-
Posts
5 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by bevj3
-
-
When i downloaded a bunch of other things came up to?
# AdwCleaner v3.010 - Report created 29/10/2013 at 09:07:13
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : deral - DERALJ
# Running from : C:\Users\deral\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\711JRROH\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : CltMngSvc
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\LaunchApp
File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
Folder Found C:\Program Files (x86)\Common Files\337
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\KeyBar_1.8
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\otshot
Folder Found C:\Program Files (x86)\Searchprotect
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Found C:\ProgramData\VisualBee
Folder Found C:\Searchprotect
Folder Found C:\Users\deral\AppData\Local\Conduit
Folder Found C:\Users\deral\AppData\Local\Temp\apn
Folder Found C:\Users\deral\AppData\Local\Temp\WinZipper
Folder Found C:\Users\deral\AppData\Local\visualbeeexe
Folder Found C:\Users\deral\AppData\Local\Wajam
Folder Found C:\Users\deral\AppData\LocalLow\Conduit
Folder Found C:\Users\deral\AppData\LocalLow\KeyBar_1.8
Folder Found C:\Users\deral\AppData\LocalLow\PriceGong
Folder Found C:\Users\deral\AppData\Roaming\337
Folder Found C:\Users\deral\AppData\Roaming\Searchprotect
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\KeyBar_1.8
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9ED31F84-C8B3-4926-B950-DFF74047FF79}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SearchProtect
Key Found : HKCU\Software\smartbar
Key Found : HKCU\Software\visualbee
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\InstalledThirdPartyPrograms
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\SearchProtect
Key Found : [x64] HKCU\Software\smartbar
Key Found : [x64] HKCU\Software\visualbee
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B78662B-577F-4D86-82C1-3752D2A160E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9ED31F84-C8B3-4926-B950-DFF74047FF79}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282134
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3286042
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3287811
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3294791
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3309350
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\Software\KeyBar_1.8
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2748B070-6E4D-46CB-B242-9B8DCAAECB62}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E68232EF-5BB0-4C72-8A36-547BC31F1F83}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ED31F84-C8B3-4926-B950-DFF74047FF79}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B78662B-577F-4D86-82C1-3752D2A160E4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\omigaplusSvc
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\visualbee
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{9ED31F84-C8B3-4926-B950-DFF74047FF79}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9ED31F84-C8B3-4926-B950-DFF74047FF79}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9ED31F84-C8B3-4926-B950-DFF74047FF79}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16514
*************************
AdwCleaner[R0].txt - [9414 octets] - [29/10/2013 09:07:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9474 octets] ##########
-
RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : deral [Admin rights]
Mode : Scan -- Date : 10/29/2013 08:19:59
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][sUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\deral\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][x][x] -> FOUND
[V2][sUSP PATH] VisualBeeRecovery : C:\Users\deral\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe - /s [x] -> FOUND
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK7575GSX SATA Disk Device +++++
--- User ---
[MBR] b31600c78afa68a62d217238c1a719ab
[bSP] 43c03eaae9f7a55958589ca32715752b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694342 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422422016 | Size: 20759 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_10292013_081959.txt >>
-
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned>
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E} : DHCPNameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E}\44F627D6F514F535F6574786 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{56F51A80-DBEA-4097-A78E-AA967EC8998E}\74164756771697 : DHCPNameServer = 69.31.192.12 69.31.192.11
TCP: Interfaces\{E543E218-9D28-45CD-BE20-44E1D83C81D0} : DHCPNameServer = 192.168.42.129
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-2-2 31872]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-10-7 295696]
R1 RapportCerberus_56758;RapportCerberus_56758;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [2013-8-20 589872]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-9-10 265872]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-9-10 384432]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-2-10 235520]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-10 361984]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-27 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 139616]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-9-10 1435928]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-1-19 158880]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-7 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-27 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-8-7 258664]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-7 565352]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-8-7 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-1-19 51872]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 240736]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-1-19 36128]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-3-16 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-7 1255736]
.
=============== Created Last 30 ================
.
2013-10-29 12:33:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-29 12:33:15 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-29 12:33:15 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-29 12:33:15 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-29 12:33:15 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-29 12:33:15 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-29 12:33:15 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-10-29 12:11:25 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13600C91-69BB-47AA-9DBD-B877895D6989}\mpengine.dll
2013-10-28 23:55:00 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-28 14:18:11 -------- d-----w- C:\Users\deral\AppData\Local\{AEA5AAD6-0C97-4488-BC78-1ADE53328FB3}
2013-10-28 00:01:47 -------- d-----w- C:\Users\deral\AppData\Roaming\Malwarebytes
2013-10-28 00:01:36 -------- d-----w- C:\ProgramData\Malwarebytes
2013-10-28 00:01:33 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-28 00:01:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 21:50:52 -------- d-----w- C:\Users\deral\AppData\Local\Wajam
2013-10-25 21:49:39 -------- d-----w- C:\Users\deral\AppData\Local\VisualBeeExe
2013-10-25 21:49:13 -------- d-----w- C:\ProgramData\VisualBee
2013-10-25 14:42:19 -------- d-----w- C:\Users\deral\AppData\Local\{412644C1-F7A4-4694-9B8A-5A0176EAB7A2}
2013-10-24 13:40:05 -------- d-----w- C:\Users\deral\AppData\Local\{0933108B-5057-473B-BFB4-58DD21E0FCC2}
2013-10-23 13:56:00 -------- d-----w- C:\Users\deral\AppData\Local\{B56A3A61-3111-4AC0-B730-C761DF8E5430}
2013-10-23 01:43:49 -------- d-----w- C:\Users\deral\AppData\Local\{8377513F-736E-4DA7-99FC-3C16C0DFA36F}
2013-10-22 20:16:11 -------- d-----w- C:\Program Files (x86)\Mobogenie
2013-10-22 20:15:59 -------- d-----w- C:\ProgramData\Babylon
2013-10-22 13:43:25 -------- d-----w- C:\Users\deral\AppData\Local\{A5D3CD22-FC6D-4A6A-BD12-F0EB9875C648}
2013-10-22 00:15:57 -------- d-----w- C:\Program Files (x86)\Common Files\337
2013-10-22 00:15:32 -------- d-----w- C:\Users\deral\AppData\Roaming\337
2013-10-21 20:58:59 -------- d-----w- C:\ProgramData\Conduit
2013-10-21 20:58:49 -------- d-----w- C:\5be1404deaad89cc86bd8ffb
2013-10-21 20:54:38 -------- d-----w- C:\dd23de662f5489ee5b1441a55dcd
2013-10-21 20:39:03 -------- d-----w- C:\Users\deral\.android
2013-10-21 20:12:17 -------- d-----w- C:\Program Files (x86)\Amazon
2013-10-21 20:06:21 -------- d-----w- C:\Users\deral\AppData\Local\cache
2013-10-21 20:06:17 -------- d-----w- C:\Users\deral\AppData\Local\Mobogenie
2013-10-21 20:03:38 -------- d-----w- C:\Users\deral\AppData\Local\FileTypeAssistant
2013-10-21 20:03:28 -------- d-----w- C:\Program Files (x86)\File Type Assistant
2013-10-21 20:01:35 -------- d-----w- C:\Users\deral\AppData\Local\Programs
2013-10-21 13:59:57 -------- d-----w- C:\Users\deral\AppData\Local\{0C03BE83-3DCD-4FF6-9BB6-CF09CB763F8C}
2013-10-20 13:13:01 -------- d-----r- C:\Users\deral\Dropbox
2013-10-20 12:52:03 -------- d-----w- C:\Users\deral\AppData\Roaming\Dropbox
2013-10-20 12:32:45 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{59871990-2164-4F6E-B17A-317CCF02A930}\gapaengine.dll
2013-10-20 12:20:27 -------- d-----w- C:\Users\deral\AppData\Local\{4216B4A8-E50A-473A-A812-5A3ACEC6D689}
2013-10-20 12:20:27 -------- d-----w- C:\SearchProtect
2013-10-15 20:20:46 -------- d-----w- C:\Users\deral\AppData\Roaming\Individual Software
2013-10-15 20:18:05 -------- d-sha-r- C:\ProgramData\Key-Base
2013-10-15 20:12:47 -------- d-----w- C:\ProgramData\Individual Software
2013-10-15 20:11:53 -------- d-----w- C:\Program Files (x86)\ResumeMaker Professional
2013-10-15 12:46:12 -------- d-----w- C:\Users\deral\AppData\Local\{384984CE-0467-4B4C-9F9E-ECF5AFA64E9B}
2013-10-14 22:57:43 -------- d-----w- C:\Users\deral\AppData\Local\{9A790A03-20D7-42A7-A511-3E251F8C6DD6}
2013-10-12 13:03:26 -------- d-----w- C:\Users\deral\AppData\Local\{C0C8C3F0-8858-4DA5-8D71-AC5D1084A542}
2013-10-11 16:27:53 -------- d-----w- C:\Users\deral\AppData\Local\{F11D464B-879E-435E-9008-F51DF82B946C}
2013-10-10 16:23:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-10 16:22:59 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-10-10 16:15:38 -------- d-----w- C:\Users\deral\AppData\Local\{63306A64-13CF-41B4-8BF2-B11C7D207C00}
2013-10-09 14:37:32 -------- d-----w- C:\Users\deral\AppData\Local\{808EDB7E-621E-496D-88D9-D11FF27D6E0D}
2013-10-08 22:32:33 -------- d-----w- C:\ProgramData\Farm Frenzy
2013-10-08 22:25:23 -------- d-----w- C:\ProgramData\Playrix Entertainment
2013-10-08 13:00:35 -------- d-----w- C:\Users\deral\AppData\Local\{9B6B30E7-5BAE-4F59-93BF-58D4EA206051}
2013-10-07 13:15:05 -------- d-----w- C:\Users\deral\AppData\Local\{D31F50D2-FAD3-4847-88CF-5CEA9DC62B1F}
2013-10-06 14:55:43 -------- d-----w- C:\Users\deral\AppData\Local\{9F231D01-076D-4689-8587-E2B784060A13}
2013-10-05 15:30:06 -------- d-----w- C:\Users\deral\AppData\Local\{85492CF5-CDF7-490F-9576-B998D381AFAB}
2013-10-05 15:29:32 -------- d-----w- C:\Users\deral\AppData\Local\{E3DBD265-A8AD-4E07-AC2E-E5ACEBE1AF62}
2013-10-05 02:42:30 -------- d-----w- C:\Users\deral\AppData\Local\{8885EE57-66AE-4A56-9D42-40CE85D2486B}
2013-10-05 02:29:52 -------- d-----w- C:\Users\deral\AppData\Local\{64237105-6BB9-4DE5-9121-33D9F4D6E868}
2013-10-04 12:17:38 -------- d-----w- C:\Users\deral\AppData\Local\{ECA3B82C-0A09-4192-9DD4-DC2202C3FE7B}
2013-10-03 14:16:50 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle Blackjack
2013-10-03 14:14:25 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle FaceCreator
2013-10-03 14:14:24 -------- d-----w- C:\Users\deral\AppData\Roaming\Hoyle Card Games
2013-10-03 13:05:42 -------- d-----w- C:\Users\deral\AppData\Local\{D3E7DF84-05AE-436E-B53B-912ED301555F}
2013-10-02 13:16:46 -------- d-----w- C:\Users\deral\AppData\Local\{9FF171C7-5C25-4730-8B29-3EA16EDDD0BF}
2013-10-01 22:03:23 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2013-10-01 21:59:19 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2013-10-01 21:59:18 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2013-10-01 21:59:18 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2013-10-01 21:59:17 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2013-10-01 21:58:15 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2013-10-01 15:11:06 -------- d-----w- C:\Users\deral\AppData\Local\{C1E2132C-625D-4B57-A29E-BC81E87FEA4C}
2013-09-30 15:40:06 -------- d-----w- C:\Users\deral\SyncFolder
2013-09-30 14:17:46 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-09-30 14:17:31 -------- d-----w- C:\Program Files (x86)\DriverUpdate
2013-09-30 13:22:53 -------- d-----w- C:\Users\deral\AppData\Local\Apps
2013-09-30 13:22:52 -------- d-----w- C:\Users\deral\AppData\Local\Deployment
2013-09-30 12:59:48 -------- d-----w- C:\Users\deral\AppData\Local\{92C01B98-8DAB-4AF5-86D3-AC979DA33F6B}
.
==================== Find3M ====================
.
2013-10-28 14:13:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-28 14:13:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-10-22 00:21:57 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2013-10-22 00:15:14 421032 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-09-22 14:42:33 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 14:33:53 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 14:33:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-09-22 14:23:30 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-09-22 14:21:21 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-09-22 14:15:47 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-22 10:22:59 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 10:14:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-09-22 10:13:22 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 10:08:41 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-09-22 10:06:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-09-22 10:03:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-11 05:18:28 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-08-01 09:19:34 265152 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-08-01 09:19:33 984512 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
..
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2012 5:55:01 AM
System Uptime: 10/29/2013 6:35:20 AM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 1849
Processor: AMD A6-4400M APU with Radeon HD Graphics | Socket FT1 | 2700/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 678 GiB total, 613.875 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 2.193 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 0 GiB total, 0.081 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer:
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID:
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
RP238: 10/21/2013 2:57:42 PM - Uniblue DriverScanner installation
RP239: 10/21/2013 6:37:28 PM - Removed DriverUpdate
RP240: 10/22/2013 2:25:10 PM - Removed Skype™ 6.9
RP241: 10/22/2013 2:31:03 PM - Removed Skype™ 6.9
RP242: 10/22/2013 2:32:15 PM - Removed Skype Click to Call
RP243: 10/22/2013 2:32:45 PM - Removed Skype™ 6.9
RP244: 10/23/2013 12:07:59 PM - Windows Update
RP245: 10/25/2013 4:03:40 PM - Device Driver Package Install: COMODO Network Service
RP246: 10/27/2013 5:49:41 PM - Windows Update
RP247: 10/27/2013 6:13:33 PM - Removed Google Talk Plugin
RP248: 10/27/2013 7:00:18 PM - Windows Backup
RP249: 10/29/2013 6:33:20 AM - Windows Update
.
==== Installed Programs ======================
.
100% Hidden Objects
64 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Atheros Bluetooth Suite (64)
Atheros Driver Installation Program
Barnyard Invasion
Bejeweled 3
Blackhawk Striker 2
Blio
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Classic Fishdom 2 in 1 Pack
Cradle of Rome 2
Cut the Rope
CyberLink YouCam
D3DX10
Dora's World Adventure
Elevated Installer
ESU for Microsoft Windows 7 SP1
Evernote v. 4.5.2
Farm Frenzy
Farmscapes
FATE
File Type Assistant
Final Drive Fury
Garmin Express
Garmin Express Tray
Hewlett-Packard ACLM.NET v1.2.1.1
Hoyle Card Games
HP 3D DriveGuard
HP Application Assistant
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP MovieStore
HP On Screen Display
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
IDT Audio
Into the Haze
Island of Death: Demons and Despair
Java 7 Update 21
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Letters from Nowhere 2
Living Legends: Ice Rose Collector's Edition
Luxor HD
Mah Jong Medley
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 4.0
Midnight Pool 3D
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
opensource
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PS_AIO_07_D110_SW_Min
Rapport
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Redemption Cemetery: Childrens Plight
ResumeMaker Professional
RollerCoaster Tycoon 3: Platinum
Royal Envoy 2 Collector's Edition
Rush for Gold Alaska
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Slingshot Puzzle
Summer Mahjong
swMSM
Synaptics Pointing Device Driver
The Treasures of Mystery Island: The Ghost Ship
Toolbox
Torchlight
Trusteer Endpoint Protection
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update Installer for WildTangent Games App
Vacation Adventures: Park Ranger
Virtual Villagers 4 - The Tree of Life
Way To Go!
WildTangent Games
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
10/29/2013 6:38:42 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/28/2013 6:49:21 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user deralj\deral SID (S-1-5-21-461216529-553505904-338273997-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/27/2013 9:49:43 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
10/27/2013 5:50:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.161.752.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10003.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
10/27/2013 5:05:17 PM, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: %%-2147467243
10/26/2013 9:21:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
10/26/2013 9:21:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
10/26/2013 9:21:07 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/26/2013 7:58:49 PM, Error: Service Control Manager [7023] - The WajamUpdaterV3 service terminated with the following error: The system cannot find the file specified.
.
==== End Of File =========================== -
I'm on my husbands computer and have been trying to clean it up for him. He has some issues. I did a malware scan and he had over 200 malwares. I have removed them all. He now has a thing that pops up when he restarts saying something about a conduit rdll file cannot be found. Not sure what that could mean. I am no computer tech so decided to check with someone with knowledge. LOL If you could help that would be great.
Thanks
issues on computer
in Resolved Malware Removal Logs
Posted
Sorry about that. I ended up having my granddaughter over. Hubby took his computer to work with him. Just close this and thank you for all the help. I appreciate it.