Jump to content

Holliebaker1988

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

Reputation

0 Neutral

About Holliebaker1988

  • Birthday 03/25/1988

Profile Information

  • Location
    America
  1. Holliebaker1988
    RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Hollie [Admin rights] Mode : Remove -- Date : 08/11/2013 16:14:08 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++ --- User --- [MBR] 1ba6e739e199dda7f7b1e6b6d476187f [bSP] 35cff5c93c53e5a466e70c6c8ff31d64 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 594982 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1221597184 | Size: 13997 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_D_08112013_161408.txt >> RKreport[0]_S_08112013_161354.txt
  2. Holliebaker1988
    I am getting an error trying to download roguekiller.
  3. Holliebaker1988
    Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.11.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16635Hollie :: HOLLIEANDMATTPC [administrator] 8/11/2013 3:47:23 PMmbam-log-2013-08-11 (15-47-23).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 244306Time elapsed: 8 minute(s), 21 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Users\Matt\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully. (end)
  4. Holliebaker1988
    # AdwCleaner v2.306 - Logfile created 08/11/2013 at 15:39:42 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Hollie - HOLLIEANDMATTPC # Boot Mode : Normal # Running from : C:\Users\Hollie\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Matt\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Matt\AppData\Roaming\SearchProtect ***** [Registry] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Software ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\Hollie\AppData\Local\Google\Chrome\User Data\Default\Preferences File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [1444 octets] - [11/08/2013 15:39:17] AdwCleaner[s1].txt - [1338 octets] - [11/08/2013 15:39:42] ########## EOF - C:\AdwCleaner[s1].txt - [1398 octets] ##########
  5. Holliebaker1988
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.4.2 (08.11.2013:1) OS: Windows 7 Home Premium x64 Ran by Hollie on Sun 08/11/2013 at 15:24:49.53 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\speedypc software" Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\drivercure" Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\pccustubinstaller" Successfully deleted: [Folder] "C:\Users\Hollie\AppData\Roaming\speedypc software" Successfully deleted: [Folder] "C:\Users\Hollie\appdata\locallow\conduit" Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{06132061-CB71-4AD4-A8D3-1EE6DEA265A8} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{0931DB1F-E392-4794-A995-589BC8D8F35E} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{09C0EAE6-B595-44BA-9106-C5DCBCF6EF71} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{0C4F35FE-2356-4545-A1A9-1A6C2634A703} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{14BFE3A3-AC23-4A83-92BD-4E01B9AF9892} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1BE10557-5306-43E5-B782-840DD0F33C5D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1D313847-A724-4214-8F71-0459FE8F884D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1D896307-12F0-4B41-9BE7-78EF83D148FD} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{1EC5DC2F-D5F9-43CE-A44B-A7487596FCE9} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{2A2F07CA-9543-4DE7-B126-01F5EA29410E} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{340D19D0-D447-40C4-997D-BAB00A385284} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{354B5BD2-2F8C-4F16-9087-E41AA787118E} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{3607231D-D9BC-421D-82FF-E9B399C94EE0} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{399BE141-98B4-45A6-9D4A-4DC14D1E2BED} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{3AC2D659-0CEC-41D5-A0F3-FAC4FFD08B1C} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4196F870-2B8B-416C-A0A7-C3F618D2F839} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4304D47D-D0AC-400E-89D8-D1DE19613D90} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{43157BC4-DA92-4E0C-BFA4-E356D04579C7} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{45026DA0-0E48-48AE-B085-574B79F6C197} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{451FB77D-A904-49CD-A3CD-2372B3662BE3} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4A7D55CE-C3C9-4271-B405-BAF5A8CF98CC} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4C9EB16F-D86B-45ED-9538-4B02AE5F6BE7} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4D43A075-A069-4007-876B-0B6C2DD5D3EC} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4EB73EB0-F14E-4ACE-ACA8-2CA6A8408483} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{4FBB3650-AEC7-4D82-AFB7-AFB60BA1472D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{511582C2-C289-45D3-8EE4-D4B4E444B10B} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{59A43603-2670-46F2-BF77-C3B49A1A53A2} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{5AA88913-A239-43DE-9145-85D5F9F40ED5} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{61596268-2FF2-464A-8645-7A6847C9E430} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{65F4EC8D-F501-4A52-9AA8-D5111116A4F5} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{70BA61C9-3C32-4CE0-A2AE-9BA4A7460C9C} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{73E80B69-56A1-4A4C-9EC6-F9EF4F730F20} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{7E03160D-BB3B-457A-928D-41A1BC12C756} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{7F116282-4C6B-41D7-BE82-D34462A3503A} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{81C6A628-BCB3-4E4A-93DC-953EB220A82F} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{8613664D-031F-4A99-9331-CE4F8B13DB21} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{86244067-BF22-4A41-9AB4-101D30CF0E30} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{879D709A-4F9E-4345-95FC-0D4EFBDFAC64} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{8BCA4119-2B08-4963-8D34-9DA83298CF9B} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{95ACC55B-54CE-4A0B-99AF-B5366DEBEE0D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{99E34515-CE83-4C27-A882-7922E7E913FA} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9B201AB1-48EB-4F0A-87D4-E2397231DAE1} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9D2EAC0B-D90D-4D3F-94B4-4C01310CB075} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{9F35DF50-BCED-4CE9-8471-5508B15EF01C} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A1C89FA0-C2BB-41C9-A67A-9FBE209DDACC} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A4E61DD3-DC89-41A6-953C-6C35BDD15299} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A8D55A3C-E10B-429A-9D98-D3A0809E2139} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A94801F2-5F7C-476B-AF20-150E7E21A0E2} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{A9CB4151-F174-41F4-A169-DD22D51937EE} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{AD71AE4C-BAC3-452C-9851-0F182824BAAB} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{AE5927E4-13C6-4EDE-A139-BB0F7D8AF992} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{B6FBD60A-1B3F-4A65-8D95-43E21BE7A449} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{BCCDA985-1990-4818-8BF8-DFDAFC42CF89} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C375D33F-BF5D-47C7-8AFD-CB85ED65EA8D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C4641903-B5FD-4B12-9727-654592374E68} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C52B3161-2102-4F08-9AD1-80A7525A9BED} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{C7C9C191-D4C0-4B4F-8F0C-B5BBAA78C76A} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{CE662C56-D2D8-4BBF-B74D-C073A701D3CE} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{CFE8FDDF-F580-4609-AF17-F18FEB5A78F7} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{D6C41110-BA19-4D88-9394-8C5926E94104} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DD2E472B-9755-487D-9CD8-65ECB029D64D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DE2C3B9E-8EAC-42AC-B6FD-10C82B504C57} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{DFCEAE3E-9FAF-4635-A688-985B0048357D} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{EA48A0E2-AEA6-4ECF-AD6B-2C7D9EA9C839} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{F22E4565-6E6A-4523-8645-86307FFDB34E} Successfully deleted: [Empty Folder] C:\Users\Hollie\appdata\local\{FAC6D75A-6A93-42DC-8B14-20C27CB9FFD1} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 08/11/2013 at 15:33:04.11 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6. Holliebaker1988
    Thank you so much I am on step 2 with the junkware the black box I pressed a key and it is currently on checking modules. Am I doing this properly?
  7. Holliebaker1988
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.21.2 Run by Hollie at 14:23:31 on 2013-08-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1440 [GMT -7:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Pando Networks\Pando\Pando.exe C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\Cricket Broadband Connect\AvqAutorun.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\windows\system32\svchost.exe -k SDRSVC c:\Program Files\Microsoft Security Client\NisSrv.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Pando] C:\Program Files (x86)\Pando Networks\Pando\Pando.exe /Minimized uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [searchProtect] C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" mRun: [{9ABA99F9-A8FE-7E89-8E99-AE8b85E9AE9B}] "C:\Program Files (x86)\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\Cricket Broadband Connect\mphonetools.exe" /OnPlug=%s mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRun: [searchProtect] \SearchProtect\bin\cltmng.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\3496479702F6660254577656E656D26427565602055726C696360275966496 : DHCPNameServer = 68.87.69.146 68.87.85.98 TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\5636F6E6F6D697 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{CB94DC95-4A00-4DDC-B168-87BB42B090A9}\C696E6B6379737 : DHCPNameServer = 192.168.0.1 205.171.3.25 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2009-6-24 482384] R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-5 138272] R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616] R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [2013-5-18 132056] R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-12-19 126392] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-19 2656280] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120207.003\BHDrvx64.sys [2012-2-7 1157240] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-5 167072] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-12-19 9216] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120208.002\IDSviA64.sys [2012-2-8 488568] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-2-9 77424] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600] R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-12-19 38096] R3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2012-3-3 15360] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-12-19 1109096] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-2-5 451192] R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-2-5 1129120] R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-2-5 190072] R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-2-5 405624] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-12-19 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-18 138912] S3 FlyUsb;FLY Fusion;C:\windows\System32\drivers\FlyUsb.sys [2012-9-28 24576] S3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;C:\windows\System32\drivers\PTUMWBus.sys [2012-9-4 71056] S3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;C:\windows\System32\drivers\PTUMWCDF.sys [2012-9-4 24976] S3 PTUMWFLT;PTUMWNET Filter Driver;C:\windows\System32\drivers\PTUMWFLT.sys [2012-9-4 12688] S3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;C:\windows\System32\drivers\PTUMWMdm.sys [2012-9-4 173456] S3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;C:\windows\System32\drivers\PTUMWNET.sys [2012-9-4 144912] S3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;C:\windows\System32\drivers\PTUMWVsp.sys [2012-9-4 173456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-12-19 243712] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-9-6 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-08-11 20:15:16 941720 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8B3DE2CA-9114-46A0-A46B-6D6114C7A7EC}\gapaengine.dll 2013-08-11 20:15:09 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D66F557-F620-4730-8931-EE5DC8F8ED05}\mpengine.dll 2013-08-11 19:25:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-08-11 19:25:10 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-08-11 07:47:11 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{528623DF-E7A3-4B52-9D7B-8FC75B829110}\mpengine.dll 2013-08-11 07:43:03 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter 2013-08-11 05:56:18 -------- d-----w- C:\Users\Hollie\AppData\Roaming\SpeedyPC Software 2013-08-11 05:56:18 -------- d-----w- C:\Users\Hollie\AppData\Roaming\DriverCure 2013-08-11 05:55:11 -------- d-----w- C:\ProgramData\SpeedyPC Software 2013-07-28 00:57:47 -------- d-----w- C:\Users\Hollie\AppData\Local\{4A7D55CE-C3C9-4271-B405-BAF5A8CF98CC} 2013-07-19 20:21:39 -------- d-----w- C:\Users\Hollie\AppData\Local\{A1C89FA0-C2BB-41C9-A67A-9FBE209DDACC} 2013-07-15 22:37:41 -------- d-----w- C:\Users\Hollie\AppData\Local\{0C4F35FE-2356-4545-A1A9-1A6C2634A703} . ==================== Find3M ==================== . 2013-06-19 04:50:08 247216 ----a-w- C:\windows\System32\drivers\MpFilter.sys 2013-06-19 04:50:08 139616 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys 2013-06-12 04:33:27 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-12 04:33:27 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-06-11 23:43:37 1767936 ----a-w- C:\windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-06-05 03:34:27 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\windows\SysWow64\qedit.dll . ============= FINISH: 14:24:16.95 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/8/2012 8:41:02 PM System Uptime: 8/11/2013 12:41:07 AM (14 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU | 1496/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 531.505 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP76: 7/30/2013 6:55:37 AM - Windows Update RP77: 8/2/2013 10:46:28 AM - Windows Update RP78: 8/6/2013 6:51:19 PM - Windows Update RP79: 8/10/2013 10:25:36 AM - Removed Cricket Broadband Connect RP80: 8/10/2013 10:30:35 AM - Removed Java 7 Update 21 RP81: 8/10/2013 10:31:22 AM - Removed Java 6 Update 25 RP82: 8/10/2013 10:35:57 AM - Removed Microsoft Silverlight RP83: 8/11/2013 12:33:41 AM - Restore Operation RP84: 8/11/2013 12:46:25 AM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.6) MUI Amazon Links Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Bonjour Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon MG2100 series MP Drivers Canon MG2100 series On-screen Manual Canon MG2100 series User Registration Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX Conexant HD Audio Cricket Broadband Connect D3DX10 Google Chrome Google Drive Google Toolbar for Internet Explorer Google Update Helper Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology iTunes Java 7 Update 21 Java Auto Updater Java 6 Update 25 Junk Mail filter update Label@Once 1.0 LeapFrog Connect LeapFrog Tag Junior Plugin Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mobile PhoneTools MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nikon Message Center 2 Norton Internet Security Norton PC Checkup Pando PANTECH USB Modem V2 PdaNet for Android 3.25 Picasa 3 Picture Control Utility PlayReady PC Runtime amd64 PlayReady PC Runtime x86 QuickTime Realtek USB 2.0 Card Reader Realtek WLAN Driver RunRev LiveCode Player Browser Plugin Scratch Search Protect by conduit Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Stellar Phoenix Photo Recovery Synaptics Pointing Device Driver Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBARegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) ViewNX 2 Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 8/11/2013 7:49:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: HollieandMattpc\Hollie Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HollieandMattpc\Hollie Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/11/2013 1:02:43 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HollieandMattpc\Hollie Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 8/11/2013 1:02:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates. 8/11/2013 1:02:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates. . ==== End Of File ===========================
  8. Holliebaker1988
    thank you so much I will go and try the instructions now.
  9. Holliebaker1988
    Hello I am desperate and I am happy I found this forum. So my Internet has been running very slowly yesterday my computer however is not. I decided to run a system scan with malwarebytes. I am wondering if I should click remove all or will this corrupt my computer somehow. I obviously am not hugely computer savvy and help will be appreciated including how I maybe got this and ways to prevent it in the future thank you in advance. this is the log I have not removed the malaware yet w.malwarebytes.org Database version: v2013.08.11.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Hollie :: HOLLIEANDMATTPC [administrator] 8/11/2013 10:34:52 AM MBAM-log-2013-08-11 (11-34-46).txt Scan type: Full scan (C:\|D:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 373732 Time elapsed: 54 minute(s), 37 second(s) Memory Processes Detected: 2 C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 1488 -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 3256 -> No action taken. Memory Modules Detected: 7 C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. Registry Keys Detected: 2 HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken. Registry Values Detected: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 19 C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken. Files Detected: 72 C:\Users\Matt\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
  10. Holliebaker1988
    Hello I am desperate and I am happy I found this forum. So my Internet has been running very slowly yesterday my computer however is not. I decided to run a system scan with malwarebytes. I am wondering if I should click remove all or will this corrupt my computer somehow. I obviously am not hugely computer savvy and help will be appreciated including how I maybe got this and ways to prevent it in the future thank you in advance. this is the log I have not removed the malaware yet w.malwarebytes.org Database version: v2013.08.11.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Hollie :: HOLLIEANDMATTPC [administrator] 8/11/2013 10:34:52 AM MBAM-log-2013-08-11 (11-34-46).txt Scan type: Full scan (C:\|D:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 373732 Time elapsed: 54 minute(s), 37 second(s) Memory Processes Detected: 2 C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 1488 -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 3256 -> No action taken. Memory Modules Detected: 7 C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. Registry Keys Detected: 2 HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken. Registry Values Detected: 2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 19 C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken. Files Detected: 72 C:\Users\Matt\AppData\Local\Temp\SecondStepInstaller.exe (PUP.Optional.Conduit) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Hollie\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken. C:\Users\Matt\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.