Jump to content

Search the Community

Showing results for tags 'conduit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. I have an old HP Desktop, model s5310f running 64 bit Win7 Home Premium with an AMD Athlon X2 250 3.0GHz processor. I hadn't used it in awhile, mostly my kids playing stupid flash games and youtube, etc. when I noticed the HDD drive was filling up without explanation. I ran an MBAM scan out of curiosity and it found a bunch of PUP junk (pricegong, conduit, utorrent bar) and some reg keys from a trojan bho generic. It seemed to clean them, but just want to make sure everything is fully removed. HDD is still pretty full compared to what it should be. I also ran an AdwCleaner scan as well. Logs are attached. Appreciate the assistance with the remaining clean-up. AdwCleaner[C00].txt MBAM log.txt
  2. So esentially what this boils down to is that I can't enable my real time web protection. This has been plaguing me for a while now, after 2 full formatted C Drive installs of windows 10. When I install Google Chrome, every once and a while when I do a scan, it says that it found two PUP's deep down in my Appdata Local folder. I delete those, but they come back after a week or so, where do I check to remove those in Chrome? Regarding the MBAM web protection, I suspected this was a rootkit a couple reinstall back, but now I am wondering if there is anything connected to the two PUP's in chrome, because they seem kind of connected? Another weird thing I noticed when self troubleshooting this, there is a firewall addition called: resource://Microsoft.MicrosoftOfficeHub/officehubintl/AppManifest_GetOffice_DisplayName} I don't have any Microsoft office installed, but that entry in the firewall has since then disappeared. Any help is appreciated, I have one other connected hard drive, but I have scanned it about 10 times now (with my whole system scan) and it has found nothing, even with rootkit enabled.
  3. I've got an interesting situation here. Malwarebytes detect PUP.Optional.Conduit.A in a single file: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Preferences Okay, so neat I'll just delete it. When I load Chrome up again the exact same file is created with Conduit nonsense in it. Alright, lets see what's the actual problem is: "session": { "restore_on_startup": 1, "restore_on_startup_migrated": true, "startup_urls": [ "http://192.168.0.199/", "http://search.conduit.com/?ctid=CT3311875&SearchSource=48&CUI=UN26411760636841516&UM=2", "http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=CA&userid=30051f9f-600d-74a9-a73a-ac77594194cc&searchtype=hp&installDate={installDate}", "http://www.google.com" ], "startup_urls_migration_time": "13044733463109497" },Interesting. I close down Chrome, make sure all the processes are killed and manually edit the startup_urls. Reload Chrome and boom, the entries re-appear. So I'm thinking it has to do with loading pre-existing tabs when I start Chrome. Disable that setting, make sure my home page is set to something simple. Kill Chrome and restart. Entries still there. Next step, lets delete the entire file. Kill Chrome, delete the file. Reload Chrome and recheck the file. Entries are still there. At this point I've spent too much time on this problem and just decide to cheat and throw snapdo and conduit into my hosts file, as well adding an entry into dnsmasq on my linux machine. Problem remains for months with MWB unable to clean it: it just reappears regardless of what option I specify. I finally get some extra time to look into it again and eventually found this setting in Chrome: chrome://settings/startup Those two URLS were identified in there. After removing them they did not reappear in Chrome.
  4. Hello, I hope I'm doing this right. If I'm not, please tell me and I apologize. My computer is fast, not really any issues (except in the past but it's been resolved). Last december, my younger sibling tried installing something into my laptop and I had no idea she would do that. When I came home, my computer was infected by Conduit. I couldn't click on anything. All my icons were Adobe icons and I was freaking out. I don't remember what exactly I did but I was able to resolve the issue, use Malwarebytes and Norton, an Adware scanner, etc. I followed a lot of instructions from a Microsoft forum (Sevenforums? or something) and it worked. Everything seemed fine. Then I went through overheating/gaming issues. Thinking it was the virus attacking again, I took it to a computer specialist who scanned, opened it up, and cleaned it out, checked every component and it was fine. So my computer has been fine for 2-3 months now. The thing is, when I do my weekly scans for Malware, it sometimes (not always) finds Conduit. Just one. And I remove it and I restart my computer. I probably find it once a month from those 3-4 weeks I scan my computer. I stay away from malicious websites, I have my sister on a parental control account when she uses it (I had no idea I could do that before...), I dont download music for free or torrent, and the last thing I downloaded on my computer was oovoo which I made sure that it didn't include any freebies (Which I always do when I download something). So why is this thing still there? I'm afraid for my computer. It'll be two years since I first got it, in September 2015. It was a gift and a very high end laptop. Since I'm most likely going to be an Animation Arts student, I need this laptop to last me at least another 2-3 years. I've already begun saving for an equivalent if anything were to happen to it but I was hoping nothing would. Is there anything I can do to finally remove conduit completely? I noticed that I need to upload a log? I am not with my computer at the moment but I will attach that file once I am.
  5. Good afternoon, I am hoping that someone can help me remove the two instances of Conduit that Malwarebytes Pro found. The programs keep coming back. I don't see any interference with my browsers as far as I can tell but who knows. PUP.Optional.Conduit.TB.Gen POP.Optional.Conduit.TB.Gen.A I've attached the MBAM Quick Scan log from this afternoon. Thank you so much in advance!
  6. See attached results for Farbar scan. can't get it to leave the "Secure Preferences" file I have premium version of malwarebytes, just got it. that's how i know this issue is going on. i dont use sus software, i dont peer to peer, i dont go to dodgy websites. Probably got it from software Help! FRST.txt Addition.txt
  7. My computer has been infected with Bikiniland which is opening as my home page and making my computer run a lot slower. I've gone through some of the threads that have already been opened on this subject but they seemed to be solved in a case specific manner. What can I do to fix this problem?
  8. I borrowed my son's laptop a few hours ago to check my email and noticed a slew of unorthodox search engines showed up in Chrome. Then, I noticed strange hypertext directing me to links in "Shop Browser," and also some miscellaneous search suggestions from Conduit search. Well, I ran MWBAM; around 150 items were found and I quarantined 'em all. I restarted, got rid of some settings (home page stuff, unwanted search engines) in Chrome, closed Chrome and then ran another MWBAM scan. The second scan showed up clean; zero malicious items detected. Still, however, these pop-ups are appearing; also the hypertext. So, here are my Farbar FRST.txt and Addition.txt scans (attached). Please help! FRST.txt Addition.txt
  9. I noticed that Trovi had taken over my home page last week. I've attempted running RKill followed by ADW Cleaner, Malwarebytes, Junkware Removal Tool and Hitman Pro (in safe mode) as advised in several articles I found online. The cleaners appear to find the malware and remove it however when I start up Internet Explorer Trovi is still there (note Trovi is now only appearing on IE, not Chrome). I've also tried editing the registry to delete Trovi.com as the Start Page at Computer\HKEY_CURRENT_USER\Software\Microsoft\InternetExplorer\Main I've also cleared the Cache, temp files and reset Internet Explorer and Chrome and checked for any suspicious add-ons or search engines in the browser settings. I've attached the log files from Malwarebytes, AdwCleaner, JRT, Rkill and the Text and Extras files from OTL I'm not sure what else to try so any advice would be greatly appreciated. mbam-log-2014-06-23 (10-47-13).xml AdwCleanerS0.txt Extras.Txt JRT.txt OTL.Txt Rkill.txt
  10. Installed Anti Exploit free edition with the hopes of eliminating the constant reinstallment of the pup "conduit" into Google's Chrome. This conduit has the attention of many as it cannot be blocked. Malware Bytes detects it plenty and quarantines the "preferences" file in Chrome, no problem. Upon restart the "conduit" appears again and continues with its interference of mouse and keyboard function. When conduit is removed from Chrome function normalizes somewhat but the best action is to not even open Chrome it seems. Tried all the remedies nothing works. Hoping Anti Exploit gets to this pervasive problem or I will have to give up on the relatively fast Chrome browser.
  11. If I use Google CHROME on my Dell Inspiron 17R runnning Win 8.1 the daily Malware AntiMalware scan reports on two "PUP.Optional.Conduit.A" instances: " Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/21/2014Scan Time: 9:13:56 AMLogfile: Administrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.21.03Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledChameleon: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: chuck3 Scan Type: Threat ScanResult: CompletedObjects Scanned: 307489Time Elapsed: 5 hr, 11 min, 55 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledShuriken: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 2PUP.Optional.Conduit.A, C:\Users\chuck3\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://search.conduit.com/?gd=&ctid=CT3321972&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=5&UP=SP7F6038CF-2DE8-4DB4-A8BA-CBD031EBFB48&SSPV=",), Replaced,[a94ede4e42391125393b70e5788cd42c]PUP.Optional.Conduit.A, C:\Users\chuck3\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.conduit.com/?gd=&ctid=CT3321972&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=5&UP=SP7F6038CF-2DE8-4DB4-A8BA-CBD031EBFB48&SSPV=" ],), Replaced,[e017ef3d7a0166d0089efb5a39cbe61a] Physical Sectors: 0(No malicious items detected) (end)"Are these real malware? I realise that Conduit is known malware but if I have it, it must be hiding very well. I quarantine them every time they show up, but if I use Google Chrome again they recur. Does anyone know how I can clear these permanently?
  12. Hello, I'm new so I hope I'm doing this right and on the correct board. I made a recent malwarebytes scan and these appeared, I'm just wondering if it's safe to remove them from the system.
  13. As i was googling as to hot to fix it i ran into a post of a person in this forum and what i did is run adwcleaner but im not an expert as to what i would be removing thats why i would like to ask for a professional help from you guys. here is the log entry after i've done a adwcleaner scan. # AdwCleaner v3.210 - Report created 20/05/2014 at 00:54:58 # Updated 19/05/2014 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : SooyoungMyLabs - SOSHIFIED # Running from : C:\Users\SooyoungMyLabs\Downloads\Programs\adwcleaner_3.210.exe # Option : Scan ***** [ Services ] ***** Service Found : hshld Service Found : hsstrayservice Service Found : hsswd Service Found : Mext Guard Service Found : V-bates Updater ***** [ Files / Folders ] ***** File Found : C:\Users\SooyoungMyLabs\AppData\Roaming\Mozilla\Firefox\Profiles\3itq1vp7.default-1353339765581\user.js File Found : C:\Users\SooyoungMyLabs\daemonprocess.txt File Found : C:\Windows\System32\roboot64.exe File Found : C:\Windows\System32\Tasks\AmiUpdXp File Found : C:\Windows\System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 File Found : C:\Windows\Tasks\AmiUpdXp.job Folder Found : C:\Program Files (x86)\Ask.com Folder Found : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\hotspot shield Folder Found : C:\Program Files (x86)\Mobogenie Folder Found : C:\Program Files\V-bates Folder Found : C:\ProgramData\apn Folder Found : C:\ProgramData\hotspot shield Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip Folder Found : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\luyxbcq3.default\Extensions\adsremoval@adsremoval.net Folder Found : C:\Users\Administrator\AppData\Roaming\Solvusoft Folder Found : C:\Users\SooyoungMyLabs\AppData\Local\Conduit Folder Found : C:\Users\SooyoungMyLabs\AppData\Local\genienext Folder Found : C:\Users\SooyoungMyLabs\AppData\Local\Mobogenie Folder Found : C:\Users\SooyoungMyLabs\AppData\Local\SwvUpdater Folder Found : C:\Users\SooyoungMyLabs\AppData\LocalLow\Conduit Folder Found : C:\Users\SooyoungMyLabs\AppData\LocalLow\PriceGong Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\DefaultTab Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\hotspot shield Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\Mozilla\Firefox\Profiles\3itq1vp7.default-1353339765581\Smartbar Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\newnext.me Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\Solvusoft Folder Found : C:\Users\SooyoungMyLabs\AppData\Roaming\Systweak Folder Found : C:\Users\SooyoungMyLabs\Documents\Mobogenie Folder Found : C:\Windows\SysWOW64\hotspot shield ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\1ClickDownload Key Found : HKCU\Software\anchorfree Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Default Tab Key Found : HKCU\Software\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{82EA3E77-7BD2-4744-A8F2-670770767EC5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\systweak Key Found : [x64] HKCU\Software\1ClickDownload Key Found : [x64] HKCU\Software\anchorfree Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\Default Tab Key Found : [x64] HKCU\Software\Softonic Key Found : [x64] HKCU\Software\systweak Key Found : HKLM\Software\AskToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Classes\CLSID\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Default Tab Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji Key Found : HKLM\Software\hotspotshield Key Found : HKLM\Software\InstallIQ Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82EA3E77-7BD2-4744-A8F2-670770767EC5} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent-speedup-pro_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent-speedup-pro_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM Key Found : HKLM\Software\systweak Key Found : HKLM\Software\V-bates Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1 Key Found : [x64] HKLM\SOFTWARE\V-bates Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://search.conduit.com?SearchSource=10&ctid=CT1269415&CUI=UN80443440823991954 -\\ Mozilla Firefox v17.0.1 (en-US) [ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\luyxbcq3.default\prefs.js ] [ File : C:\Users\SooyoungMyLabs\AppData\Roaming\Mozilla\Firefox\Profiles\3itq1vp7.default-1353339765581\prefs.js ] Line Found : user_pref("CT1269415.1000082.isDisplayHidden", "true"); Line Found : user_pref("CT1269415.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description\":\"Classic RAp\",\"url\":\"hxxp://www.sky.fm/wma/classicrap.asx\"}"); Line Found : user_pref("CT1269415.1000234.TWC_TMP_city", "MANILA"); Line Found : user_pref("CT1269415.1000234.TWC_TMP_country", "PH"); Line Found : user_pref("CT1269415.1000234.TWC_locId", "RPXX0017"); Line Found : user_pref("CT1269415.1000234.TWC_location", "Manila, "); Line Found : user_pref("CT1269415.1000234.TWC_region", "OT"); Line Found : user_pref("CT1269415.1000234.TWC_temp_dis", "c"); Line Found : user_pref("CT1269415.1000234.TWC_wind_dis", "kmh"); Line Found : user_pref("CT1269415.1000234.weatherData", "{\"icon\":\"11.png\",\"temperature\":\"25°C\",\"temperatureClear\":\"25°C\",\"highTemperature\":\"28°C\",\"lowTemperature\":\"25°C\",\"feelsLike[...] Line Found : user_pref("CT1269415.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.FF19Solved", "true"); Line Found : user_pref("CT1269415.FirstTime", "true"); Line Found : user_pref("CT1269415.FirstTimeFF3", "true"); Line Found : user_pref("CT1269415.LoginRevertSettingsEnabled", true); Line Found : user_pref("CT1269415.RevertSettingsEnabled", true); Line Found : user_pref("CT1269415.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=2&CUI=SB_CUI&q="); Line Found : user_pref("CT1269415.UserID", "UN78768078498093768"); Line Found : user_pref("CT1269415.addressBarTakeOverEnabledInHidden", "true"); Line Found : user_pref("CT1269415.addressUrlXPETakeover", "true"); Line Found : user_pref("CT1269415.autoDisableScopes", -1); Line Found : user_pref("CT1269415.browser.search.defaultthis.engineName", "true"); Line Found : user_pref("CT1269415.countryCode", "PH"); Line Found : user_pref("CT1269415.defaultSearch", "true"); Line Found : user_pref("CT1269415.defaultSearchXPETakeover", "true"); Line Found : user_pref("CT1269415.enableAlerts", "always"); Line Found : user_pref("CT1269415.enableFix404ByUser", "TRUE"); Line Found : user_pref("CT1269415.enableSearchFromAddressBar", "true"); Line Found : user_pref("CT1269415.firstTimeDialogOpened", "true"); Line Found : user_pref("CT1269415.fixPageNotFoundError", "true"); Line Found : user_pref("CT1269415.fixPageNotFoundErrorByUser", "true"); Line Found : user_pref("CT1269415.fixPageNotFoundErrorInHidden", "true"); Line Found : user_pref("CT1269415.fixUrls", true); Line Found : user_pref("CT1269415.fullUserID", "UN78768078498093768.UP.20130625031056"); Line Found : user_pref("CT1269415.homepageuserchanged", true); Line Found : user_pref("CT1269415.hxxp___pinterest_aot_im.isEnabled.enc", "WQ=="); Line Found : user_pref("CT1269415.installDate", "9/3/2013 14:45:49"); Line Found : user_pref("CT1269415.installId", "conduitinstaller.exe"); Line Found : user_pref("CT1269415.installType", "conduitnsisintegration"); Line Found : user_pref("CT1269415.isCheckedStartAsHidden", true); Line Found : user_pref("CT1269415.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.isFirstTimeToolbarLoading", "false"); Line Found : user_pref("CT1269415.isNewTabEnabled", true); Line Found : user_pref("CT1269415.isPerformedSmartBarTransition", "true"); Line Found : user_pref("CT1269415.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Line Found : user_pref("CT1269415.keyword", "true"); Line Found : user_pref("CT1269415.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?UM=1&ctid=CT1269415&octid=CT1269415&SearchSource=15&CUI=UN78768078498093768&SSPV=&Lay=1\"}"); Line Found : user_pref("CT1269415.lastVersion", "10.16.4.519"); Line Found : user_pref("CT1269415.mam_gk_installer_preapproved.enc", "ZmFsc2U="); Line Found : user_pref("CT1269415.migrateAppsAndComponents", true); Line Found : user_pref("CT1269415.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://DownloadEnergy.OurToolbar.com/\",\"EB_[...] Line Found : user_pref("CT1269415.openThankYouPage", "false"); Line Found : user_pref("CT1269415.openUninstallPage", "true"); Line Found : user_pref("CT1269415.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=2&CUI=UN78768078498093768&UM=&q="); Line Found : user_pref("CT1269415.revertSettingsEnabled", "false"); Line Found : user_pref("CT1269415.search.searchAppId", "128333655015757195"); Line Found : user_pref("CT1269415.search.searchCount", "0"); Line Found : user_pref("CT1269415.searchInNewTabEnabledByUser", "true"); Line Found : user_pref("CT1269415.searchInNewTabEnabledInHidden", "true"); Line Found : user_pref("CT1269415.searchSuggestEnabledByUser", "true"); Line Found : user_pref("CT1269415.searchUserMode", "1"); Line Found : user_pref("CT1269415.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1269415\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DownloadEnergy.OurToolbar.com//xpi\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Download Energy\"}"); Line Found : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Line Found : user_pref("CT1269415.serviceLayer_services_Configuration_lastUpdate", "1372101059292"); Line Found : user_pref("CT1269415.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1356563794458"); Line Found : user_pref("CT1269415.serviceLayer_services_appsMetadata_lastUpdate", "1356563794377"); Line Found : user_pref("CT1269415.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356563795967"); Line Found : user_pref("CT1269415.serviceLayer_services_location_lastUpdate", "1372012548427"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358532460057"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359381352938"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360806193589"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364325164934"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366008877521"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368527108225"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372077988618"); Line Found : user_pref("CT1269415.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372180582927"); Line Found : user_pref("CT1269415.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356563796009"); Line Found : user_pref("CT1269415.serviceLayer_services_searchAPI_lastUpdate", "1372101339778"); Line Found : user_pref("CT1269415.serviceLayer_services_serviceMap_lastUpdate", "1372101339718"); Line Found : user_pref("CT1269415.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356563795930"); Line Found : user_pref("CT1269415.serviceLayer_services_toolbarSettings_lastUpdate", "1372180580126"); Line Found : user_pref("CT1269415.serviceLayer_services_translation_lastUpdate", "1372101336485"); Line Found : user_pref("CT1269415.settingsINI", true); Line Found : user_pref("CT1269415.shouldFirstTimeDialog", "false"); Line Found : user_pref("CT1269415.showToolbarPermission", "false"); Line Found : user_pref("CT1269415.smartbar.CTID", "CT1269415"); Line Found : user_pref("CT1269415.smartbar.Uninstall", "0"); Line Found : user_pref("CT1269415.smartbar.homepage", "true"); Line Found : user_pref("CT1269415.smartbar.isHidden", true); Line Found : user_pref("CT1269415.smartbar.toolbarName", "Download Energy "); Line Found : user_pref("CT1269415.startPage", "userChanged"); Line Found : user_pref("CT1269415.startPageXPETakeover", "true"); Line Found : user_pref("CT1269415.toolbarBornServerTime", "27-12-2012"); Line Found : user_pref("CT1269415.toolbarCurrentServerTime", "25-6-2013"); Line Found : user_pref("CT1269415.toolbarLoginClientTime", "Wed Mar 27 2013 05:39:26 GMT+0800 (China Standard Time)"); Line Found : user_pref("CT1269415_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1372185607865,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Line Found : user_pref("Smartbar.ConduitHomepagesList", ""); Line Found : user_pref("Smartbar.ConduitSearchEngineList", "Download Energy Customized Web Search"); Line Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=2&CUI=SB_CUI&q="); Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://ph.search.yahoo.com/search?fr=mkg030&p="); Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT1269415"); Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3321139&octid=EB_ORIGINAL_CTID&ISID=M29D4C167-EEA5-455B-85E5-25251419C1D4&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP9BEE7C00-714[...] Line Found : user_pref("browser.search.defaultenginename", "Conduit Search"); Line Found : user_pref("browser.search.defaultthis.engineName", "Download Energy Customized Web Search"); Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&CUI=UN78768078498093768&UM=1&SearchSource=3&q={searchTerms}"); Line Found : user_pref("browser.search.order.1", "Ask.com"); Line Found : user_pref("smartBar.searchInNewTabOwner", "CT1269415"); Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT1269415"); Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT1269415&SearchSource=13&CUI=SB_CUI,hxxp://search.conduit.com/?ctid=CT1269415&CUI=UN78768078498093768&UM=1&SearchSource=13")[...] Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&SearchSource=2&CUI=SB_CUI&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1269415&Search[...] Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT1269415"); Line Found : user_pref("smartbar.machineId", "UODH7BCC/CSVLQVWGUDH+PQNUIM8LSOQ6G1PZKF3OHI5TPTUBFLKH0ZX+4FLNUT9ZE+WX+UU2EEXZ5EVMPCUEW"); Line Found : user_pref("smartbar.originalHomepage", "hxxp://ph.yahoo.com/?fr=mkg031"); Line Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://ph.search.yahoo.com/search?fr=mkg030&p="); Line Found : user_pref("smartbar.originalSearchEngine", "Yahoo"); Line Found : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_search.conduit.com", "not set"); Line Found : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_whiteListSearch", "{\"isearch.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"se[...] -\\ Google Chrome v34.0.1847.137 [ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found [Extension] : amhlacfinnaffmhfohbpecabbjfhkdji Found [Extension] : ljmibnagodajacnnbifpamhggcohblip [ File : C:\Users\SooyoungMyLabs\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found [search Provider] : hxxp://search.iMesh.com/web?src=ffb&q={searchTerms} Found [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT1269415 ************************* AdwCleaner[R0].txt - [24429 octets] - [02/05/2014 02:20:20] AdwCleaner[R1].txt - [22169 octets] - [20/05/2014 00:54:58] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [22230 octets] ##########
  14. I've had the purchased version of Malwarebytes on my computer for several years now and have experienced no problems until now.. Some how I wound up with something called "Conduit" on my computer. There was an uninstall for it in programs and features in the control panel so I did the uninstall but now every time I log in I get a dialog titled RunDLL in the title bar, and this message in the body: "There was a problem starting C:\Users\mike\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll The specified module could not be found." I have searched the registry and deleted every entry containing "BackgroundContainer.dll" and every entry containing that path. There was nothing in the startup folder of my profile or the public startup folder. I also ran MSConfig and see nothing in startup that I don't recognize. There is no directory named "Conduit" under my AppData\Local\ path or anywhere else in my profile. How do I get rid of this infestation and why didn't Malwarebytes keep it from infecting my computer in the first place ?
  15. Whenever i run AdwCleaner,it always finds a "Conduit" registry key. But i know that i haven't installed a "community toolbar" on my PC, so why does that happen? (I can send logs of AdwCleaner if you want)
  16. My latest scan reported 2 PUPs that are apparently related to a "sweetpacks" tool bar. I don't have a toolbar on my Firefox but would like to get rid of these. Problem is one of them is in my Firefox prefs.js and I don't want to just delete that if I might loose something that Firefox needs. prefs.js is just a text file and I can see activity related to conduit. Can that just be edited out? Would appreciate guidance on how to resolve this. I checked the Self Help Guides, 24 pages!, but did not see anything that applied to this issue. Follows is the "copy to clipboard" data from the threat report dialoge box. =============================================================== Scan Date: 4/4/2014 Scan Time: 8:46:13 AM Logfile: Administrator: Yes Version: 2.00.0.1000 Malware Database: v2014.04.04.03 Rootkit Database: v2014.03.27.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Sherron Scan Type: Threat Scan Result: Completed Objects Scanned: 340788 Time Elapsed: 5 hr, 15 min, 22 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.Conduit.A, C:\Users\Sherron\AppData\Roaming\Mozilla\Firefox\Profiles\Dennis-XP\searchplugins\conduit.xml, , [8cc7f036700b70c6e850f36fb44ed030], PUP.Optional.SweetPacks.A, C:\Users\Sherron\AppData\Roaming\Mozilla\Firefox\Profiles\Dennis-XP\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://start.sweetpacks.com/?src=2&st=12&barid={934084FD-B2CE-11E2-B4AB-00188BCBE562}&q=") , ,[57fc0e180279e94d8c77f04eeb190af6] Physical Sectors: 0 (No malicious items detected) (end)
  17. Hi! I'm hoping that I (maybe) got rid of it? I read several things here and ran: JRT, ADW Cleaner then MBAM (I have those logs) MBAM was quarantining what seemed like 50 - 100 at once. I would clear them and then the box would fill up again. I noted in the quarantine file that many were located in the temp folders in various locations, so I deleted those. There were only about 6 that would not delete. The conduit search engine was still running in Chrome but I could not find it anywhere in Chromes Settings. So, I then I started again today, I ran dds.com . I'm wondering if the JRT logs and ADW, MBAM logs are outdated from yesterday since I cleared some stuff today? I will post those in a reply. Should I re-run? OK - Here goes DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16750 BrowserJavaVersion: 10.45.2Run by Owner at 23:33:23 on 2014-01-27Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1953 [GMT -6:00].AV: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}SP: Trend Micro Titanium Internet Security 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\svchost.exe -k NetworkServiceC:\Program Files\Trend Micro\AMSP\coreServiceShell.exeC:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exeC:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exeC:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exeC:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exeC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exeC:\Program Files (x86)\Gateway\Registration\GREGsvc.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exeC:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exeC:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Gateway\Gateway Updater\UpdaterService.exeC:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exeC:\Program Files\Box Sync\BoxSyncHelper.exeC:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exeC:\Program Files (x86)\Glary Utilities\memdefrag.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exeC:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exeC:\Program Files\Box Sync\BoxSync.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\MozyHome\mozystat.exeC:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exeC:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXEC:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exeC:\Program Files\MozyHome\mozybackup.exeC:\Program Files\MozyHome\mozybackup.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [MusicManager] "C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"uRun: [skyDrive] "C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /backgrounduRun: [Glary Memory Optimizer] "C:\Program Files (x86)\Glary Utilities\memdefrag.exe" /autostartuRun: [bDAB3CD44D7D45EEC58DB422F61BD03E74CADA2F._service_run] "C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe" --type=serviceuRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimizedmRun: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exedRunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect"StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOXSYN~1.LNK - C:\Program Files\Box Sync\BoxSync.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.htmlIE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.htmlTCP: NameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258} : DHCPNameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\34C6561627023507F64702466336 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\3586562727972E0899370296D41636 : DHCPNameServer = 10.0.2.1TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\452554E444E65647 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\84F4D454D254542423 : DHCPNameServer = 75.75.76.76 75.75.75.75TCP: Interfaces\{7435787B-D650-491A-A386-912BED018258}\D416D656474756D27657563747 : DHCPNameServer = 192.168.3.1Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dllHandler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dllAppInit_DLLs= c:\progra~2\gsb779~1.enaSSODL: WebCheck - <orphaned>SSODL: EldosMountNotificator-cbfs4 - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\SysWOW64\cbfsMntNtf4.dllSTS: Virtual Storage Mount Notification - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\SysWOW64\cbfsMntNtf4.dllx64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dllx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: YoutubeAdblocker: {E9F2720A-EB2C-8BC7-D724-EDCB5426CE19} - x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [boxSyncHelper] "C:\Program Files\Box Sync\BoxSyncHelper.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dllx64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dllx64-SSODL: WebCheck - <orphaned>x64-SSODL: EldosMountNotificator-cbfs4 - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\System32\cbfsMntNtf4.dllx64-STS: Virtual Storage Mount Notification - {B8FD60CF-9D65-44C7-BECA-891CB8C4D5AD} - C:\Windows\System32\cbfsMntNtf4.dll.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ghug7evk.default\FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLLFF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll.============= SERVICES / DRIVERS ===============.R1 cbfs4;cbfs4;C:\Windows\System32\drivers\cbfs4.sys [2013-12-29 387776]R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-9-8 87600]R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-2-26 83704]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-7-22 321064]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-11-19 25928]R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-7-22 1084448]S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2013-7-19 112080]S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]S3 DigiartyVirtualCDBus;Digiarty Virtual Driver;C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [2013-12-15 276256]S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2012-6-11 22016]S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2012-1-25 9728]S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2012-6-8 27136]S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-22 239136].=============== Created Last 30 ================.2014-01-27 12:37:05 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs2014-01-26 23:10:28 -------- d-----w- C:\zoek_backup2014-01-26 20:00:15 -------- d-----w- C:\AdwCleaner2014-01-26 19:44:41 -------- d-----w- C:\Windows\ERUNT2014-01-21 16:48:38 -------- d-----w- C:\Program Files\ART-Backup2014-01-21 12:09:09 238128 ----a-w- C:\Windows\RegBootClean64.exe2014-01-21 11:49:23 -------- d-----w- C:\ProgramData\House Of Soft2014-01-21 11:49:15 4229120 ----a-w- C:\Program Files (x86)\GS_x64.Enabler2014-01-21 11:49:15 183632 ----a-w- C:\Program Files (x86)\GSSvc.dll2014-01-21 11:48:37 -------- d-----w- C:\Users\Owner\AppData\Local\Packages2014-01-21 11:48:30 -------- d-----w- C:\Users\Owner\AppData\Local\Comodo2014-01-21 11:48:30 -------- d-----w- C:\ProgramData\17c7f4c59dc606332014-01-19 19:34:06 -------- d-----w- C:\Users\Owner\AppData\Roaming\DropboxMaster2014-01-15 03:52:09 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 03:52:09 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 03:52:09 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 03:52:09 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 03:52:09 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 03:52:09 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 03:52:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 03:52:07 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-15 03:52:05 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr2014-01-04 04:18:59 -------- d-----w- C:\Users\Owner\AppData\Local\Cisco2014-01-04 04:18:59 -------- d-----w- C:\ProgramData\Cisco2014-01-04 04:18:59 -------- d-----w- C:\Program Files (x86)\Cisco2013-12-29 20:39:07 182568 ----a-w- C:\Windows\System32\cbfsMntNtf4.dll2013-12-29 20:39:07 156456 ----a-w- C:\Windows\SysWow64\cbfsMntNtf4.dll2013-12-29 20:39:06 218408 ----a-w- C:\Windows\SysWow64\cbfsNetRdr4.dll2013-12-29 20:39:06 120104 ----a-w- C:\Windows\System32\cbfsNetRdr4.dll2013-12-29 20:39:05 387776 ----a-w- C:\Windows\System32\drivers\cbfs4.sys2013-12-29 20:37:17 9000 ----a-w- C:\Windows\System32\elevtmsg.dll2013-12-29 20:37:16 18624 ----a-w- C:\Windows\System32\drivers\vpnpbus.sys.==================== Find3M ====================.2013-12-16 00:07:01 276256 ----a-w- C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys2013-12-11 06:58:23 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 06:58:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-11-24 01:24:56 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll2013-11-24 01:24:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll.============= FINISH: 23:34:57.68 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 10/15/2010 3:01:10 PMSystem Uptime: 1/27/2014 11:02:58 PM (0 hours ago).Motherboard: Gateway | | NV53A Processor: AMD Turion II P540 Dual-Core Processor | Socket S1G4 | 2400/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 453 GiB total, 316.011 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64Device ID: ROOT\NET\0000Manufacturer: Cisco SystemsName: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64PNP Device ID: ROOT\NET\0000Service: vpnva.==== System Restore Points ===================.RP199: 1/12/2014 3:33:10 PM - Windows UpdateRP200: 1/15/2014 7:02:04 PM - Windows UpdateRP201: 1/19/2014 7:00:21 PM - Windows UpdateRP202: 1/20/2014 10:36:26 PM - Windows UpdateRP203: 1/21/2014 6:57:29 AM - Installed Evernote v. 5.0.3RP204: 1/21/2014 9:58:08 AM - Installed Evernote v. 5.1.1RP206: 1/22/2014 8:09:50 PM - Installed MozyHomeRP207: 1/26/2014 5:17:28 PM - zoek.exe restore pointRP208: 1/26/2014 7:00:24 PM - Windows UpdateRP209: 1/26/2014 11:59:51 PM - Windows UpdateRP210: 1/27/2014 11:13:21 PM - Windows Update.==== Installed Programs ======================.Acrobat.comAdobe AIRAdobe Community HelpAdobe Download AssistantAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Photoshop CS6Adobe Reader 9.5.5 MUIAdvertising CenterAMD USB Filter DriverApple Application SupportASAP UtilitiesASUS WebStorage SyncATI Catalyst Install ManagerAuslogics BoostSpeedAuslogics Disk DefragBackup Manager BasicBest Buy pc appBox Sync (64 bit)calibreCatalina Savings PrinterCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCisco AnyConnect Secure Mobility ClientCisco AnyConnect Secure Mobility Client Citrix online plug-in (DV)Citrix online plug-in (HDX)Citrix online plug-in (USB)Citrix online plug-in (Web)Coupon Printer for WindowsCyberLink PowerDVD 12DropboxEvernote v. 5.0.3Gateway InfoCentreGateway MyBackupGateway Power ManagementGateway Recovery ManagementGateway RegistrationGateway UpdaterGlary Utilities 2.56.0.1822Google Apps Migration For Microsoft Outlook® 2.3.14.36Google Apps Sync™ for Microsoft Outlook® 3.5.365.980Google ChromeGoogle DriveGoogle Talk (remove only)Google Toolbar for Internet ExplorerGoogle Update HelperGoogle+ Auto BackupGoToMeeting 5.1.0.873GS.EnablerGS.Supporter 1.80HD Video Converter Factory ProHP Deskjet 3520 series Basic Device SoftwareHP Deskjet 3520 series Setup GuideHP UpdateIdentity CardImagXpressiSEEK AnswerWorks English RuntimeJava 7 Update 45Java Auto UpdaterJavaFX 2.1.1Juniper Networks Host CheckerJuniper Networks Network Connect 7.0.0Juniper Networks Setup ClientJuniper Terminal Services ClientJunk Mail filter updateLaunch ManagerMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Choice GuardMicrosoft Office 365 Home Premium - en-usMicrosoft Office File Validation Add-InMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Microsoft_VC90_MFCLOC_x86Microsoft_VC90_MFCLOC_x86_x64MotoCastMotoHelper MergeModulesMotorola Device ManagerMotorola Device Software UpdateMOTOROLA MEDIA LINKMotorola Mobile Drivers Installation 5.9.0Mozilla Firefox 25.0.1 (x86 en-US)Mozilla Maintenance ServiceMozyHomeMSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)Music Managermy makeup makeover v2.4 updateNero 9 EssentialsNero ControlCenterNero DiscSpeedNero DiscSpeed HelpNero DriveSpeedNero DriveSpeed HelpNero Express HelpNero InfoToolNero InfoTool HelpNero InstallerNero Online UpgradeNero StartSmartNero StartSmart HelpNero StartSmart OEMNeroExpressneroxmlNFO Reader version 1.0Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentooVooPDF Settings CS6Picasa 3PlayReady PC Runtime x86Quicken 2011Quicken WillMaker Plus 2011QuickTimeRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRemote Drive 2.0.0.232Revo Uninstaller 1.94Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Shutterfly Express UploaderSkype™ 5.10StashStoriaswMSMSynaptics Pointing Device DriverThe Imagination Station (remove only)Trend Micro TitaniumTrend Micro Titanium Internet Security 2012Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Video Web CameraWindows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Live WriterWindows Media Player Firefox PluginWinRAR archiverWinX DVD Copy Pro 3.5.0WinX DVD Ripper 5.5.14WinX DVD Ripper Platinum 7.3.2WinX HD Video Converter Deluxe 4.2.1.==== Event Viewer Messages From Past Week ========.1/27/2014 6:50:36 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.1/27/2014 6:50:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.1/27/2014 6:49:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.1/27/2014 6:49:05 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Amsp service.1/27/2014 6:48:35 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.1/27/2014 6:37:19 AM, Error: Service Control Manager [7034] - The CLHNServiceForPowerDVD12 service terminated unexpectedly. It has done this 1 time(s).1/27/2014 6:37:19 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).1/27/2014 6:37:19 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.1/27/2014 6:37:19 AM, Error: Service Control Manager [7031] - The PST Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.1/27/2014 6:37:19 AM, Error: Service Control Manager [7031] - The MozyHome Backup Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.1/27/2014 6:37:19 AM, Error: Service Control Manager [7031] - The Cisco AnyConnect Secure Mobility Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.1/27/2014 6:37:18 AM, Error: Service Control Manager [7034] - The CyberLink PowerDVD 12 Media Server Monitor Service service terminated unexpectedly. It has done this 1 time(s).1/27/2014 6:37:18 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.1/27/2014 6:37:09 AM, Error: Service Control Manager [7030] - The HOSTS Anti-PUPs service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.1/27/2014 11:22:32 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.1/27/2014 11:10:00 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.1/27/2014 11:04:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.1/27/2014 11:04:07 PM, Error: Service Control Manager [7000] - The HOSTS Anti-PUPs service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.1/27/2014 10:56:18 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JERRY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7435787B-D650-491A-A386-912BED018258}. The master browser is stopping or an election is being forced..==== End Of File ===========================
  18. I followed instructions to remove conduit from my system, but it kept coming back. I locked the computer down so no one else can use it and install things they do not intend to do. I then used malwarebytes to check for all the hidden files. It was amazing how many they found. It appears I have successfully got rid of that pesky conduit. However, it looks for a file in c:\users\.........\Conduit\BackgroundContainer\BackgroundContainer.dll which is no longer there. I realize this string is in a Startup sequence somewhere but am not technical enough to know how to find it and erase or make the line unreadable. Can anyone help me? Thanks Truffles
  19. Hello, After downloading CDisplayEx which is for reading comic books, i noticed a few changes were made to my system, now all of a sudden my homepage was set to the Conduit search engine and a few weird folders popped up on my system. (I keep a close eye on things) I followed a guide to assist me in removing the unwanted ad-ware but alas, I feel like it's not all removed yet. Hoping someone can help me, -Jox Below are the needed files attached : dds.txt attach.txt
  20. I was an idiot and cruised through an install on a program from download.com and I ended up with LOADS of adware. I don't even have all of them listed up here because some of them are proving hard to find. Can anybody help me combat all these pieces of adware? I'm kinda getting overwhelmed with there being so much all at once.
  21. Have exactly the same problem as this thread: https://forums.malwarebytes.org/index.php?showtopic=138412&hl=%2Bscorpion+%2Bsaver#entry765860 - My Malwarebytes is current and does find the scorpion saver, conduit, and worse - a zero access rootkit - but when I try to finish the process to do the removals - malwarebytes hangs when it gets to "Level Quality Watcher" (see attached screenshot). I have gone ahead and scanned using RogueKiller as directed in the referenced thread above, and the log is attached. Thanks in advance for your assistance. RKreport0_S_12202013_091726.txt
  22. I installed some software last week that installed Conduit onto my machine. I think I have been able to remove almost all traces of Conduit except for on my browser. Whenever I launch Chrome, two tabs open in the same Chrome window. The first tab brings me to my homepage, while the second tab brings me to Conduit's search page (http://search.conduit.com). I would like to remove all traces of Conduit from my machine. Here are my logs: DDS.TXT DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by Jon at 19:17:55 on 2013-12-21Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16278.14108 [GMT -8:00].AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2014\avgrsa.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\atieclxx.exeC:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\AVG\AVG2014\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exeD:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Program Files (x86)\Skype\Updater\Updater.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\AVG\AVG2014\avgnsa.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\AVG\AVG2014\avgemca.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exeD:\Program Files\OpenHardwareMonitor\OpenHardwareMonitor.exeD:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exeD:\Program Files\Rainmeter\Rainmeter.exeC:\Program Files (x86)\AVG\AVG2014\avgui.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = c:\windows\syswow64\userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dlluRun: [AdobeBridge] <no file>mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLYmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRunmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\Jon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - D:\Program Files\Rainmeter\Rainmeter.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}Trusted Zone: ea.comTCP: Interfaces\{997E08A7-55C8-459F-AF2D-E11874500CAF} : NameServer = 192.168.1.16,8.8.8.8Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-Run: [LogMeIn GUI] "D:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\oyhlmkjh.default\FF - prefs.js: browser.search.selectedEngine - MixiDJ V32 Customized Web SearchFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Users\Jon\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Jon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Jon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Jon\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dllFF - plugin: D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dllFF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dllFF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dllFF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dllFF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dllFF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dllFF - plugin: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dllFF - plugin: D:\Program Files\Adobe\Acrobat 10.0\Acrobat\browser\nppdf32.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-2-25 56208]R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-10-8 239616]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]R2 LMIGuardianSvc;LMIGuardianSvc;D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2013-1-25 376168]R2 LMIInfo;LogMeIn Kernel Information Provider;D:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-11-29 15928]R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-2-24 72216]R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-2-3 427192]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-18 46568]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2013-1-17 66800]R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-2-24 32344]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]S2 StarWindServiceAE;StarWind AE Service;D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2013-12-13 130976]S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-13 111616]S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-24 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-23 1255736].=============== File Associations ===============.ShellExec: dreamweaver.exe: Open="D:\Program Files\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-12-22 03:05:43 -------- d-----w- C:\Users\Jon\AppData\Roaming\Malwarebytes2013-12-22 03:05:35 -------- d-----w- C:\ProgramData\Malwarebytes2013-12-22 03:05:34 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-12-20 17:03:31 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-12-18 07:55:50 -------- d-----w- C:\Users\Jon\AppData\Roaming\Injustice2013-12-16 01:04:07 110080 ----a-r- C:\Users\Jon\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe2013-12-16 01:04:07 110080 ----a-r- C:\Users\Jon\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe2013-12-16 01:04:07 -------- d-----w- C:\sh4ldr2013-12-16 01:04:07 -------- d-----w- C:\Program Files (x86)\Enigma Software Group2013-12-16 01:03:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard2013-12-15 19:05:47 -------- d-----w- C:\Windows\CheckSur2013-12-15 19:03:24 -------- d-----w- C:\Users\Jon\AppData\Local\NativeMessaging2013-12-15 19:03:22 -------- d-----w- C:\Users\Jon\AppData\Local\CRE2013-12-14 22:34:58 3894632 ----a-w- C:\Windows\SysWow64\pbsvc.exe2013-12-14 05:32:54 -------- d-----w- C:\Users\Jon\AppData\Local\PassMark2013-12-14 05:32:51 -------- d-----w- C:\ProgramData\Passmark2013-12-14 05:13:06 -------- d-----w- C:\Users\Jon\AppData\Local\IsolatedStorage2013-12-14 05:13:06 -------- d-----w- C:\Users\Jon\AppData\Local\Futuremark_Corporation2013-12-14 05:12:34 -------- d-----w- C:\Program Files (x86)\Futuremark2013-12-14 04:56:56 -------- d-----w- C:\Program Files (x86)\AMD AVT2013-12-14 04:56:55 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies2013-12-14 04:55:44 -------- d-----w- C:\Program Files (x86)\ATI Technologies2013-12-14 04:53:57 -------- d-----w- C:\Program Files\ATI Technologies2013-12-14 04:53:55 -------- d-----w- C:\Program Files\ATI2013-12-14 04:34:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-12-14 04:34:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-12-14 04:33:01 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys2013-12-14 04:33:01 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys2013-12-14 04:32:54 202752 ----a-w- C:\Windows\System32\scrrun.dll2013-12-14 04:32:54 168960 ----a-w- C:\Windows\System32\wscript.exe2013-12-14 04:32:54 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll2013-12-14 04:32:54 156160 ----a-w- C:\Windows\System32\cscript.exe2013-12-14 04:32:54 150016 ----a-w- C:\Windows\System32\wshom.ocx2013-12-14 04:32:54 141824 ----a-w- C:\Windows\SysWow64\wscript.exe2013-12-14 04:32:54 126976 ----a-w- C:\Windows\SysWow64\cscript.exe2013-12-14 04:32:54 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx2013-11-30 18:02:49 -------- d-----w- C:\ProgramData\Oracle.==================== Find3M ====================.2013-12-21 22:08:23 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2013-12-21 16:58:45 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02013-12-14 22:35:00 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-06 05:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys2013-11-05 05:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-11-01 07:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2013-11-01 06:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys2013-10-29 22:16:42 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe2013-10-29 22:16:40 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe2013-10-29 22:16:40 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe2013-10-29 22:16:40 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe2013-10-25 06:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2013-10-19 16:13:36 290184 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-08 17:50:12 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll2013-10-08 17:45:08 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll2013-10-08 14:01:20 156712 ----a-w- C:\Windows\System32\amdhcp64.dll2013-10-08 14:01:18 141256 ----a-w- C:\Windows\SysWow64\amdhcp32.dll2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\atimpc64.dll2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\amdpcom64.dll2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll2013-10-08 14:01:06 142792 ----a-w- C:\Windows\System32\atiuxp64.dll2013-10-08 14:01:06 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll2013-10-08 14:01:04 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll2013-10-08 14:01:04 114488 ----a-w- C:\Windows\System32\atiu9p64.dll2013-10-08 14:01:02 1237200 ----a-w- C:\Windows\System32\aticfx64.dll2013-10-08 14:01:00 1030128 ----a-w- C:\Windows\SysWow64\aticfx32.dll2013-10-08 14:00:56 9464840 ----a-w- C:\Windows\System32\atidxx64.dll2013-10-08 14:00:52 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll2013-10-08 14:00:46 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll2013-10-08 14:00:42 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll2013-10-08 14:00:36 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll2013-10-08 14:00:32 7256496 ----a-w- C:\Windows\System32\atiumd64.dll2013-10-08 13:58:42 12534784 ----a-w- C:\Windows\System32\drivers\atikmdag.sys2013-10-08 13:39:22 229376 ----a-w- C:\Windows\System32\clinfo.exe2013-10-08 13:39:06 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll2013-10-08 13:38:58 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll2013-10-08 13:38:58 127488 ----a-w- C:\Windows\System32\coinst_13.152.1.8.dll2013-10-08 13:38:52 86528 ----a-w- C:\Windows\System32\OVDecode64.dll2013-10-08 13:38:48 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll2013-10-08 13:38:30 28192256 ----a-w- C:\Windows\System32\amdocl64.dll2013-10-08 13:36:22 23761408 ----a-w- C:\Windows\SysWow64\amdocl.dll2013-10-08 13:34:34 63488 ----a-w- C:\Windows\System32\OpenCL.dll2013-10-08 13:34:28 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll2013-10-08 13:17:50 25385984 ----a-w- C:\Windows\System32\atio6axx.dll2013-10-08 13:13:44 368640 ----a-w- C:\Windows\System32\atiapfxx.exe2013-10-08 13:13:34 62464 ----a-w- C:\Windows\System32\aticalrt64.dll2013-10-08 13:13:32 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll2013-10-08 13:13:26 55808 ----a-w- C:\Windows\System32\aticalcl64.dll2013-10-08 13:13:24 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll2013-10-08 13:13:08 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll2013-10-08 13:09:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll2013-10-08 13:00:30 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll2013-10-08 12:54:10 442368 ----a-w- C:\Windows\System32\atidemgy.dll2013-10-08 12:53:58 26112 ----a-w- C:\Windows\System32\atimuixx.dll2013-10-08 12:53:50 576512 ----a-w- C:\Windows\System32\atieclxx.exe2013-10-08 12:52:58 239616 ----a-w- C:\Windows\System32\atiesrxx.exe2013-10-08 12:51:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll2013-10-08 12:29:04 96256 ----a-w- C:\Windows\System32\amdave64.dll2013-10-08 12:28:56 90624 ----a-w- C:\Windows\SysWow64\amdave32.dll2013-10-08 12:28:42 89088 ----a-w- C:\Windows\System32\atisamu64.dll2013-10-08 12:28:36 784384 ----a-w- C:\Windows\System32\atiadlxx.dll2013-10-08 12:28:34 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll2013-10-08 12:28:26 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll2013-10-08 12:28:12 75264 ----a-w- C:\Windows\System32\atig6pxx.dll2013-10-08 12:28:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll2013-10-08 12:28:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll2013-10-08 12:28:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll2013-10-08 12:27:56 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll2013-10-08 12:27:46 619008 ----a-w- C:\Windows\System32\drivers\atikmpag.sys2013-10-08 12:24:54 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll.============= FINISH: 19:18:04.74 =============== ATTACH.TXT.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 22/02/2013 22:44:45System Uptime: 21/12/2013 19:16:56 (0 hours ago).Motherboard: ASRock | | Z77 Extreme4Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 224 GiB total, 100.268 GiB free.D: is FIXED (NTFS) - 244 GiB total, 231.597 GiB free.E: is FIXED (NTFS) - 244 GiB total, 17.273 GiB free.F: is FIXED (NTFS) - 244 GiB total, 215.054 GiB free.G: is FIXED (NTFS) - 244 GiB total, 189.322 GiB free.H: is FIXED (NTFS) - 244 GiB total, 139.976 GiB free.I: is FIXED (NTFS) - 488 GiB total, 284.981 GiB free.J: is FIXED (NTFS) - 154 GiB total, 153.765 GiB free.K: is FIXED (NTFS) - 466 GiB total, 213.384 GiB free.L: is CDROM ()R: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64Device ID: ROOT\NET\0000Manufacturer: Cisco SystemsName: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64PNP Device ID: ROOT\NET\0000Service: vpnva.Class GUID: Description: Universal Serial Bus (USB) ControllerDevice ID: PCI\VEN_1B21&DEV_1042&SUBSYS_10421849&REV_00\4&37A73C8A&0&00E7Manufacturer: Name: Universal Serial Bus (USB) ControllerPNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_10421849&REV_00\4&37A73C8A&0&00E7Service: .Class GUID: Description: Universal Serial Bus (USB) ControllerDevice ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0Manufacturer: Name: Universal Serial Bus (USB) ControllerPNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0Service: .Class GUID: Description: SM Bus ControllerDevice ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FBManufacturer: Name: SM Bus ControllerPNP Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FBService: .==== System Restore Points ===================.RP142: 16/12/2013 22:41:52 - Windows UpdateRP143: 18/12/2013 03:00:10 - Windows UpdateRP144: 18/12/2013 22:42:39 - Windows UpdateRP145: 19/12/2013 23:19:58 - Windows UpdateRP146: 20/12/2013 09:00:36 - Removed Java 7 Update 45RP147: 20/12/2013 09:03:22 - Installed Java 7 Update 45RP148: 20/12/2013 18:14:20 - Windows UpdateRP149: 21/12/2013 11:26:53 - Installed DirectXRP150: 21/12/2013 11:27:24 - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106RP151: 21/12/2013 11:27:29 - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106RP152: 21/12/2013 13:22:21 - Installed DirectX.==== Installed Programs ======================.3DMark 11AC3Filter 2.5bAdobe Acrobat X Pro - English, Français, DeutschAdobe AIRAdobe Creative Suite 6 Master CollectionAdobe Flash Player 11 PluginAdobe Help ManagerAdobe Widget BrowserAllway Sync version 12.14.2AMD Accelerated Video TranscodingAMD Catalyst Control CenterAMD Catalyst Install ManagerAMD Drag and Drop TranscodingAMD Media Foundation DecodersApple Application SupportApple Software UpdateAssassins Creed IV Black FlagµTorrentAVG 2014Batman Arkham OriginsBattlefield 4™Battlelog Web PluginsblBroadcom NetLink ControllerCall of Duty: Ghosts - MultiplayerCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerChivalry: Medieval WarfareCisco AnyConnect VPN ClientDeus Ex - Human Revolution version 1.0Diablo IIIDivX SetupEA Sports™ FIFA WorldESN SonarFileZilla Client 3.6.0.2Fraps (remove only)Futuremark SystemInfoGeeks3D FurMark 1.12.0Google ChromeGoogle Talk PluginGoogle Update HelperInjustice: Gods Among Us Ultimate EditionIntel® Processor GraphicsJava 7 Update 45Java Auto UpdaterLandwirtschafts Simulator 2011Logitech Gaming SoftwareLogitech Gaming Software 8.46LogMeInMalwarebytes Anti-Malware version 1.75.0.1300MechWarrior OnlineMicrosoft .NET Framework 4.5Microsoft Office Professional Edition 2003Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft WSE 3.0 RuntimeMicrosoft_VC80_CRT_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Microsoft_VC90_MFCLOC_x86Mozilla Firefox 19.0 (x86 en-US)Mozilla Firefox 22.0 (x86 en-US)Mozilla Maintenance ServiceNeed for Speed™ RivalsNotepad++NVIDIA PhysXOpera 12.16OriginPDF Settings CS6phPunkBuster ServicesQuickTimeRainmeterRaptrRealtek High Definition Audio DriverRemember MeRSA SecurID Software TokenSafariSaints Row IVScribblenauts UnlimitedSecurity Update for Microsoft .NET Framework 4.5 (KB2737083)Security Update for Microsoft .NET Framework 4.5 (KB2742613)Security Update for Microsoft .NET Framework 4.5 (KB2789648)Security Update for Microsoft .NET Framework 4.5 (KB2833957)Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)Security Update for Microsoft .NET Framework 4.5 (KB2861208)Shank 2SimCity™SketchUp 8Skype™ 6.11SpyHunterStar Conflict Launcher 1.0.1.18StarCraft IISteamTeamSpeak 3 ClientThe Sims™ 3Tom Clancy's Splinter Cell® Blacklist™Update for Microsoft .NET Framework 4.5 (KB2750147)Update for Microsoft .NET Framework 4.5 (KB2805221)Update for Microsoft .NET Framework 4.5 (KB2805226)UplayVC80CRTRedist - 8.0.50727.4053Visual Studio 2010 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesVLC media player 2.0.8WinRAR archiverXAMPP 1.8.1.==== Event Viewer Messages From Past Week ========.21/12/2013 19:17:07, Error: Service Control Manager [7000] - The sbapifs service failed to start due to the following error: The system cannot find the file specified.21/12/2013 19:13:25, Error: Service Control Manager [7000] - The WinRing0_1_2_0 service failed to start due to the following error: The system cannot find the file specified.20/12/2013 18:14:25, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800b0100: Update for Windows 7 for x64-based Systems (KB2904266).20/12/2013 06:14:12, Error: Service Control Manager [7023] - The Server service terminated with the following error: Not enough storage is available to complete this operation.20/12/2013 06:14:12, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service has not been started.15/12/2013 18:18:25, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.15/12/2013 18:17:55, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.15/12/2013 18:17:55, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.15/12/2013 16:59:02, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).15/12/2013 13:19:15, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@0101000415/12/2013 11:31:38, Error: Service Control Manager [7000] - The StarWind AE Service service failed to start due to the following error: The system cannot find the file specified.15/12/2013 11:31:38, Error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.15/12/2013 11:31:38, Error: Service Control Manager [7000] - The LMIGuardianSvc service failed to start due to the following error: The system cannot find the file specified.14/12/2013 13:56:19, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.14/12/2013 13:56:19, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.14/12/2013 13:13:57, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}14/12/2013 13:13:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}14/12/2013 13:13:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}14/12/2013 13:13:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}14/12/2013 13:13:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}14/12/2013 13:13:50, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}14/12/2013 13:13:46, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgdiska AVGIDSDriver Avgldx64 Avgtdia CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf14/12/2013 13:13:46, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:46, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.14/12/2013 13:13:42, Error: sptd [4] - Driver detected an internal error in its data structures for ..==== End Of File ===========================
  23. To whom it may concern, Today once again I had to deal with the stupid conduit hijacker, It really does seem to come out of nowhere, I read an article that your software would detect and remove it, you offer a free trial which I have downloaded. It certainly detects many instances of the conduit entries but as soon as you hit remove the program crashes and will not respond, I have searched high and low for a fix for this and have only become more aggravated. Can anyone respond to this and explain why the program continually crashes?
  24. Malwarebytes Quick Scan: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.11.18.07 Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702New User :: NONE-BCBC617937 [administrator] 11/18/2013 1:46:10 PMmbam-log-2013-11-18 (13-46-10).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 221195Time elapsed: 8 minute(s), 12 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) -- DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2Run by New User at 13:38:53 on 2013-11-18Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.723 [GMT -8:00].AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}.============== Running Processes ================.C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Canon\MyPrinter\BJMyPrt.exeC:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeC:\Program Files\Lexmark\Monitor\ACO\LMabMON.exeC:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXEC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Lexmark\ErrorApp\LMab1err.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Java\jre7\bin\jqs.exeC:\WINDOWS\system32\LMabcoms.exeC:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dlluRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\new user\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [LMab1err] c:\program files\lexmark\errorapp\LMab1err.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startupmRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exemRun: [LMPSSDMON] c:\program files\lexmark\monitor\aco\LMabMON.exemRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXEmRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /noguimRun: [sunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.htmlIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\ssv.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 10.0.0.1TCP: Interfaces\{7E09CDC4-D7FA-4E91-9623-51ADEBE90044} : DHCPNameServer = 10.0.0.1Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dllHandler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Notify: avgrsstarter - avgrsstx.dllAppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLLHosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\FF - plugin: c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\extensions\{3b8ed69a-4d5e-4d05-898a-45915a1f028a}\plugins\np-mswmp.dllFF - plugin: c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\extensions\{3b8ed69a-4d5e-4d05-898a-45915a1f028a}\plugins\npConduitFirefoxPlugin.dllFF - plugin: c:\documents and settings\new user\local settings\application data\google\update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - ExtSQL: 2013-11-16 12:03; wrc@avast.com; c:\program files\avast software\avast\webrep\FF.============= SERVICES / DRIVERS ===============.R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-16 49944]R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-16 178304]R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-11-16 774392]R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-16 403440]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-11-16 35656]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-11-16 70384]R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-11-16 50344]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-8 30192].=============== Created Last 30 ================.2013-11-16 20:23:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-11-16 20:04:06 -------- d-----w- c:\documents and settings\new user\application data\AVAST Software2013-11-16 20:03:16 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-11-16 20:03:16 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-11-16 20:03:15 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-11-16 20:03:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-11-16 20:03:10 43152 ----a-w- c:\windows\avastSS.scr2013-11-16 20:02:48 -------- d-----w- c:\program files\AVAST Software2013-11-16 20:02:17 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software2013-11-16 19:31:04 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin2013-11-16 19:31:04 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin2013-11-16 19:31:04 1 ----a-w- c:\windows\system32\nvdrssel.bin2013-11-16 19:30:50 -------- d-----w- c:\program files\NVIDIA Corporation.==================== Find3M ====================.2013-11-16 20:23:32 145408 ----a-w- c:\windows\system32\javacpl.cpl2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll2013-10-13 07:25:08 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-10-13 07:25:02 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2013-10-13 07:24:17 18944 ----a-w- c:\windows\system32\corpol.dll2013-10-13 06:57:59 385024 ----a-w- c:\windows\system32\html.iec2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 13:39:25.96 =============== -- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 8/24/2008 6:35:12 PMSystem Uptime: 11/18/2013 1:02:18 PM (0 hours ago).Motherboard: ECS | | GeForce7050M-MProcessor: AMD Athlon 64 X2 Dual Core Processor 5600+ | CPU 1 | 2893/200mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 89 GiB total, 66.661 GiB free.D: is FIXED (NTFS) - 61 GiB total, 60.394 GiB free.E: is CDROM ()F: is Removable.==== Disabled Device Manager Items =============.Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}Description: Canon MX700 ser NetworkDevice ID: ROOT\CANON_IJ_NETWORK\0000Manufacturer: CanonName: Canon MX700 ser NetworkPNP Device ID: ROOT\CANON_IJ_NETWORK\0000Service: StillCam.==== System Restore Points ===================.RP1179: 9/12/2013 7:42:05 PM - Software Distribution Service 3.0RP1180: 9/15/2013 5:08:06 PM - System CheckpointRP1181: 9/16/2013 5:56:25 PM - System CheckpointRP1182: 9/17/2013 12:12:02 PM - Software Distribution Service 3.0RP1183: 9/18/2013 10:46:07 AM - Software Distribution Service 3.0RP1184: 9/18/2013 7:44:48 PM - Software Distribution Service 3.0RP1185: 9/19/2013 11:14:01 AM - Software Distribution Service 3.0RP1186: 9/19/2013 1:37:13 PM - Software Distribution Service 3.0RP1187: 9/19/2013 6:51:40 PM - Software Distribution Service 3.0RP1188: 9/19/2013 7:42:28 PM - Software Distribution Service 3.0RP1189: 9/20/2013 1:16:51 PM - Software Distribution Service 3.0RP1190: 9/20/2013 1:58:22 PM - Software Distribution Service 3.0RP1191: 9/22/2013 12:11:11 PM - Software Distribution Service 3.0RP1192: 9/22/2013 1:26:28 PM - Software Distribution Service 3.0RP1193: 9/23/2013 1:17:36 PM - Software Distribution Service 3.0RP1194: 9/23/2013 7:44:32 PM - Software Distribution Service 3.0RP1195: 9/24/2013 6:58:07 PM - Software Distribution Service 3.0RP1196: 9/25/2013 10:53:56 AM - Software Distribution Service 3.0RP1197: 9/25/2013 1:00:21 PM - Software Distribution Service 3.0RP1198: 9/25/2013 7:34:30 PM - Software Distribution Service 3.0RP1199: 9/26/2013 2:31:32 PM - Software Distribution Service 3.0RP1200: 9/26/2013 2:43:30 PM - Software Distribution Service 3.0RP1201: 9/29/2013 6:27:21 PM - Software Distribution Service 3.0RP1202: 9/30/2013 10:44:35 AM - Software Distribution Service 3.0RP1203: 9/30/2013 8:54:47 PM - Software Distribution Service 3.0RP1204: 10/1/2013 5:48:52 PM - Software Distribution Service 3.0RP1205: 10/1/2013 7:42:55 PM - Software Distribution Service 3.0RP1206: 10/2/2013 1:44:38 PM - Software Distribution Service 3.0RP1207: 10/2/2013 7:10:04 PM - Software Distribution Service 3.0RP1208: 10/2/2013 7:42:16 PM - Software Distribution Service 3.0RP1209: 10/3/2013 12:40:56 PM - Software Distribution Service 3.0RP1210: 10/3/2013 7:37:58 PM - Software Distribution Service 3.0RP1211: 10/4/2013 12:44:26 PM - Software Distribution Service 3.0RP1212: 10/4/2013 7:33:07 PM - Software Distribution Service 3.0RP1213: 10/5/2013 12:16:25 PM - Software Distribution Service 3.0RP1214: 10/5/2013 2:20:13 PM - Software Distribution Service 3.0RP1215: 10/5/2013 7:06:12 PM - Software Distribution Service 3.0RP1216: 10/6/2013 4:50:40 PM - Software Distribution Service 3.0RP1217: 10/6/2013 5:33:02 PM - Software Distribution Service 3.0RP1218: 10/7/2013 11:11:51 AM - Software Distribution Service 3.0RP1219: 10/7/2013 5:58:25 PM - Software Distribution Service 3.0RP1220: 10/7/2013 7:12:51 PM - Software Distribution Service 3.0RP1221: 10/9/2013 1:31:09 PM - System CheckpointRP1222: 10/9/2013 7:30:42 PM - Software Distribution Service 3.0RP1223: 10/10/2013 3:21:51 PM - Software Distribution Service 3.0RP1224: 10/10/2013 7:38:31 PM - Software Distribution Service 3.0RP1225: 10/11/2013 11:24:41 AM - Software Distribution Service 3.0RP1226: 10/11/2013 7:48:36 PM - Software Distribution Service 3.0RP1227: 10/13/2013 2:58:44 PM - Software Distribution Service 3.0RP1228: 10/13/2013 3:36:21 PM - Software Distribution Service 3.0RP1229: 10/14/2013 12:39:44 PM - Software Distribution Service 3.0RP1230: 10/14/2013 7:44:43 PM - Software Distribution Service 3.0RP1231: 10/15/2013 1:08:39 PM - Software Distribution Service 3.0RP1232: 10/15/2013 7:41:47 PM - Software Distribution Service 3.0RP1233: 10/16/2013 2:03:40 PM - Software Distribution Service 3.0RP1234: 10/16/2013 7:41:42 PM - Software Distribution Service 3.0RP1235: 10/17/2013 11:00:29 AM - Software Distribution Service 3.0RP1236: 10/17/2013 3:28:20 PM - Software Distribution Service 3.0RP1237: 10/17/2013 7:20:40 PM - Software Distribution Service 3.0RP1238: 10/18/2013 12:14:07 PM - Software Distribution Service 3.0RP1239: 10/18/2013 7:47:21 PM - Software Distribution Service 3.0RP1240: 10/19/2013 4:59:09 PM - Software Distribution Service 3.0RP1241: 10/19/2013 7:29:18 PM - Software Distribution Service 3.0RP1242: 10/20/2013 11:31:51 AM - Software Distribution Service 3.0RP1243: 10/20/2013 8:35:51 PM - Software Distribution Service 3.0RP1244: 10/21/2013 10:41:31 AM - Software Distribution Service 3.0RP1245: 10/21/2013 7:33:17 PM - Software Distribution Service 3.0RP1246: 10/22/2013 11:05:38 AM - Software Distribution Service 3.0RP1247: 10/22/2013 7:31:57 PM - Software Distribution Service 3.0RP1248: 10/23/2013 8:23:22 PM - System CheckpointRP1249: 10/24/2013 3:00:16 AM - Software Distribution Service 3.0RP1250: 10/25/2013 3:00:14 AM - Software Distribution Service 3.0RP1251: 10/25/2013 7:25:53 PM - Software Distribution Service 3.0RP1252: 10/27/2013 11:50:13 AM - Software Distribution Service 3.0RP1253: 10/27/2013 6:47:51 PM - Software Distribution Service 3.0RP1254: 10/28/2013 10:29:24 AM - Software Distribution Service 3.0RP1255: 10/28/2013 7:47:33 PM - Software Distribution Service 3.0RP1256: 10/29/2013 12:01:46 PM - Software Distribution Service 3.0RP1257: 10/29/2013 7:58:27 PM - Software Distribution Service 3.0RP1258: 10/30/2013 10:55:43 AM - Software Distribution Service 3.0RP1259: 10/30/2013 7:35:02 PM - Software Distribution Service 3.0RP1260: 10/31/2013 1:40:39 PM - Software Distribution Service 3.0RP1261: 10/31/2013 7:32:32 PM - Software Distribution Service 3.0RP1262: 11/1/2013 12:04:16 PM - Software Distribution Service 3.0RP1263: 11/1/2013 7:57:51 PM - Software Distribution Service 3.0RP1264: 11/2/2013 11:48:49 AM - Software Distribution Service 3.0RP1265: 11/2/2013 12:27:46 PM - Software Distribution Service 3.0RP1266: 11/3/2013 11:15:13 AM - Software Distribution Service 3.0RP1267: 11/3/2013 1:36:12 PM - Software Distribution Service 3.0RP1268: 11/4/2013 11:51:35 AM - Software Distribution Service 3.0RP1269: 11/4/2013 12:08:14 PM - Software Distribution Service 3.0RP1270: 11/4/2013 7:37:07 PM - Software Distribution Service 3.0RP1271: 11/5/2013 11:58:44 AM - Software Distribution Service 3.0RP1272: 11/5/2013 7:48:17 PM - Software Distribution Service 3.0RP1273: 11/6/2013 7:40:15 PM - Software Distribution Service 3.0RP1274: 11/7/2013 11:17:29 AM - Software Distribution Service 3.0RP1275: 11/7/2013 7:33:51 PM - Software Distribution Service 3.0RP1276: 11/8/2013 4:28:14 PM - Software Distribution Service 3.0RP1277: 11/8/2013 7:31:29 PM - Software Distribution Service 3.0RP1278: 11/10/2013 12:53:59 PM - Software Distribution Service 3.0RP1279: 11/10/2013 1:18:11 PM - Software Distribution Service 3.0RP1280: 11/11/2013 11:41:21 AM - Software Distribution Service 3.0RP1281: 11/12/2013 11:20:53 AM - Software Distribution Service 3.0RP1282: 11/12/2013 7:54:21 PM - Software Distribution Service 3.0RP1283: 11/13/2013 7:44:59 PM - Software Distribution Service 3.0RP1284: 11/14/2013 1:47:47 PM - Software Distribution Service 3.0RP1285: 11/14/2013 7:24:56 PM - Software Distribution Service 3.0RP1286: 11/15/2013 12:18:53 PM - Software Distribution Service 3.0RP1287: 11/15/2013 7:49:40 PM - Software Distribution Service 3.0RP1288: 11/16/2013 11:00:58 AM - Software Distribution Service 3.0RP1289: 11/16/2013 11:15:04 AM - Removed Ask Toolbar.RP1290: 11/16/2013 11:22:30 AM - Installed Java 7 Update 45RP1291: 11/16/2013 11:29:19 AM - Software Distribution Service 3.0RP1292: 11/16/2013 11:35:01 AM - Software Distribution Service 3.0RP1293: 11/16/2013 11:38:49 AM - Software Distribution Service 3.0RP1294: 11/16/2013 12:02:48 PM - avast! antivirus system restore pointRP1295: 11/16/2013 12:22:32 PM - Removed Java 7 Update 17RP1296: 11/16/2013 12:23:25 PM - Installed Java 7 Update 45RP1297: 11/16/2013 12:39:03 PM - Software Distribution Service 3.0RP1298: 11/16/2013 12:52:53 PM - Removed Java 6 Update 7RP1299: 11/17/2013 10:48:02 AM - Software Distribution Service 3.0RP1300: 11/17/2013 1:04:42 PM - Software Distribution Service 3.0RP1301: 11/17/2013 7:26:47 PM - Software Distribution Service 3.0RP1302: 11/18/2013 12:47:26 PM - Software Distribution Service 3.0.==== Installed Programs ======================.ABBYY FineReader 6.0 SprintAcrobat.comAdobe AIRAdobe Flash Player 10 PluginAdobe Flash Player ActiveXAdobe Reader 9.1Advanced WindowsCare Personalavast! Free AntivirusCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 1.0Canon MX700 seriesCanon MX700 series User RegistrationCanon My PrinterCanon Utilities Easy-PhotoPrint EXCanon Utilities Solution MenuCCleaner (remove only)DivX CodecDVD Decrypter (Remove Only)DVD Shrink 3.2GIMP 2.4.6Google ChromeGoogle DesktopHigh Definition Audio Driver Package - KB888111Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB2756822)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)Java 7 Update 45Java Auto UpdaterLexmark Scan CenterLexmark Software UninstallMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mozilla Firefox 25.0.1 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKNero 6 Enterprise EditionNVIDIA DriversOpenOffice.org 2.4PIXMA Extended Survey ProgramPresto! PageManager 7.12.31Presto! PageManager 7.15.16QuickBooks Invoice ManagerRealtek High Definition Audio DriverScanSoft OmniPage SE 4Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB2183461)Security Update for Windows Internet Explorer 7 (KB2360131)Security Update for Windows Internet Explorer 7 (KB2416400)Security Update for Windows Internet Explorer 7 (KB2482017)Security Update for Windows Internet Explorer 7 (KB2497640)Security Update for Windows Internet Explorer 7 (KB2530548)Security Update for Windows Internet Explorer 7 (KB2544521)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 7 (KB974455)Security Update for Windows Internet Explorer 7 (KB976325)Security Update for Windows Internet Explorer 7 (KB978207)Security Update for Windows Internet Explorer 7 (KB982381)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB2792100)Security Update for Windows Internet Explorer 8 (KB2797052)Security Update for Windows Internet Explorer 8 (KB2799329)Security Update for Windows Internet Explorer 8 (KB2809289)Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2846071)Security Update for Windows Internet Explorer 8 (KB2847204)Security Update for Windows Internet Explorer 8 (KB2862772)Security Update for Windows Internet Explorer 8 (KB2870699)Security Update for Windows Internet Explorer 8 (KB2879017)Security Update for Windows Internet Explorer 8 (KB2888505)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB2834903-v2)Security Update for Windows Media Player (KB2834903)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows Media Player 9 (KB936782)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2753842)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2761226)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2778344)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2799494)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2808735)Security Update for Windows XP (KB2813170)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2829361)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2847311)Security Update for Windows XP (KB2849470)Security Update for Windows XP (KB2850851)Security Update for Windows XP (KB2850869)Security Update for Windows XP (KB2859537)Security Update for Windows XP (KB2862152)Security Update for Windows XP (KB2862330)Security Update for Windows XP (KB2862335)Security Update for Windows XP (KB2864063)Security Update for Windows XP (KB2868038)Security Update for Windows XP (KB2868626)Security Update for Windows XP (KB2876217)Security Update for Windows XP (KB2876315)Security Update for Windows XP (KB2876331)Security Update for Windows XP (KB2883150)Security Update for Windows XP (KB2900986)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953838)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Spybot - Search & DestroyThe Print Shop Ensemble IIIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 7 (KB976749)Update for Windows Internet Explorer 7 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2718704)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB2863058)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)WebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Media Format RuntimeWindows Media Player 10Windows XP Service Pack 3.==== Event Viewer Messages From Past Week ========.11/16/2013 11:16:12 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.11/11/2013 11:42:53 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800f020d: nVidia - Other hardware - NVIDIA GeForce 7050 PV / NVIDIA nForce 630a..==== End Of File ===========================
  25. Malwarebytes Quick Scan: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.11.18.07 Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702New User :: NONE-BCBC617937 [administrator] 11/18/2013 1:46:10 PMmbam-log-2013-11-18 (13-46-10).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 221195Time elapsed: 8 minute(s), 12 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 1HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) -- DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2Run by New User at 13:38:53 on 2013-11-18Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.723 [GMT -8:00].AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}.============== Running Processes ================.C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Canon\MyPrinter\BJMyPrt.exeC:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exeC:\Program Files\Lexmark\Monitor\ACO\LMabMON.exeC:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXEC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Lexmark\ErrorApp\LMab1err.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Java\jre7\bin\jqs.exeC:\WINDOWS\system32\LMabcoms.exeC:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\New User\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dlluRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\new user\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [LMab1err] c:\program files\lexmark\errorapp\LMab1err.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startupmRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exemRun: [LMPSSDMON] c:\program files\lexmark\monitor\aco\LMabMON.exemRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXEmRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /noguimRun: [sunJavaUpdateSched] "c:\program files\java\jre7\bin\jusched.exe"uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.htmlIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\ssv.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 10.0.0.1TCP: Interfaces\{7E09CDC4-D7FA-4E91-9623-51ADEBE90044} : DHCPNameServer = 10.0.0.1Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dllHandler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Notify: avgrsstarter - avgrsstx.dllAppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLLHosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\FF - plugin: c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\extensions\{3b8ed69a-4d5e-4d05-898a-45915a1f028a}\plugins\np-mswmp.dllFF - plugin: c:\documents and settings\new user\application data\mozilla\firefox\profiles\pjueodee.default\extensions\{3b8ed69a-4d5e-4d05-898a-45915a1f028a}\plugins\npConduitFirefoxPlugin.dllFF - plugin: c:\documents and settings\new user\local settings\application data\google\update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - ExtSQL: 2013-11-16 12:03; wrc@avast.com; c:\program files\avast software\avast\webrep\FF.============= SERVICES / DRIVERS ===============.R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-11-16 49944]R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-11-16 178304]R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-11-16 774392]R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-16 403440]R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-11-16 35656]R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-11-16 70384]R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-11-16 50344]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-8 30192].=============== Created Last 30 ================.2013-11-16 20:23:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-11-16 20:04:06 -------- d-----w- c:\documents and settings\new user\application data\AVAST Software2013-11-16 20:03:16 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-11-16 20:03:16 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-11-16 20:03:15 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-11-16 20:03:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-11-16 20:03:10 43152 ----a-w- c:\windows\avastSS.scr2013-11-16 20:02:48 -------- d-----w- c:\program files\AVAST Software2013-11-16 20:02:17 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software2013-11-16 19:31:04 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin2013-11-16 19:31:04 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin2013-11-16 19:31:04 1 ----a-w- c:\windows\system32\nvdrssel.bin2013-11-16 19:30:50 -------- d-----w- c:\program files\NVIDIA Corporation.==================== Find3M ====================.2013-11-16 20:23:32 145408 ----a-w- c:\windows\system32\javacpl.cpl2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll2013-10-13 07:25:08 43520 ----a-w- c:\windows\system32\licmgr10.dll2013-10-13 07:25:02 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2013-10-13 07:24:17 18944 ----a-w- c:\windows\system32\corpol.dll2013-10-13 06:57:59 385024 ----a-w- c:\windows\system32\html.iec2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 13:39:25.96 =============== -- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 8/24/2008 6:35:12 PMSystem Uptime: 11/18/2013 1:02:18 PM (0 hours ago).Motherboard: ECS | | GeForce7050M-MProcessor: AMD Athlon 64 X2 Dual Core Processor 5600+ | CPU 1 | 2893/200mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 89 GiB total, 66.661 GiB free.D: is FIXED (NTFS) - 61 GiB total, 60.394 GiB free.E: is CDROM ()F: is Removable.==== Disabled Device Manager Items =============.Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}Description: Canon MX700 ser NetworkDevice ID: ROOT\CANON_IJ_NETWORK\0000Manufacturer: CanonName: Canon MX700 ser NetworkPNP Device ID: ROOT\CANON_IJ_NETWORK\0000Service: StillCam.==== System Restore Points ===================.RP1179: 9/12/2013 7:42:05 PM - Software Distribution Service 3.0RP1180: 9/15/2013 5:08:06 PM - System CheckpointRP1181: 9/16/2013 5:56:25 PM - System CheckpointRP1182: 9/17/2013 12:12:02 PM - Software Distribution Service 3.0RP1183: 9/18/2013 10:46:07 AM - Software Distribution Service 3.0RP1184: 9/18/2013 7:44:48 PM - Software Distribution Service 3.0RP1185: 9/19/2013 11:14:01 AM - Software Distribution Service 3.0RP1186: 9/19/2013 1:37:13 PM - Software Distribution Service 3.0RP1187: 9/19/2013 6:51:40 PM - Software Distribution Service 3.0RP1188: 9/19/2013 7:42:28 PM - Software Distribution Service 3.0RP1189: 9/20/2013 1:16:51 PM - Software Distribution Service 3.0RP1190: 9/20/2013 1:58:22 PM - Software Distribution Service 3.0RP1191: 9/22/2013 12:11:11 PM - Software Distribution Service 3.0RP1192: 9/22/2013 1:26:28 PM - Software Distribution Service 3.0RP1193: 9/23/2013 1:17:36 PM - Software Distribution Service 3.0RP1194: 9/23/2013 7:44:32 PM - Software Distribution Service 3.0RP1195: 9/24/2013 6:58:07 PM - Software Distribution Service 3.0RP1196: 9/25/2013 10:53:56 AM - Software Distribution Service 3.0RP1197: 9/25/2013 1:00:21 PM - Software Distribution Service 3.0RP1198: 9/25/2013 7:34:30 PM - Software Distribution Service 3.0RP1199: 9/26/2013 2:31:32 PM - Software Distribution Service 3.0RP1200: 9/26/2013 2:43:30 PM - Software Distribution Service 3.0RP1201: 9/29/2013 6:27:21 PM - Software Distribution Service 3.0RP1202: 9/30/2013 10:44:35 AM - Software Distribution Service 3.0RP1203: 9/30/2013 8:54:47 PM - Software Distribution Service 3.0RP1204: 10/1/2013 5:48:52 PM - Software Distribution Service 3.0RP1205: 10/1/2013 7:42:55 PM - Software Distribution Service 3.0RP1206: 10/2/2013 1:44:38 PM - Software Distribution Service 3.0RP1207: 10/2/2013 7:10:04 PM - Software Distribution Service 3.0RP1208: 10/2/2013 7:42:16 PM - Software Distribution Service 3.0RP1209: 10/3/2013 12:40:56 PM - Software Distribution Service 3.0RP1210: 10/3/2013 7:37:58 PM - Software Distribution Service 3.0RP1211: 10/4/2013 12:44:26 PM - Software Distribution Service 3.0RP1212: 10/4/2013 7:33:07 PM - Software Distribution Service 3.0RP1213: 10/5/2013 12:16:25 PM - Software Distribution Service 3.0RP1214: 10/5/2013 2:20:13 PM - Software Distribution Service 3.0RP1215: 10/5/2013 7:06:12 PM - Software Distribution Service 3.0RP1216: 10/6/2013 4:50:40 PM - Software Distribution Service 3.0RP1217: 10/6/2013 5:33:02 PM - Software Distribution Service 3.0RP1218: 10/7/2013 11:11:51 AM - Software Distribution Service 3.0RP1219: 10/7/2013 5:58:25 PM - Software Distribution Service 3.0RP1220: 10/7/2013 7:12:51 PM - Software Distribution Service 3.0RP1221: 10/9/2013 1:31:09 PM - System CheckpointRP1222: 10/9/2013 7:30:42 PM - Software Distribution Service 3.0RP1223: 10/10/2013 3:21:51 PM - Software Distribution Service 3.0RP1224: 10/10/2013 7:38:31 PM - Software Distribution Service 3.0RP1225: 10/11/2013 11:24:41 AM - Software Distribution Service 3.0RP1226: 10/11/2013 7:48:36 PM - Software Distribution Service 3.0RP1227: 10/13/2013 2:58:44 PM - Software Distribution Service 3.0RP1228: 10/13/2013 3:36:21 PM - Software Distribution Service 3.0RP1229: 10/14/2013 12:39:44 PM - Software Distribution Service 3.0RP1230: 10/14/2013 7:44:43 PM - Software Distribution Service 3.0RP1231: 10/15/2013 1:08:39 PM - Software Distribution Service 3.0RP1232: 10/15/2013 7:41:47 PM - Software Distribution Service 3.0RP1233: 10/16/2013 2:03:40 PM - Software Distribution Service 3.0RP1234: 10/16/2013 7:41:42 PM - Software Distribution Service 3.0RP1235: 10/17/2013 11:00:29 AM - Software Distribution Service 3.0RP1236: 10/17/2013 3:28:20 PM - Software Distribution Service 3.0RP1237: 10/17/2013 7:20:40 PM - Software Distribution Service 3.0RP1238: 10/18/2013 12:14:07 PM - Software Distribution Service 3.0RP1239: 10/18/2013 7:47:21 PM - Software Distribution Service 3.0RP1240: 10/19/2013 4:59:09 PM - Software Distribution Service 3.0RP1241: 10/19/2013 7:29:18 PM - Software Distribution Service 3.0RP1242: 10/20/2013 11:31:51 AM - Software Distribution Service 3.0RP1243: 10/20/2013 8:35:51 PM - Software Distribution Service 3.0RP1244: 10/21/2013 10:41:31 AM - Software Distribution Service 3.0RP1245: 10/21/2013 7:33:17 PM - Software Distribution Service 3.0RP1246: 10/22/2013 11:05:38 AM - Software Distribution Service 3.0RP1247: 10/22/2013 7:31:57 PM - Software Distribution Service 3.0RP1248: 10/23/2013 8:23:22 PM - System CheckpointRP1249: 10/24/2013 3:00:16 AM - Software Distribution Service 3.0RP1250: 10/25/2013 3:00:14 AM - Software Distribution Service 3.0RP1251: 10/25/2013 7:25:53 PM - Software Distribution Service 3.0RP1252: 10/27/2013 11:50:13 AM - Software Distribution Service 3.0RP1253: 10/27/2013 6:47:51 PM - Software Distribution Service 3.0RP1254: 10/28/2013 10:29:24 AM - Software Distribution Service 3.0RP1255: 10/28/2013 7:47:33 PM - Software Distribution Service 3.0RP1256: 10/29/2013 12:01:46 PM - Software Distribution Service 3.0RP1257: 10/29/2013 7:58:27 PM - Software Distribution Service 3.0RP1258: 10/30/2013 10:55:43 AM - Software Distribution Service 3.0RP1259: 10/30/2013 7:35:02 PM - Software Distribution Service 3.0RP1260: 10/31/2013 1:40:39 PM - Software Distribution Service 3.0RP1261: 10/31/2013 7:32:32 PM - Software Distribution Service 3.0RP1262: 11/1/2013 12:04:16 PM - Software Distribution Service 3.0RP1263: 11/1/2013 7:57:51 PM - Software Distribution Service 3.0RP1264: 11/2/2013 11:48:49 AM - Software Distribution Service 3.0RP1265: 11/2/2013 12:27:46 PM - Software Distribution Service 3.0RP1266: 11/3/2013 11:15:13 AM - Software Distribution Service 3.0RP1267: 11/3/2013 1:36:12 PM - Software Distribution Service 3.0RP1268: 11/4/2013 11:51:35 AM - Software Distribution Service 3.0RP1269: 11/4/2013 12:08:14 PM - Software Distribution Service 3.0RP1270: 11/4/2013 7:37:07 PM - Software Distribution Service 3.0RP1271: 11/5/2013 11:58:44 AM - Software Distribution Service 3.0RP1272: 11/5/2013 7:48:17 PM - Software Distribution Service 3.0RP1273: 11/6/2013 7:40:15 PM - Software Distribution Service 3.0RP1274: 11/7/2013 11:17:29 AM - Software Distribution Service 3.0RP1275: 11/7/2013 7:33:51 PM - Software Distribution Service 3.0RP1276: 11/8/2013 4:28:14 PM - Software Distribution Service 3.0RP1277: 11/8/2013 7:31:29 PM - Software Distribution Service 3.0RP1278: 11/10/2013 12:53:59 PM - Software Distribution Service 3.0RP1279: 11/10/2013 1:18:11 PM - Software Distribution Service 3.0RP1280: 11/11/2013 11:41:21 AM - Software Distribution Service 3.0RP1281: 11/12/2013 11:20:53 AM - Software Distribution Service 3.0RP1282: 11/12/2013 7:54:21 PM - Software Distribution Service 3.0RP1283: 11/13/2013 7:44:59 PM - Software Distribution Service 3.0RP1284: 11/14/2013 1:47:47 PM - Software Distribution Service 3.0RP1285: 11/14/2013 7:24:56 PM - Software Distribution Service 3.0RP1286: 11/15/2013 12:18:53 PM - Software Distribution Service 3.0RP1287: 11/15/2013 7:49:40 PM - Software Distribution Service 3.0RP1288: 11/16/2013 11:00:58 AM - Software Distribution Service 3.0RP1289: 11/16/2013 11:15:04 AM - Removed Ask Toolbar.RP1290: 11/16/2013 11:22:30 AM - Installed Java 7 Update 45RP1291: 11/16/2013 11:29:19 AM - Software Distribution Service 3.0RP1292: 11/16/2013 11:35:01 AM - Software Distribution Service 3.0RP1293: 11/16/2013 11:38:49 AM - Software Distribution Service 3.0RP1294: 11/16/2013 12:02:48 PM - avast! antivirus system restore pointRP1295: 11/16/2013 12:22:32 PM - Removed Java 7 Update 17RP1296: 11/16/2013 12:23:25 PM - Installed Java 7 Update 45RP1297: 11/16/2013 12:39:03 PM - Software Distribution Service 3.0RP1298: 11/16/2013 12:52:53 PM - Removed Java 6 Update 7RP1299: 11/17/2013 10:48:02 AM - Software Distribution Service 3.0RP1300: 11/17/2013 1:04:42 PM - Software Distribution Service 3.0RP1301: 11/17/2013 7:26:47 PM - Software Distribution Service 3.0RP1302: 11/18/2013 12:47:26 PM - Software Distribution Service 3.0.==== Installed Programs ======================.ABBYY FineReader 6.0 SprintAcrobat.comAdobe AIRAdobe Flash Player 10 PluginAdobe Flash Player ActiveXAdobe Reader 9.1Advanced WindowsCare Personalavast! Free AntivirusCanon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 1.0Canon MX700 seriesCanon MX700 series User RegistrationCanon My PrinterCanon Utilities Easy-PhotoPrint EXCanon Utilities Solution MenuCCleaner (remove only)DivX CodecDVD Decrypter (Remove Only)DVD Shrink 3.2GIMP 2.4.6Google ChromeGoogle DesktopHigh Definition Audio Driver Package - KB888111Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB2756822)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)Java 7 Update 45Java Auto UpdaterLexmark Scan CenterLexmark Software UninstallMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2010 x86 Redistributable - 10.0.40219Mozilla Firefox 25.0.1 (x86 en-US)Mozilla Maintenance ServiceMSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKNero 6 Enterprise EditionNVIDIA DriversOpenOffice.org 2.4PIXMA Extended Survey ProgramPresto! PageManager 7.12.31Presto! PageManager 7.15.16QuickBooks Invoice ManagerRealtek High Definition Audio DriverScanSoft OmniPage SE 4Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB2183461)Security Update for Windows Internet Explorer 7 (KB2360131)Security Update for Windows Internet Explorer 7 (KB2416400)Security Update for Windows Internet Explorer 7 (KB2482017)Security Update for Windows Internet Explorer 7 (KB2497640)Security Update for Windows Internet Explorer 7 (KB2530548)Security Update for Windows Internet Explorer 7 (KB2544521)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 7 (KB974455)Security Update for Windows Internet Explorer 7 (KB976325)Security Update for Windows Internet Explorer 7 (KB978207)Security Update for Windows Internet Explorer 7 (KB982381)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB2699988)Security Update for Windows Internet Explorer 8 (KB2722913)Security Update for Windows Internet Explorer 8 (KB2744842)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB2792100)Security Update for Windows Internet Explorer 8 (KB2797052)Security Update for Windows Internet Explorer 8 (KB2799329)Security Update for Windows Internet Explorer 8 (KB2809289)Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2846071)Security Update for Windows Internet Explorer 8 (KB2847204)Security Update for Windows Internet Explorer 8 (KB2862772)Security Update for Windows Internet Explorer 8 (KB2870699)Security Update for Windows Internet Explorer 8 (KB2879017)Security Update for Windows Internet Explorer 8 (KB2888505)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB2834903-v2)Security Update for Windows Media Player (KB2834903)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows Media Player 9 (KB936782)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2685939)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219)Security Update for Windows XP (KB2707511)Security Update for Windows XP (KB2709162)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2718523)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2731847)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2753842)Security Update for Windows XP (KB2757638)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2761226)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2778344)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB2780091)Security Update for Windows XP (KB2799494)Security Update for Windows XP (KB2802968)Security Update for Windows XP (KB2807986)Security Update for Windows XP (KB2808735)Security Update for Windows XP (KB2813170)Security Update for Windows XP (KB2813345)Security Update for Windows XP (KB2820197)Security Update for Windows XP (KB2820917)Security Update for Windows XP (KB2829361)Security Update for Windows XP (KB2834886)Security Update for Windows XP (KB2839229)Security Update for Windows XP (KB2845187)Security Update for Windows XP (KB2847311)Security Update for Windows XP (KB2849470)Security Update for Windows XP (KB2850851)Security Update for Windows XP (KB2850869)Security Update for Windows XP (KB2859537)Security Update for Windows XP (KB2862152)Security Update for Windows XP (KB2862330)Security Update for Windows XP (KB2862335)Security Update for Windows XP (KB2864063)Security Update for Windows XP (KB2868038)Security Update for Windows XP (KB2868626)Security Update for Windows XP (KB2876217)Security Update for Windows XP (KB2876315)Security Update for Windows XP (KB2876331)Security Update for Windows XP (KB2883150)Security Update for Windows XP (KB2900986)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953838)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Spybot - Search & DestroyThe Print Shop Ensemble IIIUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 7 (KB976749)Update for Windows Internet Explorer 7 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2718704)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB2863058)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)WebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Media Format RuntimeWindows Media Player 10Windows XP Service Pack 3.==== Event Viewer Messages From Past Week ========.11/16/2013 11:16:12 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.11/11/2013 11:42:53 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x800f020d: nVidia - Other hardware - NVIDIA GeForce 7050 PV / NVIDIA nForce 630a..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.