-
Posts
23 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by Jojoba
-
Hi Borislav I have carried out the steps you listed. I was wondering if it is necessary to delete these other programmes? Or do i need to run them on ad-hoc basis? RocketLife TFC ATF-Cleaner HitmanPro JRT HiJackThis NTREGOPT CCleaner Thanks
-
Hi Thanks for your help. Have successfully installed AVG the free version and run the scan. Is there anything further to assist with computer?
-
Also when Avira was being installed, the Setup page showed that Malwarebytes Anti-Malware and SUPERAntiSpyware Free Edition required to be manually uninstalled so I cancelled the Avira antivirus setup.
-
Hi Borislav When i turned on the computer after uninstalling Avast to install either Avira or AVG in your last post, I had opened up Chrome and Firefox and both of them started to lag. the windows would show 'Not responding' on and off and the browser window would disappear and reappear again, with the keystroke response slow and lagging - sometimes the whole page would freeze with the keystroke letters not appearing after typing on the keyboard. Not sure what is causing it to jam up as i didn't use the computer after uninstalling Avast. Hope you can help. thanks for your time
-
Hello Avast has been fully uninstalled and after rebooting the computer is loading much faster and the problems with the windows, etc are gone. What antivirus (preferrably free) is good to be used? My laptop is not lagging anymore
-
Hi Another thing has also been happening, when the browsers are loading the webpage the whole browser window disappears for a second and then reappears. it does this a few times with the mouse showing it is busy. this also happens when i open the control panel window, or system folders. Thanks
-
Hi Borislav Yes, I have tried other browsers, IE, Firefox and Chrome and they have the same problems such as lag in loading icons on webpage, slow registering of my key strokes when typing texts in search boxes, lag in scrolling down web page. I have 8GB RAM but on the task manager it keeps showing 2GB of RAM being used while CPU usage is only 1-2%. For your Benchmark Question: I am not referring to the Windows Experience Index, but the Benchmark software like SisoftSandra. Is there any way to find out if the laptop is functioning okay or is there still something causing the slowness after deletion of temp files, etc as your earlier instructions? Thanks
-
Hi I managed to run all the steps on the webpage 'Slow PC? - Start Here' even the disk defragmentation programme in my last post managed to run fully. My computer is lagging in ways, for example, When i am typing in this post, there was a few seconds pause before the letterings appeared.When I click on the Windows start button, it freezes for a few seconds before the Start menu appears.When I was running the Malwarebytes Anti-Malware quick scan, it froze (Not responding), then when i turned off the Avast anti-virus for 10 minutes, the Malwarebytes Window resumed scanning and completed the quick scan.Is there any way like a Benchmark to test the performance of my laptop or way to figure out what is causing the lag of the system? Thanks for your help
-
Hi Borislav I am currently at Step 4: Defrag your Hard Drive and run CHKDSK The file is currently running as Administrator, but after the step: Save the file to your desktop and double click it to run it if running Windows XP. If running Windows Vista orWindows 7 you must right-click on the file and choose Run as administratorThere is no further instructions. I would like to ask if the Command window should be left alone? Will the Command window close automatically or do I have to close it? This is what I currently see: C:\Windows\system32>defrag "C:" Microsoft Disk Defragmenter Copyright <c> 2007 Microsoft Corp. Invoking defragmentation on <C:>... Pre-Defragmentation Report: Volume Information: Volume size: 682.74 GB Free space: 526.41 GB Total fragmented spate: 1% Largest free space size: 177.64GB Note: File fragments larger than 64MB are not included in the fragmentation statistics.
-
Hi The computer is running less slow, but is still taking a few seconds longer than normal to open browsers for instance. I wanted to ask if it is normal for Kaspersky Lab programme to start the moment the computer starts up? Whenever the laptop has fully started up, 2-3 windows of the 'User Account Control - Kaspersky Lab' programme appears including the mini dos black windows: _uninst_48084271 _uninst_77189604 _uninst_ I was wondering if that is normal? Thanks Jo
-
Hi Borislav The Scan ran 100% in the 'Safe mode with Networking' but there were no threats found. there were some '!' next to some items in the Automatic Scan Report. Please let me know of any further instructions. Thank you
-
Sorry, also for the first and second tries to scan, only 1 'User Account Control' window popped up asking for permission to run the Kaspersky Lab programme. But for the 3rd and 4th try, two of the same windows opened instead.
-
Hi Borislav I tried Kaspersky Virus scan as you advised but the first time it froze at 1% of the Scan, 2nd time it froze again at 1%. Both times Avast! the Antivirus was turned off. On the 3rd and 4th try to scan, it froze at 1% when at the file ending with: ...applemobiledevicesupporter64.msi/installer Also, for all the scan tries, when i tried to close the Kaspersky Scan and shut down the computer, the Scan window would close/freeze up, and the whole windows interface and icons all were inactive. the mouse was the last to freeze up. For all instances I had to force shut down the system. But when the laptop was restarted, the interface 'Windows is configuring' and the DOS screen would show up saying, 'File in System is Fat' and refer to the file FAT32. Then it would scan and say that there is no problem with the file. I am sorry if my reply doesn't make sense I did not have sufficient time to note down the messages stated when the computer started up.
-
Hi Borislav The 3 reports as you requested are below RogueKiller: RogueKiller V8.7.1 [Oct 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Ana [Admin rights]Mode : Scan -- Date : 10/09/2013 22:46:26| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[V2][sUSP PATH] Ana : C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe - "C:\Users\Ana\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Ana.nji" [7][-] -> FOUND[V2][sUSP PATH] Ana Merge : "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe" - "C:\Users\Ana\AppData\Roaming\Seagate\Seagate Dashboard 2.0\Files\Ana Merge.nji" [7][-] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 dl.ividi.org # hosts anti-adware / pups127.0.0.1 08sr.combineads.info # hosts anti-adware / pups127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups127.0.0.1 2010-fr.com # hosts anti-adware / pups127.0.0.1 2012-new.biz # hosts anti-adware / pups127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups127.0.0.1 24h00business.com # hosts anti-adware / pups127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups127.0.0.1 ad.adn360.com # hosts anti-adware / pups127.0.0.1 adeartss.eu # hosts anti-adware / pups127.0.0.1 adesoeasy.eu # hosts anti-adware / pups127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups127.0.0.1 adm.soft365.com # hosts anti-adware / pups127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups127.0.0.1 ads.aff.co # hosts anti-adware / pups127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups127.0.0.1 ads.eorezo.com # hosts anti-adware / pups[...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - TOSHIBA MK7559GSXP +++++--- User ---[MBR] b5c66c3cf8b6cd85ce4b86703930edd1[bSP] df545affe349145c351570f58d9fb494 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 699129 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1432225792 | Size: 15972 Mo3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MoUser = LL1 ... OK!User != LL2 ... KO!--- LL2 ---[MBR] 07292ac3150e4ee35024df84ac8cf0e7[bSP] df545affe349145c351570f58d9fb494 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo Finished : << RKreport[0]_S_10092013_224626.txt >> AdwCleaner: # AdwCleaner v3.007 - Report created 09/10/2013 at 22:30:15# Updated 09/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Ana - ANA-HP# Running from : C:\Users\Ana\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Users\Ana\AppData\Local\Temp\lucky leapFolder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16506 -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\g1bifxzn.default-1381130164766\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [5395 octets] - [07/10/2013 15:32:07]AdwCleaner[R1].txt - [2839 octets] - [09/10/2013 22:28:25]AdwCleaner[s0].txt - [2733 octets] - [09/10/2013 22:30:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2793 octets] ########## Junkware Removal Tool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.1.1 (07.15.2013:2)OS: Windows 7 Home Premium x64Ran by Ana on Wed 09/10/2013 at 22:11:29.08~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Failed to stop: [service] hshld Failed to stop: [service] hsswd ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 09/10/2013 at 22:17:33.64End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks for your help and time Jo
-
Hi Borislav Before your latest reply, the ESET Scan managed to run successfully (I just let the scan run again today and just checked the scan results). The ESET Scan log is below: C:\Users\Ana\Downloads\Afreecodec_downloader_For_Adobe_Macromedia_Flash_Player.exe a variant of Win32/BSDownloader application cleaned by deleting - quarantined C:\Users\Ana\Downloads\cbsidlm-cbsi134-Wise_Disk_Cleaner-ORG-10613345.exe probably a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantinedC:\Users\Ana\Downloads\DM-338.exe Win32/HotSpotShield application cleaned by deleting - quarantinedC:\Users\Ana\Downloads\YouTubeDownloaderSetup34.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined I did not do anything else after the scan was completed. Thanks for your help. I am just relieved that after disabling the avast security and running ESETScan this round it managed to work.
-
Hi Borislav As mentioned in the last reply, I did try to use the scan again but it jammed up again at the 21% scan process. The mouse was still usable but the rest of the icons, etc were not active. I was not able to bring up the Task Manager, so I had to press the Power button to force shut down the laptop. Hope you can further assist. Thanks
-
Sorry, I am currently running it now again to see if it progresses beyond the 21% mark
-
Hi Borislav Just wanted to mention that I have successfully installed the ESET Online Scanner, but even with the conditions ticked (eg: advanced settings) as you mentioned, the Computer scan stops around 21% and jams up - the total scan time keeps running but the Target bar and Files Scanned bar stopped. I have run this scan twice but it seems to jam up at that point. Cheers, Jo
-
Good day, Have followed instructions provided by Borislav and posted the dss and attach.txt logs in my reply. At the moment the laptop is still lagging. Hope to receive further assistance Thank you again for your time and help! Jo
-
Hi Borislav The logs for dds,txt and attach.txt are below. dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 10.7.2Run by Ana at 16:51:48 on 2013-10-07Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.8140.5329 [GMT 8:00].AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\atieclxx.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\WLANExt.exeC:\Program Files\AVAST Software\Avast\afwServ.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\HP SimplePass 2011\TouchControl.exeC:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\taskeng.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exeC:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exeC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exeC:\Program Files\Soluto\SolutoLauncherService.exeC:\Program Files\Soluto\SolutoService.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\System32\rundll32.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Soluto\Soluto.exeC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exeC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exeC:\Windows\Explorer.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Windows\system32\msiexec.exeC:\Windows\SysWOW64\MsiExec.exeC:\Windows\syswow64\MsiExec.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreserveBHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dlluRun: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exemRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStartmRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204TCP: NameServer = 192.168.1.254TCP: Interfaces\{111687E7-A387-4BCC-90B4-B8FE04BD22CE} : DHCPNameServer = 192.168.1.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dllx64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Trayx64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [soluto] c:\program files\soluto\soluto.exe /initx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\g1bifxzn.default-1381130164766\FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dllFF - plugin: C:\ProgramData\Visan\Reseller2\npRLViewer.dllFF - plugin: C:\Users\Ana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dllFF - plugin: C:\Users\Ana\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2013-10-5 12368]R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2013-10-5 270824]R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-5 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-10-5 204880]R0 Soluto;Soluto;C:\Windows\System32\drivers\Soluto.sys [2011-12-3 54728]R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2013-10-5 131232]R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-10-5 22600]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-5 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-10-5 378944]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-3 279616]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-2-13 42184]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-24 143120]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-5 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-8-17 203776]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-31 1166848]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-10-5 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-5 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-5 46808]R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-10-5 137960]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-10 26680]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-2-13 536360]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-2-13 389928]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-17 13592]R2 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-3-7 16000]R2 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-2-3 183264]R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-2-3 552928]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-17 2656280]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-29 31088]R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-16 1071160]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-17 317440]R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-8-17 12273408]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-1-3 91648]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-1-3 208896]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-17 338536]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-17 428136]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-2-13 42184]R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-17 42392]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-8-8 299008]S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]S3 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/05 00:54:31;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-21 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2011-12-3 114560]S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]S3 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-5 2413056]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-18 237008]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]S3 shiftfilter;USB Mass Storage Filter Driver;C:\Windows\System32\drivers\shiftfilter.sys [2013-5-16 8192]S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-2-3 1239552]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-1 1255736]S3 Yepusbat;YEP USB AT Device;C:\Windows\System32\drivers\Yepusbat.sys [2013-5-16 123776]S3 Yepusbdiag;YEP USB DIAG Device;C:\Windows\System32\drivers\Yepusbdiag.sys [2013-5-16 123776]S3 Yepusbmodem;YEP USB Modem Device;C:\Windows\System32\drivers\Yepusbmodem.sys [2013-5-16 123776]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2013-10-07 07:41:01 -------- d-----w- C:\Windows\ERUNT2013-10-07 07:34:29 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs2013-10-07 07:31:51 -------- d-----w- C:\AdwCleaner2013-10-04 23:02:15 -------- d-----w- C:\8a1103517aef11da7bd4652013-10-04 22:22:39 -------- d-sh--w- C:\$RECYCLE.BIN2013-10-04 21:26:20 98816 ----a-w- C:\Windows\sed.exe2013-10-04 21:26:20 256000 ----a-w- C:\Windows\PEV.exe2013-10-04 21:26:20 208896 ----a-w- C:\Windows\MBR.exe2013-10-04 21:25:10 -------- d-----w- C:\ComboFix2013-10-04 20:18:28 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-10-04 20:18:28 270824 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys2013-10-04 20:18:28 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys2013-10-04 20:18:15 22600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys2013-10-04 20:18:14 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-10-04 20:18:14 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-10-04 20:18:01 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-10-04 20:17:53 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-10-04 20:16:59 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys2013-10-03 20:03:41 -------- d-----w- C:\Windows\pss2013-10-03 18:17:40 388096 ----a-r- C:\Users\Ana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2013-10-03 18:17:37 -------- d-----w- C:\Program Files (x86)\Trend Micro2013-10-03 16:31:24 -------- d-----w- C:\Users\Ana\AppData\Roaming\Wise Disk Cleaner2013-10-03 12:59:06 -------- d-----w- C:\Users\Ana\AppData\Roaming\SUPERAntiSpyware.com2013-10-03 12:58:50 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com2013-10-03 12:58:50 -------- d-----w- C:\Program Files\SUPERAntiSpyware2013-10-03 12:45:22 -------- d-----w- C:\Program Files (x86)\Wise2013-10-03 12:45:10 -------- d-----w- C:\Program Files (x86)\MyPC Backup2013-10-03 12:42:24 -------- d-----w- C:\Program Files\CCleaner2013-09-27 13:47:34 -------- d-----w- C:\wamp2013-09-22 06:22:16 -------- d-----w- C:\Users\Ana\AppData\Roaming\Ludia2013-09-22 06:22:16 -------- d-----w- C:\ProgramData\Ludia2013-09-22 05:56:59 238088 ----a-w- C:\Windows\SysWow64\xactengine3_1.dll2013-09-19 13:44:45 -------- d-----w- C:\Program Files (x86)\The Adventure Company2013-09-12 02:27:17 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-09-12 02:26:22 3155456 ----a-w- C:\Windows\System32\win32k.sys.==================== Find3M ====================.2013-09-12 14:03:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-09-12 14:03:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-07-31 13:29:19 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-07-31 13:19:03 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-07-31 13:18:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-07-31 13:14:29 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-07-31 13:13:07 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-07-31 13:08:44 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-31 10:00:20 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-31 09:52:44 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-31 09:52:34 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-07-31 09:48:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-07-31 09:48:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-07-31 09:45:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll.============= FINISH: 16:55:32.97 =============== attach.txt.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 27/11/2011 12:54:32 PMSystem Uptime: 7/10/2013 4:10:20 PM (0 hours ago).Motherboard: Hewlett-Packard | | 1657Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 1980/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 683 GiB total, 531.281 GiB free.D: is FIXED (NTFS) - 16 GiB total, 1.697 GiB free.E: is CDROM ()F: is FIXED (FAT32) - 0 GiB total, 0.083 GiB free.H: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP152: 1/10/2013 1:57:57 PM - Scheduled CheckpointRP153: 3/10/2013 9:09:33 PM - Revo Uninstaller's restore point - Java 6 Update 29RP154: 3/10/2013 9:10:56 PM - Removed Java 6 Update 29RP155: 4/10/2013 2:16:35 AM - Installed HiJackThisRP156: 5/10/2013 1:04:59 AM - avast! Free Antivirus SetupRP157: 5/10/2013 4:12:22 AM - avast! Internet Security SetupRP158: 5/10/2013 7:01:24 AM - Windows UpdateRP159: 5/10/2013 6:34:54 PM - Created by Wise Disk CleanerRP160: 5/10/2013 10:39:15 PM - Windows UpdateRP161: 7/10/2013 4:34:05 PM - Revo Uninstaller's restore point - YTD Toolbar v7.6RP162: 7/10/2013 4:36:13 PM - Revo Uninstaller's restore point - YTD Video Downloader 4.0RP163: 7/10/2013 4:38:17 PM - Revo Uninstaller's restore point - BlackBerry Desktop Software 6.1.==== Installed Programs ======================.??????? Windows Live Mesh ActiveX ??(????)7-Zip 9.20Adobe Flash Player 11 PluginAdobe Reader XI (11.0.04)Adobe Shockwave Player 11.5Agatha Christie - Peril at End HouseAgatha Christie: 4:50 from PaddingtonApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAuthenTec TrueAPIavast! Internet SecurityBejeweled 2 DeluxeBejeweled 3Big Fish: Game ManagerBlackBerry Device Software UpdaterBlackhawk Striker 2Blasterball 3BonjourBounce SymphonyBox Sync (64 bit)BroadBand on MobileBuild-a-lot 2Cake ManiaCake Mania: Lights, Camera, Action!Catalyst Control CenterCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization AllCatalyst Control Center Profiles Mobileccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerChuzzle DeluxeCyberLink PowerDVDCyberLink YouCamD3DX10DAEMON Tools LiteDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDiner Dash - Flo on the GoDiner Dash 2 Restaurant RescueDinerTown Detective AgencyDora's World AdventureDream Day AnniversaryDrivers DropboxEnergy Star Digital LogoESU for Microsoft Windows 7Evernote v. 4.2.2Everything 1.2.1.371Facebook Video Calling 1.2.0.287Farm FrenzyFATE - The Traitor SoulFinal Drive NitroFitness DashGardenscapesGoogle ChromeHewlett-Packard ACLM.NET v1.2.1.1HiJackThisHotspot Shield 2.87HP 3D DriveGuardHP AutoHP Client ServicesHP Connection ManagerHP Customer Experience EnhancementsHP DocumentationHP GamesHP On Screen DisplayHP Power ManagerHP Quick LaunchHP SetupHP Setup ManagerHP SimplePass 2011HP Software FrameworkHP Support AssistantIDT AudioImgBurnIntel PROSet WirelessIntel® Control CenterIntel® Display Audio DriverIntel® Management Engine ComponentsIntel® PROSet/Wireless Software for Bluetooth® TechnologyIntel® PROSet/Wireless WiFi SoftwareIntel® Rapid Storage TechnologyIntel® Wireless DisplayiTunesJava 7 Update 7Java Auto UpdaterJava 6 Update 24 (64-bit)Junk Mail filter updateMah Jong MedleyMakeMKV v1.8.4Malwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMesh RuntimeMessenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Home and Student 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64Mystery P.I. - Stolen in San FranciscoNamco All-Stars PAC-MANPenguins!Plants vs. Zombies - Game of the YearPoker Superstars IIIPolar BowlerPolar GolferPX Profile UpdateR for Windows 2.15.2Realtek Ethernet Controller DriverRealtek PCIE Card ReaderRecovery ManagerRenesas Electronics USB 3.0 Host Controller DriverRestaurant EmpireRevo Uninstaller 1.95RocketLifeSallys SpaSeagate Dashboard 2.0Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSecurity Update for Microsoft Word 2010 (KB2760769) 32-Bit EditionSkype™ 5.10Slingo SupremeSolutoStickies 7.1bSUPERAntiSpywareSynaptics TouchPad DriverThe Sims™ 2 Double DeluxeTyping Instructor PlatinumUpdate for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553157) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589370) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760758) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate Installer for WildTangent Games AppValidity WBF DDKVirtual Villagers 4 - The Tree of LifeVLC media player 1.1.11WampServer 2.4WildTangent Games App (HP Games)Windows Live ???Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWise Disk Cleaner 7.94Zuma Deluxe.==== Event Viewer Messages From Past Week ========.7/10/2013 4:12:33 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.7/10/2013 4:12:33 PM, Error: Service Control Manager [7000] - The HOSTS Anti-PUPs service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/10/2013 4:11:57 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.7/10/2013 4:11:57 PM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File ===========================
-
Hi Borislav Thank you for your reply and assistance! I will stop using the WiseDisc cleaner as you advised. Will reply with the logs after following your instructions on Monday (due to a family matter tomorrow). Thanks, Jo
-
* I have also used Malwarebytes Anti-Malware (the latest updated version) to clear quite an amount of Malware on the system as well. Sorry, forgot to mention that.
-
Hi Two days ago, my Windows 7 HP laptop took really long to start up and all activity on the the laptop including moving the mouse to click on icons or loading pages froze. I had not downloaded any new software over the last few days. I had not done a virus check for a couple of months (I know better now), but after using CCleaner, Superantispyware and WiseDisc Cleaner, the computer seems to be 'better' in general. Yesterday I noticed that a new 'Search Here' box appeared in the tool bar of the IE, Firefox and Chrome browsers, with all default 'start' webpages in the browsers changed as well. I have downloaded HiJackThis and done a log for it (from advice of a previous query) and a Combofix Log that was just done less than an hour ago. Both are included below. Hope someone can assist with guiding my laptop back to health. Thanks for your time and help Jo ComboFix 13-10-04.02 - Ana 05/10/2013 5:31.1.8 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.8140.5932 [GMT 8:00]Running from: c:\users\Ana\Downloads\ComboFix.exeAV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\Roaming..((((((((((((((((((((((((( Files Created from 2013-09-04 to 2013-10-04 )))))))))))))))))))))))))))))))..2013-10-04 22:07 . 2013-10-04 22:07 -------- d-----w- c:\users\Default\AppData\Local\temp2013-10-04 20:21 . 2013-08-30 07:48 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-10-04 20:21 . 2013-08-30 07:48 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-10-04 20:18 . 2013-08-30 07:48 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-10-04 20:18 . 2013-08-30 07:48 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-10-04 20:18 . 2013-08-30 07:48 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys2013-10-04 20:18 . 2013-08-30 07:48 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys2013-10-04 20:18 . 2013-08-30 07:48 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys2013-10-04 20:18 . 2013-08-30 07:48 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-10-04 20:18 . 2013-08-30 07:48 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-10-04 20:18 . 2013-08-30 07:48 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-10-04 20:17 . 2013-08-30 07:48 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-10-04 20:17 . 2013-08-30 07:47 287840 ----a-w- c:\windows\system32\aswBoot.exe2013-10-04 20:16 . 2013-07-17 09:17 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys2013-10-03 18:17 . 2013-10-03 18:17 388096 ----a-r- c:\users\Ana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2013-10-03 18:17 . 2013-10-03 18:17 -------- d-----w- c:\program files (x86)\Trend Micro2013-10-03 16:31 . 2013-10-03 17:59 -------- d-----w- c:\users\Ana\AppData\Roaming\Wise Disk Cleaner2013-10-03 12:59 . 2013-10-03 12:59 -------- d-----w- c:\users\Ana\AppData\Roaming\SUPERAntiSpyware.com2013-10-03 12:58 . 2013-10-03 12:59 -------- d-----w- c:\program files\SUPERAntiSpyware2013-10-03 12:58 . 2013-10-03 12:58 -------- d-----w- c:\programdata\SUPERAntiSpyware.com2013-10-03 12:45 . 2013-10-03 12:45 -------- d-----w- c:\program files (x86)\Wise2013-10-03 12:45 . 2013-10-03 16:24 -------- d-----w- c:\users\Ana\AppData\Roaming\DefaultTab2013-10-03 12:45 . 2013-10-03 12:52 -------- d-----w- c:\program files (x86)\MyPC Backup2013-10-03 12:42 . 2013-10-03 12:42 -------- d-----w- c:\program files\CCleaner2013-09-27 13:47 . 2013-09-27 16:56 -------- d-----w- C:\wamp2013-09-22 06:22 . 2013-10-04 16:50 -------- d-----w- c:\users\Ana\AppData\Roaming\Ludia2013-09-22 06:22 . 2013-09-22 06:22 -------- d-----w- c:\programdata\Ludia2013-09-22 05:56 . 2008-05-30 06:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll2013-09-22 05:55 . 2005-03-18 09:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll2013-09-22 05:55 . 2005-02-05 11:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll2013-09-19 13:44 . 2013-09-19 13:44 -------- d-----w- c:\program files (x86)\The Adventure Company2013-09-12 02:26 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys2013-09-12 02:26 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll2013-09-12 02:26 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll2013-09-05 11:07 . 2013-09-05 11:07 -------- d-----w- c:\program files (x86)\YTD Toolbar2013-09-05 11:07 . 2013-09-05 11:07 -------- d-----w- c:\program files (x86)\Common Files\Spigot2013-09-05 11:07 . 2013-09-05 11:07 -------- d-----w- c:\program files (x86)\Application Updater...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-09-12 14:03 . 2012-05-02 03:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-09-12 14:03 . 2011-11-28 05:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-30 07:47 . 2011-12-01 11:13 41664 ----a-w- c:\windows\avastSS.scr2013-08-02 01:48 . 2013-09-12 02:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll2013-07-25 09:25 . 2013-08-16 10:22 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-07-25 08:57 . 2013-08-16 10:22 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58 . 2013-08-16 10:23 2048 ----a-w- c:\windows\system32\tzres.dll2013-07-19 01:41 . 2013-08-16 10:23 2048 ----a-w- c:\windows\SysWow64\tzres.dll2013-07-09 05:52 . 2013-08-16 10:23 224256 ----a-w- c:\windows\system32\wintrust.dll2013-07-09 05:51 . 2013-08-16 10:23 1217024 ----a-w- c:\windows\system32\rpcrt4.dll2013-07-09 05:46 . 2013-08-16 10:23 1472512 ----a-w- c:\windows\system32\crypt32.dll2013-07-09 05:46 . 2013-08-16 10:23 184320 ----a-w- c:\windows\system32\cryptsvc.dll2013-07-09 05:46 . 2013-08-16 10:23 139776 ----a-w- c:\windows\system32\cryptnet.dll2013-07-09 04:52 . 2013-08-16 10:23 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll2013-07-09 04:52 . 2013-08-16 10:23 175104 ----a-w- c:\windows\SysWow64\wintrust.dll2013-07-09 04:46 . 2013-08-16 10:23 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll2013-07-09 04:46 . 2013-08-16 10:23 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll2013-07-09 04:46 . 2013-08-16 10:23 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]2013-09-02 05:03 1357120 ----a-w- c:\program files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{F3FEE66E-E034-436a-86E4-9690573BEE8A}"= "c:\program files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dll" [2013-09-02 1357120].[HKEY_CLASSES_ROOT\clsid\{f3fee66e-e034-436a-86e4-9690573bee8a}].[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Uploader"="c:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" [2013-03-07 122984]"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-10-02 6588144].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-15 336384]"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]"DBAgent"="c:\program files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" [2013-03-07 1517640]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0 (0x0)"EnableLinkedConnections"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer1"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]@="Service".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]R3 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/05 00:54;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [x]R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]R3 shiftfilter;USB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\shiftfilter.sys;c:\windows\SYSNATIVE\DRIVERS\shiftfilter.sys [x]R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe;c:\program files\Soluto\SolutoRemoteService.exe [x]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 Yepusbat;YEP USB AT Device;c:\windows\system32\DRIVERS\Yepusbat.sys;c:\windows\SYSNATIVE\DRIVERS\Yepusbat.sys [x]R3 Yepusbdiag;YEP USB DIAG Device;c:\windows\system32\DRIVERS\Yepusbdiag.sys;c:\windows\SYSNATIVE\DRIVERS\Yepusbdiag.sys [x]R3 Yepusbmodem;YEP USB Modem Device;c:\windows\system32\DRIVERS\Yepusbmodem.sys;c:\windows\SYSNATIVE\DRIVERS\Yepusbmodem.sys [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]S1 aswFW;avast! TDI Firewall Driver; [x]S1 aswKbd;aswKbd; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [x]S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]S2 Seagate Dashboard Services;Seagate Dashboard Services;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [x]S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]S3 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - ASWFW*NewlyCreated* - ASWRVRT*NewlyCreated* - ASWSNX*Deregistered* - CLKMDRV10_38F51D56.Contents of the 'Scheduled Tasks' folder.2013-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-02 14:03].2013-10-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2712105771-2692381365-4259280539-1000Core.job- c:\users\Ana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-11 12:38].2013-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2712105771-2692381365-4259280539-1000UA.job- c:\users\Ana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-11 12:38].2013-10-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2712105771-2692381365-4259280539-1000Core.job- c:\users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-27 14:10].2013-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2712105771-2692381365-4259280539-1000UA.job- c:\users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-27 14:10].2013-09-27 c:\windows\Tasks\HPCeeScheduleForANA-HP$.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15].2013-10-02 c:\windows\Tasks\HPCeeScheduleForAna.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15].2013-10-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5675b345-a606-4ed7-b44c-150b188cc932.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21].2013-10-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task e9cfb8c4-5873-42ce-aa53-c6c6557a0046.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]2013-02-12 19:39 287048 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Ana\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-10-18 10357008]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-04 1128448]"Soluto"="c:\program files\soluto\soluto.exe" [2013-02-03 1229280].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105TCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\vtch7j8v.default\FF - prefs.js: browser.search.selectedEngine - YahooFF - ExtSQL: 2013-09-04 23:40; {badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}; c:\users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\vtch7j8v.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}FF - ExtSQL: 2013-09-28 01:02; firebug@software.joehewitt.com; c:\users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\vtch7j8v.default\extensions\firebug@software.joehewitt.com.xpiFF - ExtSQL: 2013-09-28 01:05; {a7c6cf7f-112c-4500-a7ea-39801a327e5f}; c:\users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\vtch7j8v.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpiFF - user.js: extentions.y2layers.installId - 9defc6bf-fd9f-4b1d-b040-08c2fe848e76FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffersFF - user.js: extensions.autoDisableScopes - 14FF - user.js: browser.startup.page - 1FF - user.js: browser.newtab.url - .- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKLM-Run-<NO NAME> - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeAddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exeAddRemove-BFG-Cake Mania - Lights, Camera, Action - c:\program files (x86)\Cake Mania - LightsAddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-10-05 06:22:28ComboFix-quarantined-files.txt 2013-10-04 22:22.Pre-Run: 568,012,066,816 bytes freePost-Run: 567,438,434,304 bytes free.- - End Of File - - 5F6164285BCCE2B613FB61DB71DA85EF HiJackThis Log File Logfile of Trend Micro HijackThis v2.0.4Scan saved at 5:00:28 AM, on 5/10/2013Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v9.00 (9.00.8112.16506)Boot mode: Normal Running processes:C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exeC:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exeC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Program Files\AVAST Software\Avast\AvastBCL-Sfx.exeC:\Users\Ana\AppData\Local\Temp\7zSF4AA.tmp\BrowserCleanup.exeC:\Users\Ana\AppData\Local\Temp\7zSF4AA.tmp\BrowserCleanup.exeC:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exeC:\program files (x86)\stickies\stickies.exeC:\Windows\SysWOW64\msiexec.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Users\Ana\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files (x86)\Cyberlink\Shared files\brs.exeC:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.search.us.com/v/2/?guid={78039A98-8602-43AA-AC40-36DFD018ED8D}&serpv=5R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.search.us.com/v/2/?guid={78039A98-8602-43AA-AC40-36DFD018ED8D}&serpv=5R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/37R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL/37R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dllF2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllO2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dllO3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.6\ytdToolbarIE.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exeO4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeO4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStartO4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"O4 - HKCU\..\Run: [uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exeO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXEO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeO23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exeO23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeO23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exeO23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeO23 - Service: CyberLink Product - 2012/01/05 00:54:31 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeO23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exeO23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeO23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeO23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeO23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeO23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeO23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exeO23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exeO23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXEO23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exeO23 - Service: Soluto Remote Service (SolutoRemoteService) - Soluto - C:\Program Files\Soluto\SolutoRemoteService.exeO23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exeO23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exeO23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 17964 bytes