Jump to content

Search the Community

Showing results for tags 'yahoo'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello, I have the Spigot redirect malware and can't seem to get rid of it. I updated Advanced System Care and it attached Spigot. I have searched online for a fix but can't find one that works. Can you help please?
  2. First, I'm not totally sure what I'm doing here or what you may need so here goes: My laptop is about 12 years old running Windows XP sp2 so secondly, I don't know if you can even help me, it's so old (I've seen some forums refuse to help people running Windows XP). I apologize if that's the case, but thanks anyway! I hadn't used this computer for a couple years but I've started using it again and I decided to do some basic maintenance (updates, defragment, scan with avg etc) in an attempt to improve performance and as part of that process, someone recommended me to use IObit's Advanced System Care. So I did and I've discovered since then that no matter what I do, my homepage (for firefox) is set to yahoo! and both Firefox and Chrome keep having the default search engine set to yahoo. I'm not 100% convinced it was Advanced System Care that caused the problem though, I have it on my desktop and I've never had this problem before (I just noticed the problem after installing it). I ran MBAM but it didn't resolve the issue; also ran DDS. In summary: Am I beyond hope? (with my computer being so old) and if not: Please help me fix my homepage/default search engine settings back to google, if possible. To your knowledge, is Advanced System Care/IObit known to be associated with malware? (And should I remove it?) Thank you! DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_06 Run by Michelle at 16:00:14 on 2014-01-18 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.316 [GMT -8:00] . AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\windows\system32\igfxpers.exe C:\windows\system32\hkcmd.exe C:\program files\common files\java\java update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE C:\PROGRAM FILES\DELL SUPPORT CENTER\BIN\SPRTCMD.EXE C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - <orphaned> BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\surfing protection\browerprotect\ASCPlugin_Protection.dll BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned> TB: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\iobit\iobit uninstaller\UninstallExplorer32.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [sunJavaUpdateSched] c:\program files\common files\java\java update\jusched.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\michelle\application data\mozilla\firefox\profiles\6h3chw64.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2014-1-17 15808] R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848] R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\iobit\advanced systemcare 7\ASCService.exe [2014-1-17 881440] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] S?2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544] S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-1-17 2151200] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-28 25112] . =============== Created Last 30 ================ . 2014-01-18 23:51:44 1893 ----a-w- c:\windows\bcmwltrytmp.reg 2014-01-18 20:38:33 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-18 18:49:43 -------- d-----w- c:\windows\SxsCaPendDel 2014-01-18 08:49:59 954368 ------w- c:\windows\system32\dllcache\mfc40.dll 2014-01-18 08:49:58 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll 2014-01-18 08:43:33 617472 ------w- c:\windows\system32\dllcache\comctl32.dll 2014-01-18 08:42:20 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2014-01-18 08:42:05 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll 2014-01-18 08:41:56 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll 2014-01-18 08:41:12 25088 ------w- c:\windows\system32\dllcache\hidparse.sys 2014-01-18 08:21:33 5376 ------w- c:\windows\system32\dllcache\usbd.sys 2014-01-18 07:34:17 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2014-01-18 07:34:17 265728 ------w- c:\windows\system32\dllcache\http.sys 2014-01-18 07:34:17 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2014-01-18 07:33:43 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2014-01-18 07:33:43 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2014-01-18 07:33:36 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2014-01-18 07:31:51 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys 2014-01-18 07:31:40 3072 ------w- c:\windows\system32\iacenc.dll 2014-01-18 07:31:40 3072 ------w- c:\windows\system32\dllcache\iacenc.dll 2014-01-18 07:31:29 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2014-01-18 04:17:28 -------- d-----w- C:\DrvInstall 2014-01-18 03:56:59 27904 ----a-w- c:\windows\system32\drivers\risdptsk.sys 2014-01-18 03:16:26 920088 ----a-w- c:\windows\system32\igxpun.exe 2014-01-18 03:16:26 -------- d-----w- c:\windows\system32\x64 2014-01-18 03:16:26 -------- d-----w- c:\windows\system32\Lang 2014-01-18 03:14:41 57344 ----a-w- c:\windows\system32\igxprd32.dll 2014-01-17 22:45:45 24384 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2014-01-17 22:08:36 -------- d-----w- c:\documents and settings\michelle\AppData 2014-01-17 22:08:26 -------- d-----w- c:\documents and settings\all users\application data\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2014-01-17 22:08:17 -------- d-----w- c:\documents and settings\all users\application data\ProductData 2014-01-17 16:03:56 31008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe 2014-01-17 16:02:46 -------- d-----w- c:\documents and settings\all users\application data\IObit 2014-01-17 16:02:45 103424 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll 2014-01-17 16:02:15 15808 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2014-01-17 16:01:14 -------- d-----w- c:\documents and settings\michelle\application data\IObit 2014-01-13 21:08:59 272496 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll 2014-01-13 21:08:44 28272 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe 2014-01-13 21:08:24 170960 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe 2014-01-13 21:08:24 108144 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe 2014-01-13 21:08:19 17248 ----a-w- c:\program files\mozilla firefox\plugins\NPOFFICE.DLL 2014-01-13 21:08:19 1642496 ----a-w- c:\program files\mozilla firefox\plugins\npdjvu.dll . ==================== Find3M ==================== . 2014-01-18 04:15:11 1952512 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS 2014-01-14 12:13:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-01-14 12:13:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll 2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 05:50:48 120600 ----a-w- c:\windows\system32\drivers\avgdiskx.sys 2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll 2013-11-05 05:57:30 209176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-11-01 07:00:28 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2013-11-01 06:30:08 222520 ----a-w- c:\windows\system32\drivers\avglogx.sys 2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys 2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:57:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll 2013-10-29 07:57:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 00:45:02 385024 ----a-w- c:\windows\system32\html.iec 2013-10-25 06:28:32 147768 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll . ============= FINISH: 16:01:55.31 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/8/2008 12:52:53 PM System Uptime: 1/18/2014 3:49:16 PM (1 hours ago) . Motherboard: Dell Inc. | | 0FF049 Processor: Genuine Intel® CPU T2250 @ 1.73GHz | Microprocessor | 795/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 68 GiB total, 9.531 GiB free. D: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E96A-E325-11CE-BFC1-08002BE10318} Description: Ricoh MMC Host Controller Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01CD1028&REV_01\4&2FE911E8&0&0AF0 Manufacturer: Ricoh Company Name: Ricoh MMC Host Controller PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01CD1028&REV_01\4&2FE911E8&0&0AF0 Service: rimmptsk . ==== System Restore Points =================== . RP1: 1/17/2014 4:00:02 AM - System Checkpoint RP2: 1/17/2014 4:08:46 AM - Removed Java 7 Update 9 RP3: 1/17/2014 4:10:02 AM - Installed Java 7 Update 51 RP4: 1/17/2014 9:57:08 AM - Removed Microsoft Visual C++ 2005 Redistributable RP5: 1/17/2014 10:01:29 AM - Removed SPORE™ RP6: 1/17/2014 7:13:13 PM - Driver Booster : Mobile Intel® 945GM Express Chipset Family RP7: 1/17/2014 11:45:51 PM - Software Distribution Service 3.0 RP8: 1/18/2014 1:02:56 AM - Software Distribution Service 3.0 RP9: 1/18/2014 10:08:58 AM - IObit Uninstaller restore point RP10: 1/18/2014 10:14:00 AM - Prior to using IObit to uninstall all the things RP11: 1/18/2014 10:14:24 AM - IObit Uninstaller restore point RP12: 1/18/2014 10:16:26 AM - IObit Uninstaller restore point RP13: 1/18/2014 10:18:32 AM - IObit Uninstaller restore point RP14: 1/18/2014 10:27:44 AM - IObit Uninstaller restore point RP15: 1/18/2014 10:28:30 AM - Removed IObit Apps Toolbar v8.6. RP16: 1/18/2014 10:43:26 AM - IObit Uninstaller restore point RP17: 1/18/2014 10:46:18 AM - IObit Uninstaller restore point RP18: 1/18/2014 10:47:17 AM - Removed Microsoft Visual C++ 2005 Redistributable RP19: 1/18/2014 10:50:46 AM - IObit Uninstaller restore point RP20: 1/18/2014 10:51:04 AM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 RP21: 1/18/2014 10:53:08 AM - IObit Uninstaller restore point RP22: 1/18/2014 10:57:19 AM - IObit Uninstaller restore point RP23: 1/18/2014 11:16:26 AM - IObit Uninstaller restore point RP24: 1/18/2014 11:26:50 AM - IObit Uninstaller restore point RP25: 1/18/2014 12:12:51 PM - IObit Uninstaller restore point . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 12 Plugin Adobe Reader 7.0.8 Advanced SystemCare 7 AOLIcon AVG 2014 Broadcom Management Programs Compatibility Pack for the 2007 Office system Conexant HDA D110 MDC V.92 Modem Costco Photo Organizer Dell Support Center (Support Software) Dell System Restore Dell Wireless WLAN Card DellSupport Digital Content Portal Digital Line Detect Documentation & Support Launcher Driver Booster ELIcon Game Booster Games, Music, & Photos Launcher High Definition Audio Driver Package - KB835221 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB981793) Intel® Graphics Media Accelerator Driver IObit Uninstaller J2SE Runtime Environment 5.0 Update 6 Java 7 Update 51 Java Auto Updater Lizardtech DjVu Control Logitech Camera Driver Malwarebytes Anti-Malware version 1.75.0.1300 MapleStory MCU Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft .NET Framework 1.0 Security Update (KB2742607) Microsoft .NET Framework 1.0 Security Update (KB2833951) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office File Validation Add-In Microsoft Office Outlook 2003 with Business Contact Manager Update Microsoft Office Small Business Edition 2003 Microsoft Office Standard Edition 2003 Microsoft Office XP Standard for Students and Teachers Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Works Modem Helper Mozilla Firefox 26.0 (x86 en-US) MSN MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) O&O Defrag Professional Edition PowerDVD 5.7 QuickSet QuickTime Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2898785) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB2834905-v2) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2834886) Security Update for Windows XP (KB2845187) Security Update for Windows XP (KB2847311) Security Update for Windows XP (KB2850869) Security Update for Windows XP (KB2859537) Security Update for Windows XP (KB2862152) Security Update for Windows XP (KB2862330) Security Update for Windows XP (KB2862335) Security Update for Windows XP (KB2864063) Security Update for Windows XP (KB2868038) Security Update for Windows XP (KB2868626) Security Update for Windows XP (KB2876217) Security Update for Windows XP (KB2876331) Security Update for Windows XP (KB2892075) Security Update for Windows XP (KB2893294) Security Update for Windows XP (KB2893984) Security Update for Windows XP (KB2898715) Security Update for Windows XP (KB2900986) Security Update for Windows XP (KB2914368) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Skype™ 6.11 Smart Defrag 3 Sonic DLA Sonic Encoders Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Spybot - Search & Destroy Surfing Protection Synaptics Pointing Device Driver TES Construction Set Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB972636) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Media Player 10 (KB910393) Update for Windows XP (KB2345886) Update for Windows XP (KB2749655) Update for Windows XP (KB2904266) Update for Windows XP (KB942763) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 URL Assistant VideoLAN VLC media player 0.8.6f Visual Studio 2012 x86 Redistributables VisualBee for Microsoft PowerPoint WebFldrs XP Winamp Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Messenger Windows Media Format Runtime Windows Media Player 10 Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows XP Media Center Edition 2005 KB2502898 Windows XP Media Center Edition 2005 KB2619340 Windows XP Media Center Edition 2005 KB2628259 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB912067 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 1/18/2014 9:30:03 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/17/2014 4:08:17 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). 1/17/2014 3:30:05 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 1/17/2014 2:09:22 PM, error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 12:01:02 PM, error: Service Control Manager [7034] - The EPSON V3 Service4(01) service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:59:33 AM, error: Service Control Manager [7034] - The EPSON V5 Service4(01) service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:57:43 AM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 1/13/2014 11:56:43 AM, error: Service Control Manager [7034] - The Logitech Process Monitor service terminated unexpectedly. It has done this 1 time(s). 1/13/2014 11:50:36 AM, error: Service Control Manager [7031] - The Turbine Message Service - Live service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 1/13/2014 11:38:04 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Turbine Message Service - Live service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. . ==== End Of File =========================== dds.txt attach.txt
  3. I have already tried several things to get rid of "search.yahoo.com" as my IE10 Browser Search engine. 1. I have change the default URL under internet options. 2. I have disabled all my Managed Add ins 3. I have run the following PC Cleaners: 1. Microsoft Security Essentials, 2. Advanced SystemCare 7 and 3. MalwareBytes 1.7. All finding no problems. What else do I need to do to remove search.yahoo.com? Many thanks in advance for your assistance. Regards, Paul
  4. Downloaded something and now all of my homepages are http://search.yahoo.com/?type=293224&fr=spigot-yhp-ff. Thanks in advance to whomever helps me and to everyone who volunteers their time to get people like me out of trouble.... DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2 Run by slriegel at 23:01:51 on 2013-12-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3933.2206 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe C:\Windows\system32\taskeng.exe c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe C:\Windows\system32\lxbkcoms.exe C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe C:\Program Files (x86)\Whilokii\updateWhilokii.exe C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\TpShocks.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\igfxext.exe C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\SearchProtocolHost.exe c:\Program Files (x86)\Lenovo\System Update\SUService.exe C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Google Update] "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor mRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" mRun: [ideaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe /check mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0} : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\05967676977237020516C6163656 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10 TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{4CC2FB81-59C1-4E84-A1A0-3E323F826926} : DHCPNameServer = 209.18.47.61 209.18.47.62 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli ACGina x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe x64-Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe x64-Run: [TpShocks] TpShocks.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" x64-Run: [lxbkbmgr.exe] "C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 10.254.254.253 AFS . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Users\slriegel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npicaN.dll FF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-8 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-10-8 204880] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-2 55280] R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-6-29 23592] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-1-13 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-1-13 378944] R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2009-7-16 15400] R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2010-3-31 200720] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-1-13 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-1-13 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-8 46808] R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-7-20 171872] R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-7-23 163680] R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2009-10-5 45424] R2 lxbk_device;lxbk_device;C:\Windows\System32\lxbkcoms.exe -service --> C:\Windows\System32\lxbkcoms.exe -service [?] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-10 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-10 701512] R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-3-22 1907896] R2 tmpreflt;tmpreflt;C:\Windows\System32\drivers\tmpreflt.sys [2010-9-30 42576] R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2010-3-31 339984] R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2009-10-5 62320] R2 Update Whilokii;Update Whilokii;C:\Program Files (x86)\Whilokii\updateWhilokii.exe [2013-10-4 65304] R2 Util Whilokii;Util Whilokii;C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [2013-10-16 65304] R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2010-2-2 161024] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-9-10 139264] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-6-7 143320] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-10 25928] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-5 362992] S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-8-5 309744] S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-8-5 166384] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-31 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-1 111616] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 PCDSRVC{184E4FA0-DE8C26D4-06000000}_0;PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\progra~1\pc-doc~1\pcdsrvc_x64.pkms [2009-8-18 23536] S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-2-2 75112] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-5 313840] S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-8-5 1124848] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TmPfw;Trend Micro Personal Firewall;C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2010-3-31 595960] S3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-3-31 917768] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-25 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-2 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-12-11 03:26:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-12-11 03:26:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-11 03:26:32 -------- d-----w- C:\Users\slriegel\AppData\Local\Programs 2013-12-03 03:37:02 -------- d-----w- C:\Program Files (x86)\VideoLAN 2013-11-20 02:55:57 872392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe 2013-11-15 14:59:24 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-11-15 14:58:57 404480 ----a-w- C:\Windows\System32\gdi32.dll 2013-11-15 14:58:57 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-11-15 14:58:29 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-11-15 14:58:29 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-11-15 14:58:29 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-11-15 14:58:28 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-11-15 14:58:28 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL . ==================== Find3M ==================== . 2013-12-10 23:06:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-10 23:06:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll 2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll 2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll 2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll 2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll 2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe . ============= FINISH: 23:02:09.31 =============== Attach.txt file: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 3/14/2010 1:48:18 PM System Uptime: 12/10/2013 10:46:54 PM (1 hours ago) . Motherboard: LENOVO | | 2842FBU Processor: Intel® Core2 Duo CPU T6570 @ 2.10GHz | U2E1 | 1197/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 455 GiB total, 279.252 GiB free. D: is CDROM () Q: is FIXED (NTFS) - 10 GiB total, 2.299 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP196: 11/16/2013 3:01:20 AM - Windows Update RP197: 11/25/2013 7:05:35 PM - Scheduled Checkpoint RP198: 12/1/2013 3:09:51 AM - Windows Update RP199: 12/9/2013 6:13:19 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Registry Patch to arrange icons in Device and Printers folder of Windows 7 Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office system AC3Filter 1.63b Access Help Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS5.1 Adobe Reader X (10.1.8) Audacity 1.3.12 (Unicode) avast! Free Antivirus BisonCam Twain Pro Business Contact Manager for Outlook 2007 SP2 Citrix XenApp Web Plugin Contents ConvertHelper 2.2 Corel VideoStudio Pro X3 Create Recovery Media D3DX10 DeviceIO DHTML Editing Component DIBS DirectX 9 Runtime DivX Web Player Extended Update Facebook Plug-In Fireflies Screensaver (remove only) FLV Player GIMP 2.6.10 Google Talk Plugin ICA Integrated Camera Driver Installer Package Ver.1.0.1.2 Intel PROSet Wireless Intel® Graphics Media Accelerator Driver Intel® PROSet/Wireless WiFi Software Intel® Matrix Storage Manager InterVideo WinDVD 8 IPM_VS_Pro Java 7 Update 25 Java Auto Updater Java 6 Update 16 (64-bit) Java 6 Update 32 JMicron Flash Media Controller Driver Junk Mail filter update LAME v3.98.2 for Audacity Lenovo Central Lenovo Idea Notes Lenovo System Interface Driver Lenovo ThinkVantage Toolbox Lenovo Welcome Lexmark X1100 Series Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Message Center Plus Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Mouse and Keyboard Center Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Hybrid 2007 Microsoft Office Professional Plus 2013 - en-us Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Research AutoCollage Touch 2009 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 MLE Mobile Broadband Connect Mozilla Firefox 25.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component On Screen Display PDF Settings CS5 Pdf995 Photo Pos Pro PureHD Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 Rescue and Recovery Roxio Activation Module Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Creator Small Business Edition Roxio Express Labeler 3 SanctionedMedia Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition Setup Share Share64 Skype Click to Call Skype™ 5.10 SmartSound Common Data SmartSound Quicktracks 5 Sonic CinePlayer Decoder Pack Sonic Icons for Lenovo System Requirements Lab for Intel System Update The Rosetta Stone The Sims™ 3 ThinkPad FullScreen Magnifier ThinkPad Power Management Driver ThinkPad Power Manager ThinkPad UltraNav Driver ThinkPad UltraNav Utility ThinkVantage Access Connections ThinkVantage Active Protection System Trend Micro Internet Security Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.762 VD64Inst VIO VLC media player 2.1.1 VSClassic VSPro Windows Driver Package - Intel hdc (06/04/2009 7.0.0.1013) Windows Driver Package - Intel System (06/04/2009 1.0.0.0002) Windows Driver Package - Lenovo 1.55 (08/18/2009 1.55) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/10/2009 6.0.1.5892) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Player Firefox Plugin Xvid Video Codec . ==== End Of File ===========================
  5. Hello, I recentlly dowloaded the YouTube converter and immediately after all of my browsers were changed to the following address: "http://search.yahoo.com/?type=407453&fr=spigot-yhp-ff". Not only that but my settings have been changed on my browsers (Undo closed tabs is grey and the option to bring back my windows if browser crash is set to off and resets if Firefox is closed). I believe I have a virus but nothing have been able to solve this issue. Could really use some help and would like to thank you all in advanced for the work that you do here. It is entirely appreciated. Thank you. Here are my logs that I got upon following the instructions on the "I'm infected..." forum. attach.txtdds.txt
  6. I have this Yahoo/spigot thing. Chrome, IE and Firefox have been commandeered by Yahoo search. I changed the default search on Chrome but I know there is much more to be done. I ran an updated Malwarebytes quick scan and it found no malicious items. I also ran a Microsoft Security Essentials quick scan, also nothing. I would so appreciate any help! I have pasted DDS and Attach below. Please let me know if you need anything else. DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.25.2Run by Emily at 17:25:51 on 2013-10-24Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3948.2179 [GMT -7:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Bluetooth Suite\adminservice.exeC:\Windows\system32\CxAudMsg64.exeC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Program Files\Acer\Acer ePower Management\ePowerSvc.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Acer\Registration\GREGsvc.exeC:\Program Files (x86)\Launch Manager\LMutilps32.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Program Files\Acer\Acer Updater\UpdaterService.exeC:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exeC:\Program Files (x86)\Acer\Acer VCM\RS_Service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedc:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\Acer\Acer ePower Management\ePowerTray.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\system32\igfxext.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Users\Emily\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Users\Emily\AppData\Roaming\Search Protection\SearchProtection.exeC:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Program Files (x86)\Launch Manager\MMDx64Fx.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files\Acer\Acer ePower Management\ePowerEvent.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\taskeng.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exec:\Program Files\Microsoft Security Client\MpCmdRun.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uWindow Title = Internet Explorer, enhanced for Bing and MSNBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [GoogleChromeAutoLaunch_4576022B9F44AA60135391D3FA373354] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-windowuRun: [spotify Web Helper] "C:\Users\Emily\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRun: [searchProtection] "C:\Users\Emily\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostartmRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -kmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exemRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlTCP: NameServer = 192.168.2.1TCP: Interfaces\{3526DE7A-32A1-4606-B88F-7A522430D679} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{A374E05D-6378-4A90-8151-213F02E638B5} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{A374E05D-6378-4A90-8151-213F02E638B5}\3727368616D6265627 : DHCPNameServer = 192.168.1.2Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\mpw483n8.default-1365473596198\FF - prefs.js: browser.search.selectedEngine - YahooFF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Emily\AppData\LocalLow\AddLive\2.0.0.11\npAddLive.dllFF - plugin: C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\mpw483n8.default-1365473596198\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-09-25 09:57; LogMeInClient@logmein.com; C:\Users\Emily\AppData\Roaming\Mozilla\Firefox\Profiles\mpw483n8.default-1365473596198\extensions\LogMeInClient@logmein.com.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-13 56336]R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-9-23 171600]R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-2 76448]R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2012-4-30 198784]R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-8-12 352336]R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-4-30 872552]R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-17 29696]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-30 13336]R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-30 1817088]R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-8-12 255376]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2011-8-12 260640]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-30 2656280]R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-2 28832]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-8-12 138024]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-8-12 76912]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-29 80384]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-29 180736]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-30 333928]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-2 36000]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-2 298656]S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-2 201376]S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-2 55456]S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-2 154272]S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-2 280224]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-30 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-10-25 00:23:33 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{508D9A87-ADDD-4CD9-9F50-CD0BEAF25C4C}\offreg.dll2013-10-25 00:22:23 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{508D9A87-ADDD-4CD9-9F50-CD0BEAF25C4C}\mpengine.dll2013-10-24 02:32:53 -------- d-----w- C:\Users\Emily\AppData\Roaming\Search Protection2013-10-24 02:29:51 -------- d-----w- C:\Users\Emily\AppData\Roaming\uTorrent2013-10-24 01:55:19 10280728 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-10-18 18:14:59 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9FF70807-3991-44B5-B2D5-3B5D4CB1D5D5}\gapaengine.dll2013-10-18 17:57:54 -------- d-sh--w- C:\found.0082013-10-09 19:36:31 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-03 15:13:39 74648 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll2013-09-26 20:43:52 -------- d-sh--w- C:\found.0072013-09-26 18:00:39 208760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll2013-09-26 18:00:39 208760 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll2013-09-25 17:04:08 -------- d-----w- C:\Users\Emily\AppData\Local\LogMeIn2013-09-25 17:04:08 -------- d-----w- C:\ProgramData\LogMeIn.==================== Find3M ====================.2013-10-08 21:37:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-08 21:37:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-22 14:42:33 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 14:33:53 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 14:33:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-09-22 14:23:30 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-09-22 14:21:21 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-09-22 14:15:47 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-22 10:22:59 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 10:14:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-09-22 10:13:22 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 10:08:41 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-09-22 10:06:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-09-22 10:03:18 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys.============= FINISH: 17:26:56.35 =============== Attach:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 4/30/2012 10:22:06 PMSystem Uptime: 10/24/2013 4:31:49 PM (1 hours ago).Motherboard: Acer | | JM40_HRProcessor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU1 | 782/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 581 GiB total, 511.282 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP191: 9/26/2013 1:57:28 PM - Windows UpdateRP192: 9/29/2013 9:20:27 PM - Windows UpdateRP193: 10/3/2013 6:41:49 AM - Windows UpdateRP194: 10/6/2013 10:27:18 AM - Windows UpdateRP195: 10/9/2013 1:07:27 PM - Windows UpdateRP196: 10/13/2013 8:08:51 AM - Windows UpdateRP197: 10/16/2013 8:20:23 PM - Windows UpdateRP198: 10/20/2013 5:55:53 PM - Windows UpdateRP199: 10/23/2013 6:54:39 PM - Windows Update.==== Installed Programs ======================.Acer Backup ManagerAcer Crystal Eye WebcamAcer ePower ManagementAcer eRecovery ManagementAcer RegistrationAcer UpdaterAcer VCMAcrobat.comAddLive Browser PluginAdobe AIRAdobe Creative CloudAdobe Download AssistantAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Illustrator CS6Adobe InDesign CS6Adobe Photoshop CS6Adobe Photoshop Elements 11Adobe Photoshop Lightroom 5 64-bitAdobe Reader XI (11.0.05)Adobe Widget BrowserApple Application SupportApple Software UpdateAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverBackup Manager V3Bluetooth Win7 Suite (64)CCleanerConexant HD AudioD3DX10DropboxElements 11 OrganizerETDWare PS/2-X64 8.0.6.0_WHQLEvernote v. 4.6.3Galerie de photos Windows LiveGoogle ChromeGoogle DriveGoogle Earth Plug-inGoogle Update HelperIdentity CardImage Data ConverterIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® Turbo Boost Technology Monitor 2.0Java 7 Update 25Java Auto UpdaterJunk Mail filter updateLaunch ManagerLibreOffice 3.5Malwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Mozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MyWinLockerMyWinLocker 4Notepad++PDF Settings CS6PSE11 STI InstallerQuickTimeRealtek PCIE Card ReaderRenesas Electronics USB 3.0 Host Controller DriverRevo Uninstaller 1.94Search ProtectionSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Skype™ 5.10SpotifySteamUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Windows LiveWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox Plugin.==== Event Viewer Messages From Past Week ========.10/24/2013 4:34:32 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-214099353510/24/2013 4:34:32 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-214099353510/24/2013 4:34:32 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.10/24/2013 4:34:11 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.10/22/2013 6:18:44 PM, Error: Disk [15] - The device, \Device\Harddisk0\DR0, is not ready for access yet.10/17/2013 11:19:53 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Acer.10/17/2013 11:16:30 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:..==== End Of File ===========================
  7. A couple of days ago, I was recommended Vuze to download. I did so, but now even though I click on Firefox, it opens up but will not load. It will not go to any site and says it's connecting. It has also changed my default search engine to Yahoo. I declined all of this during installation of vuze , but that obviously did not matter. I've tried to delete everything concerning vuze, but that has not helped. I have found spigot on my computer as well and I'm not sure how to delete and remove all of this. What do I do to clean my computer from this mess and know for a fact vuze/spigot is gone from my computer completely ?
  8. Hello, I've taken all the steps listen in the forum about the Yahoo search malware that keeps opening in chrome. Here are the dds.scr logs: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: Run by Chef at 13:11:59 on 2013-10-15Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7659.5358 [GMT -7:00].AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\Hpservice.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exeC:\Users\Chef\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\HP SimplePass 2012\TouchControl.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exeC:\Program Files\Microsoft Mouse and Keyboard Center\itype.exeC:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\AVG\AVG2014\avgui.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exeC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\AVG\AVG2014\avgcfgex.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllmRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exemRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLYmRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeTCP: NameServer = 192.168.1.1TCP: Interfaces\{3683DCE9-1CCC-4328-8DD7-265B6811EB2A} : DHCPNameServer = 192.168.1.1SSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dllx64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-3-4 78976]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-3-4 38528]R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-9-19 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-14 204288]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-14 365568]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]R2 BackupService;BackupService;C:\Users\Chef\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2013-10-1 83512]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-9-19 2375168]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-15 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-15 701512]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-17 87168]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-9-19 46136]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-17 188544]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-15 25928]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2013-9-19 337512]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-9-19 47232]S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-19 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-19 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-9-19 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-23 1255736].=============== Created Last 30 ================.2013-10-15 19:23:22 -------- d-----w- C:\Users\Chef\AppData\Roaming\Malwarebytes2013-10-15 19:23:12 -------- d-----w- C:\ProgramData\Malwarebytes2013-10-15 19:23:11 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-15 19:23:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-15 19:22:53 -------- d-----w- C:\Users\Chef\AppData\Local\Programs2013-10-15 18:29:44 -------- d-----w- C:\AdwCleaner2013-10-15 18:00:03 -------- d--h--w- C:\Users\Chef\AppData\Roaming\AVG20142013-10-15 17:59:30 -------- d--h--w- C:\Users\Chef\AppData\Roaming\TuneUp Software2013-10-15 17:59:10 -------- d--h--w- C:\$AVG2013-10-15 17:59:10 -------- d-----w- C:\ProgramData\AVG20142013-10-15 17:58:26 -------- d-----w- C:\Program Files (x86)\AVG2013-10-15 17:55:42 -------- d--h--w- C:\Users\Chef\AppData\Local\MFAData2013-10-15 17:55:42 -------- d--h--w- C:\Users\Chef\AppData\Local\Avg20142013-10-15 17:55:42 -------- d--h--w- C:\ProgramData\Common Files2013-10-15 17:55:42 -------- d-----w- C:\ProgramData\MFAData2013-10-15 17:13:58 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-10-15 02:05:58 -------- d--h--w- C:\Users\Chef\AppData\Roaming\uTorrent2013-10-15 02:02:34 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D18B6DB4-2658-403B-ADA6-32BE9F38578B}\mpengine.dll2013-10-15 02:01:40 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-10-15 02:01:11 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-10-02 18:06:02 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}2013-10-01 18:41:52 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center2013-10-01 18:11:54 -------- d-----w- C:\ProgramData\HPSS2013-10-01 18:11:42 -------- d--h--w- C:\Users\Chef\AppData\Roaming\HP SimpleSave Application2013-10-01 18:11:41 -------- d--h--w- C:\Users\Chef\AppData\Roaming\HPSS2013-10-01 05:09:43 -------- d--h--w- C:\Users\Chef\AppData\Local\Apple Computer2013-10-01 05:09:36 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys2013-10-01 05:09:15 -------- d-----w- C:\Program Files\iPod2013-10-01 05:09:14 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-10-01 05:09:14 -------- d-----w- C:\Program Files\iTunes2013-10-01 05:09:14 -------- d-----w- C:\Program Files (x86)\iTunes2013-10-01 05:08:27 -------- d--h--w- C:\Users\Chef\AppData\Local\Apple2013-10-01 05:07:50 -------- d-----w- C:\Program Files\Bonjour2013-10-01 05:07:50 -------- d-----w- C:\Program Files (x86)\Bonjour2013-10-01 05:02:13 -------- d--h--w- C:\Users\Chef\AppData\Local\HP2013-09-30 16:16:43 -------- d--h--w- C:\Users\Chef\AppData\Roaming\LibreOffice2013-09-30 16:14:35 -------- d-----w- C:\Program Files (x86)\LibreOffice 42013-09-28 07:45:06 -------- d-----w- C:\Program Files (x86)\VideoLAN2013-09-26 04:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys2013-09-25 06:01:00 -------- d--h--w- C:\Users\Chef\AppData\Local\Google2013-09-25 06:00:56 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-09-25 06:00:56 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-25 06:00:12 -------- d--h--w- C:\Users\Chef\AppData\Local\Adobe2013-09-24 06:34:56 -------- d--h--w- C:\Users\Chef\AppData\Local\Hewlett-Packard2013-09-23 19:16:14 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-23 19:16:14 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-23 19:16:13 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-23 19:16:13 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-09-23 19:16:13 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-23 19:16:13 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-23 19:16:13 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-23 19:14:03 96768 ----a-w- C:\Windows\System32\fsutil.exe2013-09-23 19:14:03 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe2013-09-23 19:14:03 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys2013-09-23 19:14:03 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys2013-09-23 19:14:03 2565632 ----a-w- C:\Windows\System32\esent.dll2013-09-23 19:14:03 189824 ----a-w- C:\Windows\System32\drivers\storport.sys2013-09-23 19:14:03 1699328 ----a-w- C:\Windows\SysWow64\esent.dll2013-09-23 19:14:03 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys2013-09-23 19:14:03 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys2013-09-23 19:14:03 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys2013-09-23 19:12:25 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll2013-09-23 19:12:25 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2013-09-23 19:09:53 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-09-23 19:09:52 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll2013-09-23 18:57:51 -------- d-----w- C:\ProgramData\Synaptics2013-09-23 18:52:31 -------- d-----w- C:\Windows\SysWow64\Wat2013-09-23 18:52:31 -------- d-----w- C:\Windows\System32\Wat2013-09-20 07:12:13 -------- d-----w- C:\Windows\System32\MRT2013-09-20 06:59:41 9728 ----a-w- C:\Windows\System32\Wdfres.dll2013-09-20 06:59:41 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys2013-09-20 06:59:41 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui2013-09-20 06:33:36 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys2013-09-20 06:33:36 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll2013-09-20 06:33:36 744448 ----a-w- C:\Windows\System32\WUDFx.dll2013-09-20 06:33:36 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll2013-09-20 06:33:36 229888 ----a-w- C:\Windows\System32\WUDFHost.exe2013-09-20 06:33:36 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys2013-09-20 06:33:36 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll2013-09-20 06:29:10 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-09-20 06:26:51 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys2013-09-20 06:26:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-09-20 06:26:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll2013-09-20 06:26:50 5120 ----a-w- C:\Windows\System32\wmi.dll2013-09-20 06:26:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-09-20 06:22:28 1930752 ----a-w- C:\Windows\System32\authui.dll2013-09-20 06:21:59 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-09-20 06:20:59 395776 ----a-w- C:\Windows\System32\webio.dll2013-09-20 06:10:35 67072 ----a-w- C:\Windows\splwow64.exe2013-09-20 06:10:35 559104 ----a-w- C:\Windows\System32\spoolsv.exe2013-09-20 06:10:14 77312 ----a-w- C:\Windows\System32\packager.dll2013-09-20 06:10:14 67072 ----a-w- C:\Windows\SysWow64\packager.dll2013-09-20 05:51:29 -------- d-----w- C:\Program Files (x86)\Common Files\Telespree2013-09-20 05:49:44 -------- d--h--w- C:\Users\Chef\AppData\Roaming\hpqLog2013-09-20 05:48:58 -------- d-----w- C:\HP2013-09-20 05:48:02 -------- d--h--w- C:\Users\Chef\AppData\Local\AuthenTec2013-09-20 05:47:00 -------- d-----w- C:\Program Files (x86)\HP SimplePass 20122013-09-20 05:46:04 -------- d-----w- C:\Program Files\Common Files\AuthenTec2013-09-20 05:46:04 -------- d-----w- C:\Program Files (x86)\Common Files\AuthenTec2013-09-20 05:41:48 -------- d-----w- C:\d99b3ac3a35707bcae772013-09-20 05:41:45 31744 ----a-w- C:\Windows\System32\drivers\usbrpm.sys2013-09-20 05:40:37 -------- d-----w- C:\ProgramData\Downloaded Installations2013-09-20 05:38:46 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys2013-09-20 05:37:14 180736 ----a-w- C:\Windows\System32\ifsutil.dll2013-09-20 05:37:14 148992 ----a-w- C:\Windows\SysWow64\ifsutil.dll2013-09-20 05:29:51 -------- d-----w- C:\Windows\Hewlett-Packard2013-09-20 05:21:47 -------- d-----w- C:\Windows\SysWow64\sda2013-09-20 05:21:18 9888360 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll2013-09-20 05:21:18 337512 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys2013-09-20 05:21:18 -------- d-----w- C:\Program Files (x86)\Realtek2013-09-20 05:15:43 -------- d--h--w- C:\Users\Chef\AppData\Roaming\Synaptics2013-09-20 05:13:14 -------- d-----w- C:\Program Files\Synaptics2013-09-20 05:09:53 -------- d-----w- C:\Program Files\Validity Sensors2013-09-20 05:08:11 -------- d--h--w- C:\Users\Chef\AppData\Local\AMD2013-09-20 05:07:59 -------- d--h--w- C:\Users\Chef\AppData\Local\ATI2013-09-20 05:04:54 0 ----a-w- C:\Windows\ativpsrm.bin2013-09-20 05:01:59 -------- d-----w- C:\Program Files (x86)\AMD APP2013-09-20 05:01:57 -------- d-----w- C:\Program Files\Common Files\ATI Technologies2013-09-20 05:01:57 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies2013-09-20 05:01:03 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys2013-09-20 05:01:03 -------- d-----w- C:\ProgramData\AMD2013-09-20 05:00:57 47232 ----a-w- C:\Windows\System32\drivers\usbfilter.sys2013-09-20 04:59:50 -------- d-----w- C:\Program Files (x86)\ATI Technologies2013-09-20 04:59:37 -------- d-----w- C:\Program Files\ATI Technologies2013-09-20 04:59:35 -------- d-----w- C:\Program Files\ATI2013-09-20 04:07:05 -------- d-----w- C:\Program Files (x86)\Renesas Electronics2013-09-20 04:06:13 -------- d-sh--w- C:\Windows\Installer2013-09-20 03:11:14 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2013-09-20 03:11:13 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2013-09-20 03:11:13 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2013-09-20 03:07:25 220160 ----a-w- C:\Windows\System32\staco64.dll2013-09-20 03:07:24 521728 ----a-w- C:\Windows\System32\drivers\stwrt64.sys2013-09-20 03:07:23 652288 ------w- C:\Windows\System32\stapi64.dll2013-09-20 03:07:23 431616 ----a-w- C:\Windows\System32\stcplx64.dll2013-09-20 03:07:23 1500672 ----a-w- C:\Windows\System32\stapo64.dll2013-09-20 03:07:18 -------- d-----w- C:\Program Files\IDT2013-09-20 03:05:04 2622464 ----a-w- C:\Windows\System32\wucltux.dll2013-09-20 03:04:54 99840 ----a-w- C:\Windows\System32\wudriver.dll2013-09-20 03:04:31 36864 ----a-w- C:\Windows\System32\wuapp.exe2013-09-20 03:04:31 186752 ----a-w- C:\Windows\System32\wuwebv.dll2013-09-20 03:02:51 -------- d-----w- C:\ProgramData\Ralink Driver2013-09-20 03:02:21 -------- d-----w- C:\SWSetup2013-09-20 02:31:38 -------- d--h--w- C:\Users\Chef\AppData\Local\Diagnostics2013-09-20 02:10:27 -------- d-----w- C:\Windows\Panther.==================== Find3M ====================.2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-09 05:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-02 17:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2013-09-02 17:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys2013-09-02 17:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2013-09-02 17:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-24 00:27:08 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll2013-08-24 00:27:08 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll2013-08-21 05:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys2013-08-07 11:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 23:07:06 251192 ----a-w- C:\Windows\System32\drivers\avgtdia.sys2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-20 10:33:12 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-07-20 10:33:08 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll.============= FINISH: 13:12:26.48 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 9/19/2013 7:26:21 PMSystem Uptime: 10/15/2013 12:18:04 PM (1 hours ago).Motherboard: Hewlett-Packard | | 358BProcessor: AMD A8-3500M APU with Radeon HD Graphics | Socket FS1 | 795/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 594 GiB total, 452.887 GiB free.D: is CDROM ()E: is FIXED (FAT32) - 2 GiB total, 1.985 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP48: 10/2/2013 11:06:12 AM - Installed HP Support AssistantRP49: 10/2/2013 11:08:55 AM - Windows Modules InstallerRP50: 10/2/2013 11:09:41 AM - Windows Modules InstallerRP51: 10/14/2013 7:01:40 PM - Windows UpdateRP52: 10/15/2013 10:00:24 AM - Windows UpdateRP53: 10/15/2013 10:58:12 AM - Installed AVG 2014RP54: 10/15/2013 10:58:40 AM - Installed AVG 2014.==== Installed Programs ======================.Adobe Flash Player 11 ActiveXAMD APP SDK RuntimeAMD FuelAMD VISION Engine Control CenterApple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAuthenTec TrueAPIAVG 2014BonjourCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishESU for Microsoft Windows 7 SP1Google ChromeHewlett-Packard ACLM.NET v1.2.1.1HP 3D DriveGuardHP Connection ManagerHP Customer Experience EnhancementsHP On Screen DisplayHP Power ManagerHP Quick LaunchHP SimplePass 2012HP Software FrameworkHP Support AssistantIDT AudioiTunesLibreOffice 4.1.1.2Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Mouse and Keyboard CenterMicrosoft SilverlightMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Ralink RT5390 802.11b/g/n WiFi AdapterRealtek PCIE Card ReaderRenesas Electronics USB 3.0 Host Controller DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Synaptics TouchPad DriverUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Validity WBF DDKVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesVLC media player 2.1.0WMV9/VC-1 Video Playback.==== Event Viewer Messages From Past Week ========.10/15/2013 12:17:18 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}10/15/2013 12:06:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}10/15/2013 12:06:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/15/2013 12:06:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}10/15/2013 12:06:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}10/15/2013 12:06:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}10/15/2013 12:06:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 12:06:19 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.10/15/2013 11:35:10 AM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.10/15/2013 11:35:09 AM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.10/15/2013 10:04:16 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).10/14/2013 8:01:20 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10..==== End Of File ===========================
  9. Hello, I am recently unable to use either the google or yahoo search engine. Some research on another machine tells me this is malware of some sort, but I did a quick scan with my malwarebytes software and nothing came up. It seems mildly familiar to the google redirect virus, but it's not redirecting me. I just can't even get www.google.com to pull up at all on my PC. The google search function in my toolbar won't work either. I am able to get to www.yahoo.com, but once I'm there am unable to perform a search. It just sits there and looks like it's trying to load forever and then a page come up that says "unable to display web page" or something like that. How can I fix this? Thanks.
  10. This just started about an hour ago, and I haven't downloaded anything new. When I click on the Home button it goes to: http://search.yahoo.com/?type=386496&fr=spigot-yhp-ie (in IE)http://search.yahoo.com/?type=386496&fr=spigot-yhp-ch (in chrome)http://search.yahoo.com/?type=386496&fr=spigot-yhp-ff (in Firefox)Note: The yhp- designation in the URL indicates its knowledge of the browser. All the URLs have "spigot" in them, and I have uninstalled a couple of items (using control panel) that had Spigot as the publisher, but that hasn't helped. Nor has running the Flash Scan...which deletes the items, but hasn't solved the problem. Thanks for any help. SS
  11. Hello everyone My teenage son decided to download Vuze onto my laptop last night and when i logged on this morning and went on the internet all my searches were being redirected though yahoo and its really annoying. I did some searching and saw a program called spiggot in a bunch of files. So i went into C:\Program Files (x86)\Common Files and found a spiggot folder and deleted it but it's still going through yahoo. Ive had this happen to my laptop before and i just did a complete system restore on the computer. I would like to somehow remove it though this time because i have important documents saved on here that i cannot move. Anyone have any suggestions?
  12. So, recently I started getting my Google and Yahoo links redirected when I opened them in a new window. It happens about 1/3 of the time. It appears to happen only in Firefox, not IE. I tried all the steps of resetting Firefox and removing cookies and add-ons, but it keeps coming back. I ran Malwarebytes when this first started and I also ran Malwarebytes just now. I updated in Safe Mode With Networking, then shut down and restarted in full Safe Mode just to be sure. No infections were found. I installed a redirect blocker add-on to Firefox, and it seems to be working but I don't want to leave whatever this is in my system. Oh, this has been going on for between 7-12 days I think. At first I thought it was problems with the websites, then I figured if I waited a few days Malwarebytes would be updated to fix it. Now I'm contacting you all. Here's the DDS stuff (I wasn't sure which part of McAfee was the Script Blocker, so I shut it all down when I ran the program. It's normally up): . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2 Run by Blevins at 1:56:37 on 2012-10-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8174.6534 [GMT -7:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Windows\system32\atieclxx.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\mfevtps.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\notepad.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://ww2.cox.com/myconnection/arizona/home.cox mStart Page = hxxp://search.coupons.com/ mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120626233021.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: TBSB07898 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Coupons.com CouponBar: {8660e5b3-6c41-44de-8503-98d99bbecd41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [wmpmic] "C:\Windows\System32\rundll32.exe" "C:\Users\Blevins\AppData\Roaming\wmpmic.dll",init_mmx_flags mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot StartupFolder: C:\Users\Blevins\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMPULS~1.LNK - C:\Program Files (x86)\Impulse\Now\ImpulseNow.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL Trusted Zone: intuit.com\ttlc DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 172.16.0.1 TCP: Interfaces\{0E202E70-4BCB-4752-9D6E-8F3E498104D5} : DhcpNameServer = 172.16.0.1 TCP: Interfaces\{76991D54-D520-42E3-BB98-C9A1B6F526AA} : DhcpNameServer = 172.16.0.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO-X64: Canon Easy-WebPrint EX BHO - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120626233021.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO-X64: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll BHO-X64: TBSB07898 - No File BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB-X64: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun-x64: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Blevins\AppData\Roaming\Mozilla\Firefox\Profiles\61fkxzme.default-1348990963794\ FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Blevins\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-31 13592] R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-3-29 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-3-29 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-3-29 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-3-29 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-3-29 210584] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-9-15 1258856] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-1-31 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-15 250288] S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 114144] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-09-22 10:38:51 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2012-09-16 10:22:18 -------- d-----w- C:\Users\Blevins\AppData\Roaming\NVIDIA 2012-09-15 08:00:06 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-09-15 08:00:06 63336 ----a-w- C:\Windows\System32\nvshext.dll 2012-09-15 08:00:06 6198120 ----a-w- C:\Windows\System32\nvcpl.dll 2012-09-15 08:00:06 3487434 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-09-15 08:00:06 3266920 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-09-15 08:00:06 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll 2012-09-15 08:00:06 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2012-09-15 07:58:19 -------- d-----w- C:\Program Files\NVIDIA Corporation 2012-09-15 07:55:56 -------- d-----w- C:\NVIDIA 2012-09-14 12:49:12 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-09-13 08:56:54 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-09-13 08:56:54 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-09-12 10:19:37 -------- d-----w- C:\Program Files (x86)\SplitMediaLabs 2012-09-11 11:28:16 -------- d-----w- C:\Users\Blevins\AppData\Roaming\Ad-Aware Antivirus 2012-09-11 07:39:08 -------- d-----r- C:\Program Files (x86)\Skype 2012-09-11 07:37:05 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll 2012-09-11 07:36:57 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2012-09-11 07:36:53 150736 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll 2012-09-11 07:36:51 129176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll 2012-09-08 11:30:57 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\breakpadinjector.dll 2012-09-08 11:30:57 266720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\components\browsercomps.dll 2012-09-08 11:30:57 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll 2012-09-05 23:57:08 -------- d-----w- C:\ProgramData\225932FD16A4C19BCDC3199BF875F002 2012-09-05 23:56:49 -------- d-----w- C:\Users\Blevins\AppData\Local\{54C1A0CC-F7B5-11E1-8270-B8AC6F996F26} . ==================== Find3M ==================== . 2012-09-22 10:38:46 916456 ----a-w- C:\Windows\System32\deployJava1.dll 2012-09-22 10:38:46 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-09-20 23:27:09 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-20 23:27:09 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-11 07:36:48 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-09-11 07:36:48 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-09-08 00:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-30 17:40:14 429416 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-08-22 08:28:35 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-08-22 08:28:32 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-22 08:28:32 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-14 07:11:14 71680 ----a-w- C:\Windows\System32\frapsv64.dll 2012-08-14 07:11:12 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll 2012-07-28 05:47:40 187392 ----a-w- C:\Windows\System32\clinfo.exe 2012-07-28 05:47:24 75776 ----a-w- C:\Windows\System32\OpenVideo64.dll 2012-07-28 05:47:16 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2012-07-28 05:47:10 63488 ----a-w- C:\Windows\System32\OVDecode64.dll 2012-07-28 05:47:06 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2012-07-28 05:46:56 16464896 ----a-w- C:\Windows\System32\amdocl64.dll 2012-07-28 05:46:06 13013504 ----a-w- C:\Windows\SysWow64\amdocl.dll 2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-07-28 03:43:12 70144 ----a-w- C:\Windows\System32\coinst_8.982.dll 2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll 2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-07-28 02:15:42 931328 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-07-28 02:13:56 1100288 ----a-w- C:\Windows\System32\aticfx64.dll 2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe 2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-07-28 02:07:10 6430208 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll 2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-07-28 01:35:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-07-28 01:35:00 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-07-28 01:30:10 13605888 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll 2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-07-28 01:15:08 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-07-28 01:15:08 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-07-28 01:14:56 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-07-28 01:13:48 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-07-28 01:13:32 83456 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2012-07-25 22:51:44 28104 ----a-w- C:\Windows\System32\xfcodec64.dll . ============= FINISH: 1:57:08.92 =============== Attach.txt
  13. Also google mail is had lost the labels from the on screen button, buttons function correctly but display is bare. Ran a malware bytes Pro quick scan, nothing detected. Ran dds.scr and here are the 2 logs: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Valued Customer at 11:08:16 on 2012-04-04 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.226 [GMT -4:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Documents and Settings\Valued Customer\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [WorkForce 610(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\docume~1\valued~1\locals~1\temp\E_S12.tmp" /EF "HKCU" uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" mRun: [<NO NAME>] mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\docume~1\valued~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\valued customer\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\valued customer\application data\mozilla\firefox\profiles\68syx7ol.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\program files\google\picasa3\npPicasa3.dll . ============= SERVICES / DRIVERS =============== . R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-26 654408] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-26 22344] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] . =============== Created Last 30 ================ . 2012-04-09 13:43:49 -------- d-----w- c:\program files\iPod 2012-04-09 13:43:22 -------- d-----w- c:\program files\iTunes 2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-18 23:48:35 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-03-18 23:48:35 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll . ==================== Find3M ==================== . 2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:01:32 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec 2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys 2012-01-12 10:46:28 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll 2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 11:08:33.71 =============== dds.txt attach.txt
  14. i believe my computer has been hijacked by yahoo redirect? thank you in advance for your help dds.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29 Run by Michelle at 10:18:32 on 2012-01-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.1389 [GMT -5:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe C:\Program Files (x86)\Google\Google Talk\googletalk.exe C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\taskeng.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\splwow64.exe C:\Users\Michelle\Documents\Temporary Downloads\HijackThis.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/?rlz=1V1IPYX uSearch Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll uURLSearchHooks: H - No File uURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll BHO: kikin Plugin: {e601996f-e400-41ca-804b-cd6373a7eee2} - C:\Program Files (x86)\kikin\ie_kikin.dll BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MusicManager] "C:\Users\Michelle\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRunOnce: [Application Restart #7] C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe "C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe mRun: [buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [mxomssmenu] "C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [AdobeVersionCue] C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [<NO NAME>] mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f StartupFolder: C:\Users\Michelle\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{CF225DEA-6F75-4F53-9F79-91AB27AE35CF} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F3121FA8-2DBC-441B-A366-2995A73FB82B} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\PROGRA~2\Google\GOBCA7~1\GO36F4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO-X64: Ad-Aware Security Toolbar - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll BHO-X64: Google Gears Helper - No File BHO-X64: kikin Plugin: {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun-x64: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe mRun-x64: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe mRun-x64: [buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun-x64: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [mxomssmenu] "C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [AdobeVersionCue] C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [(Default)] mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent AppInit_DLLs-X64: C:\PROGRA~2\Google\GOBCA7~1\GO36F4~1.DLL SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\cawsbx5t.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Musicnotes\npmusicn.dll FF - plugin: C:\Program Files (x86)\Musicnotes\NPSibelius.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Users\Michelle\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Users\Michelle\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Michelle\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-11-30 1157240] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120113.002\IDSviA64.sys [2012-1-14 488568] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-9-10 22072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-12-2 2152152] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-5-27 130008] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040] R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-9-3 173352] R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-10-7 296360] R3 ACPIService;Buttons and OSDs ACPI driver gen2;C:\Windows\system32\DRIVERS\OSDACPI.SYS --> C:\Windows\system32\DRIVERS\OSDACPI.SYS [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AVerAVF2;AVerAVF2;C:\Windows\system32\DRIVERS\AVerAVF2.sys --> C:\Windows\system32\DRIVERS\AVerAVF2.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-18 138360] R3 hidkmdf;Microsoft HID Class Shim for KMDF;C:\Windows\system32\DRIVERS\hidkmdf.sys --> C:\Windows\system32\DRIVERS\hidkmdf.sys [?] R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-24 17152] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 NW1950;NextWindow 1950 Touch Screen;C:\Windows\system32\DRIVERS\NW1950.sys --> C:\Windows\system32\DRIVERS\NW1950.sys [?] R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-2 135664] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS --> C:\Windows\system32\drivers\BVRPMPR5a64.SYS [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-2-2 30192] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-2 135664] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-01-14 13:01:20 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll 2012-01-14 13:01:20 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll 2012-01-14 13:01:20 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll 2012-01-14 13:01:20 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll 2012-01-11 17:17:50 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 17:17:50 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 17:17:50 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 17:17:49 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 17:17:44 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 17:17:44 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 17:17:43 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 17:17:43 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-01-05 21:37:52 -------- d-----w- C:\Users\Michelle\.morena 2012-01-05 21:37:52 -------- d-----w- C:\Users\Michelle\.epaysol 2011-12-27 17:24:25 16432 ----a-w- C:\Windows\System32\lsdelete.exe 2011-12-25 04:24:53 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2011-12-25 04:22:28 -------- d-----w- C:\Users\Michelle\AppData\Local\adaware 2011-12-25 04:22:27 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection 2011-12-25 04:22:20 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner 2011-12-25 04:22:01 -------- d-----w- C:\Program Files (x86)\adawaretb 2011-12-25 04:21:52 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys 2011-12-25 04:21:45 -------- d-----w- C:\Program Files (x86)\Lavasoft 2011-12-16 01:14:12 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar 2011-12-16 01:14:12 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot 2011-12-16 01:14:12 -------- d-----w- C:\Program Files (x86)\Application Updater . ==================== Find3M ==================== . 2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-11-21 07:05:18 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-11-21 06:35:20 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll 2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll 2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll . ============= FINISH: 10:19:39.55 =============== attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/2/2010 9:23:29 PM System Uptime: 1/12/2012 4:21:03 AM (54 hours ago) . Motherboard: PEGATRON CORPORATION | | JESSE Processor: AMD Athlon II X3 400e Processor | CPU 1 | 2200/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 584 GiB total, 493.407 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1.752 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Realtek PCIe GBE Family Controller Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A8E103C&REV_03\4&501C3E4&0&0038 Manufacturer: Realtek Name: Realtek PCIe GBE Family Controller PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A8E103C&REV_03\4&501C3E4&0&0038 Service: RTL8167 . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Virtual WiFi Miniport Adapter Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&251D7A6&0&01 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&251D7A6&0&01 Service: vwifimp . ==== System Restore Points =================== . RP205: 1/1/2012 12:00:02 AM - Scheduled Checkpoint RP206: 1/8/2012 12:00:03 AM - Scheduled Checkpoint RP207: 1/12/2012 3:00:43 AM - Windows Update RP208: 1/14/2012 8:18:32 AM - Windows Update RP209: 1/14/2012 8:20:44 AM - Windows Update RP210: 1/14/2012 8:55:51 AM - Removed Bing Maps 3D . ==== Installed Programs ====================== . ActiveCheck component for HP Active Support Library Ad-Aware Ad-Aware Security Toolbar Adobe AIR Adobe Creative Suite Adobe Flash Player 10 ActiveX Adobe Photoshop 7.0.1 Adobe Reader X (10.1.1) Adobe SVG Viewer 3.0 Amazon Kindle For PC v1.1 Amazon MP3 Downloader 1.0.15 AMD USB Filter Driver Buttons & OSDs control application gen3 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Compatibility Pack for the 2007 Office system CyberLink DVD Suite Deluxe D3DX10 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition DirectX for Managed Code Update (Summer 2004) DVD Menu Pack for HP TouchSmart Video Facebook Plug-In Garmin City Navigator North America NT 2011.10 Update Garmin USB Drivers Garmin WebUpdater Google Apps Google Chrome Google Desktop Google Earth Google Gears Google Quick Search Box Google Talk (remove only) Google Talk Plugin Google Toolbar for Firefox Google Toolbar for Internet Explorer Google Update Helper Google Updater HP Advisor HP Customer Experience Enhancements HP Deskjet 1000 J110 series Help HP Deskjet 2050 J510 series Help HP Desktop Keyboard HP Games HP MediaSmart DVD HP MediaSmart/TouchSmart Netflix HP Odometer HP Photo Creations HP Remote Solution HP Setup HP Support Assistant HP Support Information HP TouchSmart HP TouchSmart Browser HP TouchSmart Calendar HP TouchSmart Canvas HP TouchSmart Clock HP TouchSmart Live TV HP TouchSmart Music/Photo/Video HP TouchSmart Notes HP TouchSmart RecipeBox HP TouchSmart RSS HP TouchSmart Tutorials HP TouchSmart Twitter HP TouchSmart Weather HP TouchSmart Webcam HP Update HPAsset component for HP Active Support Library HTC BMP USB Driver HTC Driver Installer HTC Sync iMesh Intel AppUp(SM) center Java Auto Updater Java 6 Update 29 Juniper Networks Setup Client Juniper Networks Setup Client Activex Control Junk Mail filter update kikin plugin 2.8 LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.60.0.1800 Maxtor Manager Microsoft Live Search Toolbar Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Communicator 2007 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Live Meeting 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Touch Pack for Windows 7 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft XNA Framework Redistributable 3.0 Movie Theme Pack for HP TouchSmart Video Mozilla Firefox 9.0.1 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) Music Manager Musicnotes Software Suite 1.5.3 Norton 360 Norton Online Backup ParetoLogic FileCure Picasa 3 Power2Go PowerDirector Recovery Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Shutterfly Express Uploader Skype Click to Call Skype™ 5.5 SoundMAX Spelling Dictionaries Support For Adobe Reader 9 TeamViewer 5 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Windows Essentials Media Codec Pack 3.4 [64-Bit] Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WModem Driver Installer Xvid 1.1.3 final uninstall YouTube Downloader 3.4 YouTube Downloader Toolbar v4.9 . ==== Event Viewer Messages From Past Week ======== . 1/14/2012 8:20:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 1/12/2012 3:30:35 AM, Error: Service Control Manager [7000] - The NetGroup Packet Filter Driver service failed to start due to the following error: The system cannot find the file specified. 1/12/2012 3:25:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. . ==== End Of File =========================== hijackthis.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:25:30 AM, on 1/14/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe C:\Program Files (x86)\Google\Google Talk\googletalk.exe C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Michelle\Documents\Temporary Downloads\HijackThis.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Michelle\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll R3 - URLSearchHook: (no name) - {6778613D-616B-4A6C-9856-65DE943CF424} - (no file) R3 - URLSearchHook: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MusicManager] "C:\Users\Michelle\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [Application Restart #7] C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe "C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user') O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOBCA7~1\GO36F4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files (x86)\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19124 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.