.exe C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.43.exe D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\hitleap-viewer.exe C:\Windows\system32\wuauclt.exe C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Sandboxie\32\SbieSvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\control\..\cef\hitleap-viewer-browser.exe D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe D:\- Jeremy\- Programs\- Website Tools\- Bots\HitLeap Viewer\HitLeap Viewer\core\cef\hitleap-viewer-browser.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?affID=110016&tt=060612_8_&babsrc=HP_ss&mntrId=e28eba2200000000000064273760afde uProxyOverride = <local> uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe uRun: [AdobeBridge] <no file> mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab TCP: NameServer = 208.59.247.45 208.59.247.46 TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210 TCP: Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4} : DHCPNameServer = 208.59.247.45 208.59.247.46 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Plugin for Media Finder: {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\Jeremy\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-05-12 06:27; {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}; C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\blj3egdu.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} FF - ExtSQL: !HIDDEN! 2012-10-08 22:35; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110016&tt=060612_8_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - e28eba2200000000000064273760afde FF - user.js: extensions.BabylonToolbar_i.hardId - e28eba2200000000000064273760afde FF - user.js: extensions.BabylonToolbar_i.instlDay - 15511 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.176:34:54 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . . . . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-1-20 55856] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-3 283200] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-4-29 169752] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-13 342528] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-20 539240] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632] R3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\System32\drivers\CM10664.sys [2009-9-30 1307648] R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-8-21 29288] S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 LVUVC64;Logitech HD Webcam C510(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-25 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-25 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-3 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" --> C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [?] . =============== File Associations =============== . FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-05-15 07:49:51 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2DF5228-6A40-42AF-97D2-2C539F41695C}\mpengine.dll 2013-05-13 12:41:23 9317456 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-12 08:23:44 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2013-05-12 08:23:44 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2013-05-12 08:23:44 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2013-05-12 08:23:43 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2013-05-12 08:23:37 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2013-05-12 06:56:16 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign 2013-05-12 06:56:13 -------- d-----w- C:\Program Files (x86)\Waves 2013-05-12 01:39:04 -------- d-----w- C:\Users\Jeremy\AppData\Local\Tube Bot 2013-05-12 01:38:49 -------- d-----w- C:\Program Files (x86)\Tube Bot 2013-05-11 13:07:18 348160 ------w- C:\Windows\SysWow64\msvcr71.dll 2013-05-11 12:58:21 499712 ------w- C:\Windows\SysWow64\msvcp71.dll 2013-05-11 08:21:12 -------- d-----w- C:\Program Files (x86)\AAMS 2013-05-10 08:20:50 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-10 08:20:50 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-07 08:56:30 -------- d-----w- C:\Program Files (x86)\Share YouTube Videos 2013-05-06 08:07:25 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\UBot Studio 2013-05-02 04:08:41 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2013-05-02 04:08:41 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Adobe Mini Bridge CS5.1 2013-05-01 09:25:07 -------- d-----r- C:\Sandbox 2013-05-01 09:21:03 -------- d-----w- C:\Program Files\Sandboxie 2013-04-29 08:35:23 144896 ----a-w- C:\Windows\System32\IntelOpenCL64.dll 2013-04-29 08:35:22 20992 ----a-w- C:\Windows\System32\OpenCL.dll 2013-04-29 08:35:20 17920 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2013-04-29 08:35:20 104448 ----a-w- C:\Windows\SysWow64\IntelOpenCL32.dll 2013-04-25 06:12:11 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2D5DC14-1F85-4C26-BA2F-5E0DA880F8B1}\gapaengine.dll 2013-04-25 06:08:15 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-25 05:36:25 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2013-04-21 05:39:40 -------- d-----w- C:\Program Files (x86)\Warmtone 2013-04-21 05:39:15 -------- d-----w- C:\audio 2013-04-20 08:12:57 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe Systems Shared 2013-04-19 08:44:01 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\MuRKuT Bili?im Teknolojileri 2013-04-19 05:37:21 995383 ----a-w- C:\Windows\SysWow64\temp.001 2013-04-19 05:37:21 295000 ----a-w- C:\Windows\SysWow64\temp.000 2013-04-19 05:37:05 -------- d-----w- C:\Program Files (x86)\WebTV Viewer 2013-04-19 02:16:45 -------- d-----w- C:\Program Files (x86)\Free MIDI to MP3 Converter 2013-04-19 01:19:08 -------- d-----w- C:\Users\Jeremy\AppData\Local\pinger.com 2013-04-19 01:19:00 -------- d-----w- C:\Users\Jeremy\AppData\Local\Caphyon 2013-04-19 01:18:07 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Pinger Inc 2013-04-18 10:24:29 -------- d-----w- C:\Program Files (x86)\VoiceTrap 2013-04-18 10:07:39 -------- d-----w- C:\Program Files (x86)\Audacity 2013-04-18 09:25:52 -------- d-----w- C:\Program Files (x86)\AnalogX 2013-04-18 02:53:47 -------- d-----w- C:\Users\Jeremy\AppData\Roaming\Spiritsoft . ==================== Find3M ==================== . 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-03 13:13:06 16 ----a-w- C:\Windows\SysWow64\msvcsv60.dll 2013-04-03 13:13:06 16 ----a-w- C:\Users\Jeremy\AppData\Roaming\msregsvv.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-15 06:08:57 88576 ----a-w- C:\Windows\System32\wecapi.dll 2013-02-15 06:08:57 237568 ----a-w- C:\Windows\System32\wecsvc.dll 2013-02-15 06:08:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll 2013-02-15 06:06:11 3717632 ----a-w- C:\Windows\System32\mstscax.dll 2013-02-15 06:02:26 158720 ----a-w- C:\Windows\System32\aaclient.dll 2013-02-15 04:37:10 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll 2013-02-15 04:34:10 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll 2013-02-15 03:53:28 113152 ----a-w- C:\Windows\System32\wecutil.exe 2013-02-15 03:25:51 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll 2013-02-15 02:54:11 80384 ----a-w- C:\Windows\SysWow64\wecutil.exe 2013-02-15 02:54:04 58368 ----a-w- C:\Windows\SysWow64\wecapi.dll . ============= FINISH: 8:30:22.64 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/2/2012 9:17:09 PM System Uptime: 5/15/2013 5:36:35 AM (3 hours ago) . Motherboard: Dell Inc. | | 0GDG8Y Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 343.476 GiB free. D: is FIXED (NTFS) - 932 GiB total, 266.722 GiB free. E: is FIXED (NTFS) - 932 GiB total, 60.773 GiB free. F: is FIXED (NTFS) - 2795 GiB total, 1255.052 GiB free. G: is Removable O: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP248: 5/12/2013 4:24:09 AM - Installed Waves 4.0 RP249: 5/15/2013 3:48:44 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) AAMS Auto Audio Mastering System V2.5 Adobe AIR Adobe Audition 1.5 Adobe Audition 3.0 Adobe Audition 3.0 Vista Compatibility Adobe Community Help Adobe Flash Player 11 Plugin Adobe Photoshop CS5.1 Adobe Photoshop.com Inspiration Browser Adobe Premiere Elements 10 Adobe Premiere Elements 10 Content Adobe Premiere Elements 10 Content 1 Adobe Premiere Elements 10 Content 2 Adobe Premiere Elements 10 Content 3 Adobe Premiere Elements 10 HD Content 1 Adobe Premiere Elements 10 HD Content 2 Adobe Premiere Elements 10 HD Content 3 Adobe Reader X (10.1.6) AIM for Windows AIPL WarmTone DX v2.2 AnalogX VocalRemover Antares Autotune VST v5.09 Antares Microphone Modeler - ZONE Apple Application Support Apple Software Update ASIO4ALL Audacity 2.0.3 Blaine's Alias Title Blaine's Bloom/Negative Effects Blaine's Cartoonify Effects Blaine's Color Fade Effects Blaine's Contrast Effects Blaine's Custom Dreamy Look Title Blaine's Custom Speed Effects Blaine's Film Looks Effects Blaine's Letterbox Effects Blaine's Pixelate Effects Blaine's TV Signal Effects CameraHelperMsi Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide Canon Utilities CameraWindow DC 8 Canon Utilities ImageBrowser EX Canon Utilities PhotoStitch CDBurnerXP ClickFix Lite for Adobe Audition version 3.04 (remove only) Conexant HD Audio ContaCam Custom Shop version 1.1.0 D3DX10 DAEMON Tools Lite Dell Edoc Viewer Dropbox Elements 10 Organizer erLT Facebook Video Calling 1.2.0.159 FastStone Capture 6.8 FileZilla Client 3.5.3 foobar2000 v1.1.10 Free MIDI to MP3 Converter 1.0 GEAR driver installer for AMD64 and Intel EM64T GetDataBack for NTFS Google Chrome Google Update Helper HandBrake 0.9.5 HP Imaging Device Functions 13.0 HP Photosmart Essential 3.5 HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B HP Smart Web Printing 4.51 HP Solution Center 13.0 Intel® Processor Graphics Intel® SDK for OpenCL - CPU Only Runtime Package IrfanView (remove only) Java Auto Updater Java 6 Update 27 (64-bit) Java 6 Update 33 JDownloader 0.9 Junk Mail filter update K-Lite Codec Pack 8.2.0 (Standard) Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS VideoEffects LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 MixMeister Studio 7.2.2 Movie Maker 6.0 for Windows 7 (64-bit) Moyea FLV to Video Converter Pro version 1.29.2.11 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Network64 OCR Software by I.R.I.S. 13.0 OLYMPUS Master 2 PDF Settings CS5 PlayReady PC Runtime x86 PRE10STI64Installer QuickTime Sandboxie 3.76 (64-bit) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Share YouTube Videos version 1 Simple Search-Replace Skype™ 5.10 Skype™ 6.1 SmartSound Common Data SmartSound Premiere Elements 10 x64 Plugin SmartSound Sonicfire Pro 5 SUPERAntiSpyware T-RackS CS version 4.0.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.2 Waves 4.0 Waves API Collection Web Camera Security System 1.0 WebTV Viewer Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series x64 Edition WinRAR 4.20 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 5/12/2013 3:24:27 AM, Error: Schannel [36887] - The following fatal alert was received: 40. 5/12/2013 12:07:15 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 5/12/2013 12:07:15 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 5/12/2013 1:20:46 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================
  9. Hi I joined this forum just so I can post this issue. I did a quick scan, and I received 3 counts of stolen.data along with something else. I didn't take any action for hours and hours until I accidentally clicked on remove selected a little bit ago. I don't think that will be enough. I looked around online and it seems that removing the malware through malwarebytes is not enough to remove it. Please guide me step by step on how to completely remove the malware in my log, and how to prevent this from happening again. mbam-log-2013-05-13 (22-55-09).txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.