Jump to content

bevj3

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sorry about that. I ended up having my granddaughter over. Hubby took his computer to work with him. Just close this and thank you for all the help. I appreciate it.
  2. When i downloaded a bunch of other things came up to? # AdwCleaner v3.010 - Report created 29/10/2013 at 09:07:13 # Updated 20/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : deral - DERALJ # Running from : C:\Users\deral\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\711JRROH\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : CltMngSvc ***** [ Files / Folders ] ***** File Found : C:\END File Found : C:\Users\Public\Desktop\eBay.lnk File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser File Found : C:\Windows\System32\Tasks\LaunchApp File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser Folder Found C:\Program Files (x86)\Common Files\337 Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\KeyBar_1.8 Folder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\otshot Folder Found C:\Program Files (x86)\Searchprotect Folder Found C:\ProgramData\apn Folder Found C:\ProgramData\Babylon Folder Found C:\ProgramData\Conduit Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot Folder Found C:\ProgramData\VisualBee Folder Found C:\Searchprotect Folder Found C:\Users\deral\AppData\Local\Conduit Folder Found C:\Users\deral\AppData\Local\Temp\apn Folder Found C:\Users\deral\AppData\Local\Temp\WinZipper Folder Found C:\Users\deral\AppData\Local\visualbeeexe Folder Found C:\Users\deral\AppData\Local\Wajam Folder Found C:\Users\deral\AppData\LocalLow\Conduit Folder Found C:\Users\deral\AppData\LocalLow\KeyBar_1.8 Folder Found C:\Users\deral\AppData\LocalLow\PriceGong Folder Found C:\Users\deral\AppData\Roaming\337 Folder Found C:\Users\deral\AppData\Roaming\Searchprotect ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Alexa Internet Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\KeyBar_1.8 Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\smartbar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\distromatic Key Found : HKCU\Software\InstalledThirdPartyPrograms Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9ED31F84-C8B3-4926-B950-DFF74047FF79} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKCU\Software\SearchProtect Key Found : HKCU\Software\smartbar Key Found : HKCU\Software\visualbee Key Found : [x64] HKCU\Software\Alexa Internet Key Found : [x64] HKCU\Software\APN PIP Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\distromatic Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\SearchProtect Key Found : [x64] HKCU\Software\smartbar Key Found : [x64] HKCU\Software\visualbee Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B78662B-577F-4D86-82C1-3752D2A160E4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9ED31F84-C8B3-4926-B950-DFF74047FF79} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\driverscanner Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\speedupmypc Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282134 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3286042 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3287811 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3294791 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3309350 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Desksvc Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Found : HKLM\Software\KeyBar_1.8 Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2748B070-6E4D-46CB-B242-9B8DCAAECB62} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E68232EF-5BB0-4C72-8A36-547BC31F1F83} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ED31F84-C8B3-4926-B950-DFF74047FF79} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B78662B-577F-4D86-82C1-3752D2A160E4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Found : HKLM\Software\omigaplusSvc Key Found : HKLM\Software\SearchProtect Key Found : HKLM\Software\V9 Key Found : HKLM\Software\visualbee Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Found : [x64] HKLM\SOFTWARE\DomaIQ Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9ED31F84-C8B3-4926-B950-DFF74047FF79}] Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9ED31F84-C8B3-4926-B950-DFF74047FF79}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9ED31F84-C8B3-4926-B950-DFF74047FF79}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 ************************* AdwCleaner[R0].txt - [9414 octets] - [29/10/2013 09:07:13] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9474 octets] ##########
  3. RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : deral [Admin rights] Mode : Scan -- Date : 10/29/2013 08:19:59 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤ [V2][sUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\deral\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][x][x] -> FOUND [V2][sUSP PATH] VisualBeeRecovery : C:\Users\deral\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK7575GSX SATA Disk Device +++++ --- User --- [MBR] b31600c78afa68a62d217238c1a719ab [bSP] 43c03eaae9f7a55958589ca32715752b : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694342 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422422016 | Size: 20759 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10292013_081959.txt >>
  4. . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\atieclxx.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned> mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe dRun: [searchProtect] \SearchProtect\bin\cltmng.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 192.168.1.254 75.153.176.1 TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E} : DHCPNameServer = 192.168.1.254 75.153.176.1 TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E}\44F627D6F514F535F6574786 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E}\74164756771697 : DHCPNameServer = 69.31.192.12 69.31.192.11 TCP: Interfaces\{E543E218-9D28-45CD-BE20-44E1D83C81D0} : DHCPNameServer = 192.168.42.129 Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file> x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624] R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-2-2 31872] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216] R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-10-7 295696] R1 RapportCerberus_56758;RapportCerberus_56758;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [2013-8-20 589872] R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-9-10 265872] R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-9-10 384432] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-2-10 235520] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-10 361984] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-27 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-27 701512] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 139616] R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-9-10 1435928] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-1-19 158880] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-7 46136] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776] R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616] R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992] R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-27 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600] R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-8-7 258664] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-7 565352] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-8-7 56448] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-1-19 51872] S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736] S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-1-19 36128] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-3-16 16152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-7 1255736] . =============== Created Last 30 ================ . 2013-10-29 12:33:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-29 12:33:15 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-29 12:33:15 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-29 12:33:15 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-10-29 12:33:15 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-29 12:33:15 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-29 12:33:15 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-29 12:11:25 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13600C91-69BB-47AA-9DBD-B877895D6989}\mpengine.dll 2013-10-28 23:55:00 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-10-28 14:18:11 -------- d-----w- C:\Users\deral\AppData\Local\{AEA5AAD6-0C97-4488-BC78-1ADE53328FB3} 2013-10-28 00:01:47 -------- d-----w- C:\Users\deral\AppData\Roaming\Malwarebytes 2013-10-28 00:01:36 -------- d-----w- C:\ProgramData\Malwarebytes 2013-10-28 00:01:33 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-10-28 00:01:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-25 21:50:52 -------- d-----w- C:\Users\deral\AppData\Local\Wajam 2013-10-25 21:49:39 -------- d-----w- C:\Users\deral\AppData\Local\VisualBeeExe 2013-10-25 21:49:13 -------- d-----w- C:\ProgramData\VisualBee 2013-10-25 14:42:19 -------- d-----w- C:\Users\deral\AppData\Local\{412644C1-F7A4-4694-9B8A-5A0176EAB7A2} 2013-10-24 13:40:05 -------- d-----w- C:\Users\deral\AppData\Local\{0933108B-5057-473B-BFB4-58DD21E0FCC2} 2013-10-23 13:56:00 -------- d-----w- C:\Users\deral\AppData\Local\{B56A3A61-3111-4AC0-B730-C761DF8E5430} 2013-10-23 01:43:49 -------- d-----w- C:\Users\deral\AppData\Local\{8377513F-736E-4DA7-99FC-3C16C0DFA36F} 2013-10-22 20:16:11 -------- d-----w- C:\Program Files (x86)\Mobogenie 2013-10-22 20:15:59 -------- d-----w- C:\ProgramData\Babylon 2013-10-22 13:43:25 -------- d-----w- C:\Users\deral\AppData\Local\{A5D3CD22-FC6D-4A6A-BD12-F0EB9875C648} 2013-10-22 00:15:57 -------- d-----w- C:\Program Files (x86)\Common Files\337 2013-10-22 00:15:32 -------- d-----w- C:\Users\deral\AppData\Roaming\337 2013-10-21 20:58:59 -------- d-----w- C:\ProgramData\Conduit 2013-10-21 20:58:49 -------- d-----w- C:\5be1404deaad89cc86bd8ffb 2013-10-21 20:54:38 -------- d-----w- C:\dd23de662f5489ee5b1441a55dcd 2013-10-21 20:39:03 -------- d-----w- C:\Users\deral\.android 2013-10-21 20:12:17 -------- d-----w- C:\Program Files (x86)\Amazon 2013-10-21 20:06:21 -------- d-----w- C:\Users\deral\AppData\Local\cache 2013-10-21 20:06:17 -------- d-----w- C:\Users\deral\AppData\Local\Mobogenie 2013-10-21 20:03:38 -------- d-----w- C:\Users\deral\AppData\Local\FileTypeAssistant 2013-10-21 20:03:28 -------- d-----w- C:\Program Files (x86)\File Type Assistant 2013-10-21 20:01:35 -------- d-----w- C:\Users\deral\AppData\Local\Programs 2013-10-21 13:59:57 -------- d-----w- C:\Users\deral\AppData\Local\{0C03BE83-3DCD-4FF6-9BB6-CF09CB763F8C} 2013-10-20 13:13:01 -------- d-----r- C:\Users\deral\Dropbox 2013-10-20 12:52:03 -------- d-----w- C:\Users\deral\AppData\Roaming\Dropbox 2013-10-20 12:32:45 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{59871990-2164-4F6E-B17A-317CCF02A930}\gapaengine.dll 2013-10-20 12:20:27 -------- d-----w- C:\Users\deral\AppData\Local\{4216B4A8-E50A-473A-A812-5A3ACEC6D689} 2013-10-20 12:20:27 -------- d-----w- C:\SearchProtect 2013-10-15 20:20:46 -------- d-----w- C:\Users\deral\AppData\Roaming\Individual Software 2013-10-15 20:18:05 -------- d-sha-r- C:\ProgramData\Key-Base 2013-10-15 20:12:47 -------- d-----w- C:\ProgramData\Individual Software 2013-10-15 20:11:53 -------- d-----w- C:\Program Files (x86)\ResumeMaker Professional 2013-10-15 12:46:12 -------- d-----w- C:\Users\deral\AppData\Local\{384984CE-0467-4B4C-9F9E-ECF5AFA64E9B} 2013-10-14 22:57:43 -------- d-----w- C:\Users\deral\AppData\Local\{9A790A03-20D7-42A7-A511-3E251F8C6DD6} 2013-10-12 13:03:26 -------- d-----w- C:\Users\deral\AppData\Local\{C0C8C3F0-8858-4DA5-8D71-AC5D1084A542} 2013-10-11 16:27:53 -------- d-----w- C:\Users\deral\AppData\Local\{F11D464B-879E-435E-9008-F51DF82B946C} 2013-10-10 16:23:06 633856 ----a-w- C:\Windows\System32\comctl32.dll 2013-10-10 16:22:59 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-10-10 16:15:38 -------- d-----w- C:\Users\deral\AppData\Local\{63306A64-13CF-41B4-8BF2-B11C7D207C00} 2013-10-09 14:37:32 -------- d-----w- C:\Users\deral\AppData\Local\{808EDB7E-621E-496D-88D9-D11FF27D6E0D} 2013-10-08 22:32:33 -------- d-----w- C:\ProgramData\Farm Frenzy 2013-10-08 22:25:23 -------- d-----w- C:\ProgramData\Playrix Entertainment 2013-10-08 13:00:35 -------- d-----w- C:\Users\deral\AppData\Local\{9B6B30E7-5BAE-4F59-93BF-58D4EA206051} 2013-10-07 13:15:05 -------- d-----w- C:\Users\deral\AppData\Local\{D31F50D2-FAD3-4847-88CF-5CEA9DC62B1F} 2013-10-06 14:55:43 -------- d-----w- C:\Users\deral\AppData\Local\{9F231D01-076D-4689-8587-E2B784060A13} 2013-10-05 15:30:06 -------- d-----w- C:\Users\deral\AppData\Local\{85492CF5-CDF7-490F-9576-B998D381AFAB} 2013-10-05 15:29:32 -------- d-----w- C:\Users\deral\AppData\Local\{E3DBD265-A8AD-4E07-AC2E-E5ACEBE1AF62} 2013-10-05 02:42:30 -------- d-----w- C:\Users\deral\AppData\Local\{8885EE57-66AE-4A56-9D42-40CE85D2486B} 2013-10-05 02:29:52 -------- d-----w- C:\Users\deral\AppData\Local\{64237105-6BB9-4DE5-9121-33D9F4D6E868} 2013-10-04 12:17:38 -------- d-----w- C:\Users\deral\AppData\Local\{ECA3B82C-0A09-4192-9DD4-DC2202C3FE7B} 2013-10-03 14:16:50 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle Blackjack 2013-10-03 14:14:25 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle FaceCreator 2013-10-03 14:14:24 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle Card Games 2013-10-03 13:05:42 -------- d-----w- C:\Users\deral\AppData\Local\{D3E7DF84-05AE-436E-B53B-912ED301555F} 2013-10-02 13:16:46 -------- d-----w- C:\Users\deral\AppData\Local\{9FF171C7-5C25-4730-8B29-3EA16EDDD0BF} 2013-10-01 22:03:23 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll 2013-10-01 21:59:19 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll 2013-10-01 21:59:18 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll 2013-10-01 21:59:18 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll 2013-10-01 21:59:17 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll 2013-10-01 21:58:15 -------- d-----w- C:\Program Files (x86)\Microsoft XNA 2013-10-01 15:11:06 -------- d-----w- C:\Users\deral\AppData\Local\{C1E2132C-625D-4B57-A29E-BC81E87FEA4C} 2013-09-30 15:40:06 -------- d-----w- C:\Users\deral\SyncFolder 2013-09-30 14:17:46 -------- d-----w- C:\Program Files (x86)\MyPC Backup 2013-09-30 14:17:31 -------- d-----w- C:\Program Files (x86)\DriverUpdate 2013-09-30 13:22:53 -------- d-----w- C:\Users\deral\AppData\Local\Apps 2013-09-30 13:22:52 -------- d-----w- C:\Users\deral\AppData\Local\Deployment 2013-09-30 12:59:48 -------- d-----w- C:\Users\deral\AppData\Local\{92C01B98-8DAB-4AF5-86D3-AC979DA33F6B} . ==================== Find3M ==================== . 2013-10-28 14:13:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-28 14:13:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-22 00:21:57 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys 2013-10-22 00:15:14 421032 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-09-22 14:42:33 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-09-22 14:33:53 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-09-22 14:33:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-09-22 14:23:30 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-09-22 14:21:21 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-09-22 14:15:47 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-09-22 10:22:59 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-09-22 10:14:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-09-22 10:13:22 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-09-22 10:08:41 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-09-22 10:06:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-09-22 10:03:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-11 05:18:28 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll 2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys 2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-08-01 09:19:34 265152 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-08-01 09:19:33 984512 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys .. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/6/2012 5:55:01 AM System Uptime: 10/29/2013 6:35:20 AM (1 hours ago) . Motherboard: Hewlett-Packard | | 1849 Processor: AMD A6-4400M APU with Radeon HD Graphics | Socket FT1 | 2700/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 678 GiB total, 613.875 GiB free. D: is FIXED (NTFS) - 20 GiB total, 2.193 GiB free. E: is CDROM () F: is FIXED (FAT32) - 0 GiB total, 0.081 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . ==== System Restore Points =================== . RP238: 10/21/2013 2:57:42 PM - Uniblue DriverScanner installation RP239: 10/21/2013 6:37:28 PM - Removed DriverUpdate RP240: 10/22/2013 2:25:10 PM - Removed Skype™ 6.9 RP241: 10/22/2013 2:31:03 PM - Removed Skype™ 6.9 RP242: 10/22/2013 2:32:15 PM - Removed Skype Click to Call RP243: 10/22/2013 2:32:45 PM - Removed Skype™ 6.9 RP244: 10/23/2013 12:07:59 PM - Windows Update RP245: 10/25/2013 4:03:40 PM - Device Driver Package Install: COMODO Network Service RP246: 10/27/2013 5:49:41 PM - Windows Update RP247: 10/27/2013 6:13:33 PM - Removed Google Talk Plugin RP248: 10/27/2013 7:00:18 PM - Windows Backup RP249: 10/29/2013 6:33:20 AM - Windows Update . ==== Installed Programs ====================== . 100% Hidden Objects 64 Bit HP CIO Components Installer Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.05) Adobe Shockwave Player 11.6 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Steady Video Plug-In AMD VISION Engine Control Center Atheros Bluetooth Suite (64) Atheros Driver Installation Program Barnyard Invasion Bejeweled 3 Blackhawk Striker 2 Blio Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Classic Fishdom 2 in 1 Pack Cradle of Rome 2 Cut the Rope CyberLink YouCam D3DX10 Dora's World Adventure Elevated Installer ESU for Microsoft Windows 7 SP1 Evernote v. 4.5.2 Farm Frenzy Farmscapes FATE File Type Assistant Final Drive Fury Garmin Express Garmin Express Tray Hewlett-Packard ACLM.NET v1.2.1.1 Hoyle Card Games HP 3D DriveGuard HP Application Assistant HP Auto HP Client Services HP CoolSense HP Customer Experience Enhancements HP Documentation HP Games HP Launch Box HP MovieStore HP On Screen Display HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 HP Power Manager HP Quick Launch HP Recovery Manager HP Security Assistant HP Setup HP Setup Manager HP Software Framework HP Support Assistant IDT Audio Into the Haze Island of Death: Demons and Despair Java 7 Update 21 Java Auto Updater Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update Letters from Nowhere 2 Living Legends: Ice Rose Collector's Edition Luxor HD Mah Jong Medley Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 4.0 Midnight Pool 3D MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network64 opensource Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer PS_AIO_07_D110_SW_Min Rapport Realtek Ethernet Controller Driver Realtek PCIE Card Reader Redemption Cemetery: Childrens Plight ResumeMaker Professional RollerCoaster Tycoon 3: Platinum Royal Envoy 2 Collector's Edition Rush for Gold Alaska Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Slingshot Puzzle Summer Mahjong swMSM Synaptics Pointing Device Driver The Treasures of Mystery Island: The Ghost Ship Toolbox Torchlight Trusteer Endpoint Protection Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update Installer for WildTangent Games App Vacation Adventures: Park Ranger Virtual Villagers 4 - The Tree of Life Way To Go! WildTangent Games WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh ActiveX Control for Remote Connections Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 10/29/2013 6:38:42 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/28/2013 6:49:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user deralj\deral SID (S-1-5-21-461216529-553505904-338273997-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/27/2013 9:49:43 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 10/27/2013 5:50:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.161.752.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10003.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 10/27/2013 5:05:17 PM, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: %%-2147467243 10/26/2013 9:21:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 10/26/2013 9:21:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect. 10/26/2013 9:21:07 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/26/2013 7:58:49 PM, Error: Service Control Manager [7023] - The WajamUpdaterV3 service terminated with the following error: The system cannot find the file specified. . ==== End Of File ===========================
  5. I'm on my husbands computer and have been trying to clean it up for him. He has some issues. I did a malware scan and he had over 200 malwares. I have removed them all. He now has a thing that pops up when he restarts saying something about a conduit rdll file cannot be found. Not sure what that could mean. I am no computer tech so decided to check with someone with knowledge. LOL If you could help that would be great. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.